The following instructions will help you determine if your PC has been zombified (taken over) by hidden software that is accessing the Internet without your consent or knowledge.
Types of malicious programs that can do this, include but are not limited to spy-ware, viruses, and/or root-kits.
NOTE 1:
These instructions are for users of MS Windows XP/Vista/2000 computers, only.
NOTE 2:
Enter all commands without quotation marks.
NOTE 3:
Unless indicated, use lowercase letters when entering commands.
NOTE 4:
Generally, the term “Click†means to quickly press and release the computer’s left mouse button.
1.
Click on the Start menu.
2.
When the Start menu opens select [Run].
NOTE 5:
You may need to configure the Start menu to display the [Run] option.
3.
In the Run Dialog Box type in either “command†or “cmdâ€.
4.
Either press the [ENTER] key on your keyboard or Click the onscreen [OK] button. This will open a DOS-based command-line interface window.
5.
At the command prompt, type in “netstat-b 5 >activity.txtâ€. The “5†in the command string denotes the length of time, in minutes, the software activity assessment will last. You may change this variable if you so choose. The results of this assessment will be saved in a file named “activity.txtâ€. You can cancel the assessment at any time by simply holding down the [CTRL] key on your keyboard while you tap the letter “c†key on the keyboard. Release both keys after tapping the letter “câ€. The activity file will show all of the programs running on your system that are connecting to the Internet.
6.
To close the DOS window, at the command prompt, simply type in “exit†followed by pressing the [ENTER] key on your computer keyboard.
7.,
Finally, to view the activity.txt file, follow steps 1 and 2 described above and type in “activity.txtâ€. Then, either press the [ENTER] key on your keyboard or Click the onscreen [OK] button. This will open the file in MS NotePad.
For more information on this and other topics go to:
www.lifehacker.com
Mark
