Have I Been Hacked? Now What? Anymore, computer security is just as important as Home security. You wouldn't leave your front door open when you go out for a night on the town. So why would you leave your computer open for anyone to see? Well for most people, the signs of PC entry aren't as obvious.
In the following simple solution, I provide you with a list of tools you can use to quickly tell if your Windows PC has been hacked. Using these tools, you should be able to detect the most common hacks and tell if your system has become compromised. However, some hacks may be very hard to detect and could take some work.
Checking to see if you have been Hacked
Ok so you think you've been hacked now what? First, you'll need an arsenal of tools that can be used to troubleshoot and diagnose a hacked computer. To get started, you should download the following tools.
- Download TCPView
- Download Process Explorer
- Download PSTools
- Download Filealyzer
- Download DameWare NT
I'll explain the purpose of each tool further below. But for now, we will get started with TCPView;
How to Tell if you've been Hacked
- Extract the TCPView.zip and click tcpview.exe to run the program
- Look for any suspicious running processes, if there are suspicious processes, you can right click on them and click Process Properties, if you find a suspicious process, you can also click End Process to attempt to close the program
Tools that can help repair hacked computers
Process Explorer: This program will list all running processes and can help determine which process is the parent processes and which processes are spawned by the parent.
PSTools: This program contains console command line tools that can list running processes and alternately be used to kill those processes.
Filealyzer: This program can be used to view advanced information about a file (explains what a program does or is). Filealyzer adds a windows explorer shell extension that allows you to analyze a file by right clicking on the file and selecting Analyze File With Filealyzer.
DameWare NT: This program is typically used to remotely administer another computers system registry. Effective for removing Root Kits.