If you wish to check your system for prevailing hacker attacks, you can track any potential risks with the help of Windows. The following indications point to an attack - you receive virus alerts, even though you have not opened, started or recently downloaded any file or application. Or an antivirus program which you are unfamiliar with, start springing up with notifications. In this situation, using the
Tool Remove Fake Antivirus is helpful. If the CPU
utilisation is still abnormally high despite shutting down all programs,
something fishy is definitely going on. Furthermore, surprising
computer activities like automatic opening of a website make it all the
fishier; or you learn, e.g. from friends, that spam mails have been sent
to the contacts in your address book with your return address.
Every hacker attack on a Windows computer needs a process and an
internet connection. You find the process by opening the command prompt
and type in “netstat-o”.
Afterwards, the operating system lists out all processes, which is
connected to the internet. If any of these processes appears fishy, note
down the process ID - which you will find in the “PID” column. Open
Task Manager and click to the “Details” or “Processes” window, depending
on the Windows version. Type in the the PID under “Select column” which
is under “View”. Afterwhich, you can identify the process and
right-click to end it.
The PID number helps to find the process listed by netstat in Task manager
However, before ending the process, you should block its internet
connection. This can be achieved through the Windows Firewall, where you
create a new “outbound rule” for the process. If you do not know how
this is done, then just simply read the next tip.
If the hacker does not get on track, then find him with a free
professional tool. Install and start Process Explorer. You will now see
processes marked with blue, pink and violet. You must pay special
attention to the violet processes; they could possibly refer to a
malicious code.
Right-click on the suspicious process and select the option “Check
VirusTotal”. The check is uploaded on an online analysis site and
verified by about 50 antivirus programs. If several of these programs
raise alarms, then it is another indication of hacker activities. In
this case, you have successfully detected a definite malicious process.
Right-click on it in Process Explorer and select the option “Suspend” in
the context menu. Now, the tool will try to stop the process and find
all the associated data files.
Post a Comment