Hey everyone it’s Terry Cutler. You ask questions, and I answer them. Here’s a question I get asked several times a week. The question is “how do I know if my Pc has been hacked” or how do I know if my webcam has been hacked and are people as spying on me”. Well…., let’s get that answered…..NOW welcome to the #AskTerryCutler show!
Hey everyone it’s Terry Cutler and I want to show you how a simple command line tool can provide invaluable information about what’s happening on your system to find out if your PC has been taken over by a hacker or malware.
Ok so the first thing you want to do is close as many open programs as you can like Microsoft outlook, skype etc. this will allow us to try to find unwanted communication from applications we don’t know about. In my case I’ll leave my apps open so you can see activity.
Once you’ve done that, press the start button, and type CMD which is short for command prompt and press enter.
Once the command prompt has been opened, you’re gonna type netstat –ano. What we’re doing here is asking windows to list all listening and open ports that the system is talking to.
As you can see, a ton of stuff just scrolled off the screen. Let’s have a closer look. Let me adjust the size here and scroll up…ok.
What we’re looking for is any established communication. “established communication “means your computer is talking to another device on your network or somewhere on the internet at this moment.
here we have our local address which represents your computer IP. everyone’s will be different so don’t worry about this. As you can see my PC has 127 addresses. Don’t worry about these either because my computer is running special software called VMWARE which most of you don’t have.
As we go right we have foreign addresses which are other devices your computer is talking to, the current state of the connection and finally we have the PID (process identifier). A PID is like the name of the software that’s talking on this connection which we’ll use to investigate.
Now we’ll want to open the windows task manager by right clicking on the task bar and select “Start task manager” you can also get there by press ctrl-alt-delete and choosing task manager. Once it’s open click on the processes tab. Select view at the top, and choose select columns. You’ll notice that PID is unchecked. Please go ahead and check that box. By the way, all windows versions can do this, not just windows 7.
Now you’ll notice some numbers that showed up beside the names of the processes. For simplicity reasons you’ll need to click to sort the process ID from smallest to largest so we can find stuff quickly. You’ll also notice a button called “show processes from all users”, let’s make sure we press that aswell so we can see everything this PC is talking to.
Now, what you would do is match up the process numbers with the name of the application running it. For example, we have process Id 4668 running twice what could this be. Well once we get to 4668 we can see that skype is using this ID which is most likely safe. So keep going through this list and if there’s something you’re not sure of, google is your friend at this point. You could also right click and select properties and this might give you a little more insight into what program it is and where the file is located.
If you’re still running into trouble though, you’ll need to contact your family IT guy or bring it into a BestBuy to get serviced, or for a fee, my team or I could also help you out.
I hope this video was enough to get you started. If you have a question you’d like an answer to, hit me up on twitter using the hash tag #AskTerryCutler or by email at ask@TerryCutler.com and don’t forget to subscribe to Internet Safety University.com. You never know if your question will be featured in an upcoming video.
If you could please share this video with your friends I’d really appreciate it. There’s so many people who are infected and they don’t even have a clue. And, If you’re a victim, I’d love to hear your feedback on what you found and if this tip helped you out.
Stay safe my friends and I’ll see you all in the next video.