Tuesday, July 2, 2013

Find Hackers In Your Computer Using Netstat Command And Kick Them Out

If you are using pirated software specially from Torrents etc, you may be a victim of a BotNet attack. You don't know that weather your computer is in a botnet or not but Prolexic.com says that morethan 10 million personal computers are victims of zombie armies (botnets) controlled by hackers around the world which are used to deploy DDOS attacks and various flooding attacks like email bombing. Statistics grow day by day..

By installing softwares which are pirated, manipulated and uploaded freely to internet by hackers we help them to create their cyber armies. After people downloaded and installed them, ports are opened and connected to the hacker's server. So that he can use your computer in his bad needs when you are online and your IPs MAC addresses will be recorded for the crime. Here is how to find and neutralize this threat in a simple way.

Restart your PC and do not open any web program like browser, messenger etc. Then find out your private ip-address using ipconfig command in command prompt which you can access by typing cmd on start menu search box. I'm using Windows 7.

It will be like this.




















Now you can find out the internal network range. Which is here 192.168.1.x So any number which starts with 192.168.1. are my internal ip addresses.
Then type netstat -ano command and enter. Result will be like this.

























Now watch for the established connections and IP addresses which are not in your subnet or simply which are public ip addresses. Oops!! :O I have a one..
I really amazed what was that and traced back to know what is that. 77.234.42.51 ip addess is a public address from a server from Denmark. I traced it from a reverse ip-lookup site and still no idea. I just restarted my computer and checked again to see weather it is comming again or not.
Yes, It came and this time the process id is 1396. Now I'm going to find what is running on that process using task manager and if it seems unknown I'm going to end that process.

Hit Ctrl + Shift + Del and start task manager.

View -> Select Columns --> check PID

Now you can see the PIDs (Process IDs) and click on the show processes from all users from interface of task manager.



PID 1396 (previously 1364)was Avast. If it is an unknown process with an unknown server connected, it can be a hacker. You can click end process and kick out the hacker from your PC.

Share this post
  • Share to Facebook
  • Share to Twitter
  • Share to Google+
  • Share to Stumble Upon
  • Share to Evernote
  • Share to Blogger
  • Share to Email
  • Share to Yahoo Messenger
  • More...

41 comments

  1. Now by using this tool you can find the hackers of your system and kick them from your system. I have used this and highly recommend to all.

    Thanks
    Silvester Norman

    Change Mac Address


    ReplyDelete
    Replies
    1. I enter netstat-ano and it wont do anything,,, just says not reconized as an internal or external command

      Delete
    2. i cant get past netstat-ano...says its not reconized as an external or internal command

      Delete
    3. I enter netstat-ano and it wont do anything,,, just says not reconized as an internal or external command

      Delete
  2. This is very іnteгesting, You are a very skilled blogger.
    I've joined your rss feed and look forward to seeking more of your fantastic post. Also, I've shareԁ your websitе in my sociаl
    netwoгkѕ!

    Feel frеe to surf to my ωebpage: lοuis cunninghаm []

    ReplyDelete
  3. Hello just wanted to give you a quick heads up. The text in your article seem to be running off the
    screen in Firefox. I'm not sure if this is a format issue or something to do with browser compatibility but I thought I'd post to
    let you know. The design look great though!

    Hope you get the problem resolved soon. Many thanks

    my web site - how to find out

    ReplyDelete
  4. He knοwѕ hіs job ωеll and wll go аbout doing the same.
    So that mοѕt of thе tгavel or touгists
    oг who iѕ seеkіng foг
    a paгticulаr locatiοn οr fіnding a
    buѕіness loсаtion finally
    approасhing seаrch engіne.
    Unfoгtunatеlу, desperаte ЅЕΟ сompanieѕ hаvе taken to
    sending out ѕpam mаil too try to gеt yοur businеss.


    Feel fгеe tо vіsit my blοg post; search engine optimisation

    ReplyDelete
  5. Qualіty pοsts is thе crucial tο interеst the
    users to visit the websіte, thаt's whаt this
    wеbsite is рrovіԁing.

    My website - portable

    ReplyDelete
  6. Its like you learn my mind! You seem to understand a lot about this, like
    you wrote the e book in it or something. I think that you just could do with a few
    % to drive the message house a bit, but instead of that, this is wonderful blog.
    A fantastic read. I'll certainly be back.

    Also visit my blog :: Facebook Hack

    ReplyDelete
  7. Can I simply say what a relief to find a person that really knows what they're talking about on the net.
    You certainly understand how to bring a problem
    to light and make it important. More people must look at this and understand this side of the story.

    I can't believe you're not more popular since you definitely possess the gift.


    My web site; Remove windows vista fix virus

    ReplyDelete
  8. Ι think the admin оf this webseite is truly workіng hard
    in suрport of his web page, fοr the reasоn that heгe еvery іnfoгmаtion is quаlity based data.


    Му site - apple iphoe (http://digital-import.co.uk/)

    ReplyDelete
  9. My partner and I stumbled over here by a different website and thought I should check things out.
    I like what I see so i am just following you. Look forward to exploring your web
    page for a second time.

    My blog :: uninstall My Safe PC 2014 malware

    ReplyDelete
  10. Hi there! Would yyou mind if I share your blog with my facebook group?
    There's a lot of folks that I think would really appreciate your content.
    Please let me know. Many thanks

    Also visit my weblog :: website to check out

    ReplyDelete
  11. It is not my first time to pay a visit this web site, i am browsing this web page dailly and get fastidious information from here every day.


    Stop by my page: shower Head filter

    ReplyDelete
  12. Hello, its fastidious piece of writing about media print, we all be
    aware of media is a enormous source of data.


    Feel free to surf to my homepage - Lee Trotman Southern California Edison

    ReplyDelete
  13. Hi, I do believe this is an excellent blog. I stumbledupon it ;) I am goiung too come back yet again since
    i have book-marked it. Money and freedom is the best
    way to change, may you bbe rich and continue to help other people.


    my web site :: ipad repair maryland (web.lmdg.econ.au.dk)

    ReplyDelete
  14. Nice post. I was checking constantly this blog and I'm
    inspired! Extremely helpful info specifically the remaining part :)
    I deal with such info much. I used to be looking for this certain info for a long
    time. Thanks and best of luck.

    Feel free to visit my web site ... iphone repair in maryland

    ReplyDelete
  15. remember when using netstat -ano in command prompt you have to hit the space bar once after typing netstat.
    example:
    correct: netstat -ano
    incorrect: netstat-ano

    ReplyDelete
  16. Outstanding post however , I was wondering if you could write a litte more on this topic?
    I'd be very thankful if you could elaborate a little bit further.
    Cheers!

    my blog post - Binära Optioner

    ReplyDelete
  17. I'm not pоsitive where you аre getting your іnformatіon,
    howeνer good topic. I must ѕрend sοme time studying much more or understanding more.
    Thаnks for grеаt іnformаtion I wаs οn the loοkout for
    thiѕ information for my misѕion.

    Feel free to surf to my web page - domestic cleaners in Falkirk

    ReplyDelete
  18. I'm really lοving the theme/deѕign of youг web site.
    Do yοu ever гun into аny web browser сompatibility issues?

    A hanԁful οf my blog audiеnсe have сomplainеԁ about my ѕіte
    not working coггeсtly in Exρloгеr
    but lookѕ great in Firefoх. Do you hаνe any tips to help fiх this issue?


    mу site womens clininc

    ReplyDelete
  19. Undeniably believe that which you said. Your favorite justification seemed
    to be on the internet the simplest thing to be aware of.
    I say to you, I certainly get annoyed while people consider worries that
    they plainly don't know about. You managed to hit the nail upon the top as well as
    defined out the whole thing without having side effect , people
    could take a signal. Will probably be back to get more.
    Thanks

    My site: bruno

    ReplyDelete
  20. It is the best time to make some plans for the long run and it is time to be happy.
    I've read this publish and if I may I desire to suggest you few attention-grabbing things or suggestions.
    Perhaps you could write subsequent articles relating to this article.
    I wish to read more things about it!

    Feel free to visit my web blog durable labels London

    ReplyDelete
  21. Cool blog! Is your theme custom made or did you download it
    from somewhere? A theme like yours with a few simple tweeks would really make
    my blog jump out. Please let me know where you got your design.
    Many thanks

    My site Tracy B. Hines

    ReplyDelete
  22. Hi there, I enјοу reading thгough your artiсle post.
    I like to wrіte a littlе cοmment
    to ѕupport уou.

    Visіt my site: carpet cleaners in Norwich

    ReplyDelete
  23. Pretty element of content. I simply stumbled upon your blog and in accession capital to assert that I get actually loved account your blog posts.
    Anyway I'll be subscribing on your feeds or even I fulfillment you get admission to constantly fast.


    my web blog alloy wheel refurbs Cambridgeshire

    ReplyDelete
  24. This text is invaluable. How can I find out more?


    Also visit my web-site - Agatha O. Hall

    ReplyDelete
  25. Hi, Thanx for your help and information!
    What if "established' shows up in your netstat -ano but the port does not show in your task manager? Then what? Thanx!
    Dia

    ReplyDelete
  26. Thanx for your help.
    What if you found an 'established' connection but it does not show up listed in your task manager? What do I do then? How do I kick them out?
    Hugz,
    Dia

    ReplyDelete
  27. Awesome article.

    Also visit my blog: collections

    ReplyDelete
  28. Hello to all, as I am genuinely eager of reading this blog's post to be updated regularly.

    It carries pleasant material.

    Also visit my page: home care Lincolnshire

    ReplyDelete
  29. I always used to study paragraph in news papers but now as I am a user
    of web thus from now I am using net for content, thanks to web.


    Look into my page :: Eva S. Clark

    ReplyDelete
  30. Hi! This is my 1st comment here so I just wanted to give a quick shout out and tell you
    I really enjoy reading your articles. Can you recommend any other blogs/websites/forums that cover
    the same subjects? Thanks a ton!

    Feel free to surf to my homepage; Robert T. Groesbeck

    ReplyDelete
  31. I am no longer certain where you are getting your info, but good topic.
    I must spend some time studying more or working out more.
    Thanks for magnificent information I used to be on the lookout for
    this info for my mission.

    my webpage - Tracy B. Hall

    ReplyDelete
  32. Cmd is where you need to study to be able to have any fighting chance on surfing the internet safely. Thanks to people like this, we can all be informed enough to combat hackers using the same platform. Thank you for this.

    ReplyDelete
  33. This was very very helpful I just discovered I had a virus!

    ReplyDelete
  34. Thank you for this article. In your case as illustrated above
    " PID 1396 (previously 1364)was Avast. If it is an unknown process with an unknown server connected, it can be a hacker. You can click end process and kick out the hacker from your PC."
    Dis you have Avast installed in your Computer ? Why I am asking you is in two cases of mine, One in Chrome and the other in Setpoint Exe. for my Logitech Mouse, I noticed " Established " PIDs. So I ended both the processes. Chrome whined that it was not shut properly.. restore the pages etc. and my Mouse became dead. Secondly, for my Mouse. against the same PID, it showed " Established "as well as "Listening". So in such cases, what do I do ? I would appreciate a response from you.

    ReplyDelete
  35. this cmd is not work in my compte r

    ReplyDelete
  36. Hello my loved one! I wish to say that this post is amazing, great
    written and include approximately all significant infos.

    I'd like to look more posts like this .

    Also visit my homepage zeromski utwory

    ReplyDelete
  37. Well, The post is interesting and have unique info. It is based on useful idea. Keep sharing like this.


    Zero Clients & Windows Thin Client

    ReplyDelete

:) :-) :)) =)) :( :-( :(( :d :-d @-) :p :o :>) (o) [-( :-? (p) :-s (m) 8-) :-t :-b b-( :-# =p~ :-$ (b) (f) x-) (k) (h) (c) cheer

 
All rights reserved © 2013 Roshan's Blog
Designed by Blog Thiet Ke
Authour Of The Blog : Roshan
Back to top