Using Netstat And CMD To Find If There Is Any Established Suspicious Connection/Process On Your Windows System. A Sign Of Being Hacked? (Video)

A candidate icon for Portal:Computer security

A candidate icon for Portal:Computer security (Photo credit: Wikipedia)

So I was poking around on YouTube and I stumbled onto How to find out if your pc is hacked video which embedded below so you could watch it.  Anyhow, even though the video’s quality was bad and the upload date was dated since 2008, the content within should be helpful and relevant still.  The video simply instructed you to compare the process IDs of the established connections from netstat’s output list in CMD window against the process IDs of the running services inside the Windows Task Manager, and if you find the pairing of the process IDs of established/active connections/services are suspicious (i.e., check the process names and locations within a system and compare these suspicious processes to known process names and locations from the reputable process resources from the Internet) — you can then either run an excellent antivirus software to confirm if your system is hacked or not or investigate further.  What if you can’t find the process IDs which netstat’s result list shows inside Windows Task Manager?  You might want to click on the button near the bottom inside Windows Task manager which labels as Show processes from all users.  Also the video instructs you to add a Process ID column into your Windows Task Manager so you can view and compare the process IDs from Windows Task Manager against the netstat’s result list.  According to the video, the command to execute netstat so the states and process IDs of the connections would show is [netstat -ano].  Also, to add a process ID column to Windows Task Manager you should go to View > Select Columns > and check the box that says PID (Process Identifier).  For your information, this instruction is tailored for Windows 7 when I had done it to confirm the accuracy of the instructions within the video.  Check out the video right after the break and enjoy!