Follow Us


Note: Any malware can be named anything - so you should check where the files of the running
processes are located on your disk. If a "non-Microsoft" .exe file is located in the
C:\Windows or C:\Windows\System32 folder, then there is a high risk for a virus, spyware,
trojan or worm infection! Check it out!

From Cmd Prompt type: netstat -ano (from window 7, start/programs/accessories/CMD prompt/type: netstat -ano then enter) or go to start, type CMD, click CMD.exe and type: netstat -ano then enter.

Type netstat -ano In CMD Prompt

                                   Please Watch Video To See If Your PC Has Been Hacked!!     

You can identify the port and the associated PID from the netstat -ano command output.
You can then use Task Manager to identify the process that is associated with the PID.
By default, Task Manager does not display the PID that is associated with a process.
To display a PID in Task Manager, follow these steps: Press CTRL+ALT+DELETE, and then click Task Manager. In Task Manager, click the Process tab, click View, and then click Select Columns.
In the Select Columns dialog box, click to select the PID (Process Identifier) check box,
and then click OK. You see that the PID column has been added to the Process tab. You can
now locate the PID and the corresponding executable file that started the process in Task Manager.

What Is PID

If you have an established connection it's possible you been hacked!
In the CMD prompt you will see a list of active connections as shown below. The established state represents a fully established connection. Just make sure that the established connection is a true Microsoft .exe file.

What Is Established Connections

Or in the CMD prompt check suspicious IP addresses by looking in the third column. The foreign address refers to the location of the connection destination.
You can search IP addresses at

              Active Connections Description:
What Is Active Connections

No comments:

Post a Comment