Have I been Hacked?

Have I Been Hacked? Now What? Anymore, computer security is just as important as Home security. You wouldn't leave your front door open when you go out for a night on the town. So why would you leave your computer open for anyone to see? Well for most people, the signs of PC entry aren't as obvious.

In the following simple solution, I provide you with a list of tools you can use to quickly tell if your Windows PC has been hacked. Using these tools, you should be able to detect the most common hacks in order to tell if your system has become compromised. However, some hacks may be very hard to detect and could take some work.

Checking if your Computer has been Hacked

Ok so you think your PC or computer has been hacked, now what? An arsenal of tools are freely available that can be used to help you troubleshoot and diagnose a hacked computer. To get started, you can download any of the following free hack detection tools. I explain the purpose of each tool further below.

Tools used to Detect and Repair a Hacked Computer

  • TCPView Download: A network monitoring utility developed by Microsoft's Sysinternals. It provides real time information about network connections, including details about local and remote addresses, the status of the connection (e.g., established, listening, waiting), the process that initiated the connection, and other relevant information.
  • Process Explorer Download: Is another Sysinternals tool. It is designed to provide detailed information about processes and system resource usage on Windows operating systems. It offers an advanced and interactive way to explore the processes running on a computer, providing more details than the default Task Manager. It can be used to list all running processes and can help determine which process is the parent and which processes are spawned by the parent.
  • PSTools Download: This process killer utility contains console command line tools that can list all running processes and alternately be used to kill those processes.
  • Filealyzer Download: File analysis program can be used to view advanced information about a file (explains what a program does or is). Filealyzer adds a windows explorer shell extension that allows you to analyze a file by right clicking on the file and selecting Analyze File With Filealyzer.
  • DameWare NT Download: This program is typically used to remotely administer another computers system registry. Effective for removing Root Kits.

How to determine if your Computer has been Hacked

Let's start by checking the PC or computer for currently running communicating processes. TCPView is the perfect tool for this. It is useful for monitoring network activity, diagnosing network related issues, and understanding which processes on your computer are currently communicating over the network:

  1. Extract the TCPView.zip and then click tcpview.exe to run the program.
  2. Look for any suspicious running processes, if there are suspicious processes, you can right click on them and click Process Properties, if you find a suspicious process, you can also click End Process to attempt to close the program.

You should use the other tools I mentioned in conjunction with TCPView to help determine, kill and remove any suspicious running processes.