Tracing a hacker
If you think your computer has been hacked, investigate for unusual user account
names that have suddenly appeared and for open TCP/UDP Ports
. There are several standard (common) user account names and ports that are supposed to be there and if you see these accounts or ports, they are typically not a cause for concern as they are most likely legitimate:Windows Forensics: Have I been Hacked?Important Note
: Using any torrent
, peer-to-peer (P2P) file sharing
program (i.e. Limewire, eMule, Kontiki, BitTorrent, BitComet, uTorrent, BitLord, BearShare, Azureus/Vuze) or visiting such sites is a security risk which can make your system susceptible to a smörgåsbord of malware infections
, remote attacks, and exposure of personal information. File sharing networks are thoroughly infected and infested with malware according to Senior Virus Analyst, Norman ASA. As such, it is not uncommon for some anti-virus/anti-malware disinfection tools to detect torrent related files and programs as a threat
and attempt to remove them.
The reason for this is that file sharing relies on its members giving and gaining unfettered access to computers across the P2P network. This practice can make you vulnerable to data and identity theft, system infection and remote access exploit
by attackers who can take control of your computer without your knowledge. Even if you change the risky default settings to a safer configuration, downloading files from an anonymous source increases your exposure to infection
because the files you are downloading may actually contain a disguised threat. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads
and malicious Flash ads
that install malware
. Many malicious worms and Trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities. In some instances the infection may cause so much damage to your system that recovery is not possible
and a Repair Install will NOT help!. In those cases, the only option is to wipe your drive, reformat
and reinstall the OS.
Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The best way to eliminate these risks is to avoid using P2P applications and torrent web sites
.Using such programs or browsing torrent sites is almost a guaranteed way to get yourself infected!!