Security Basics mailing list archives

Re: Access viewer

From: John Patota <john.patota () gmail com>
Date: Tue, 13 Dec 2005 14:09:05 -0500

First of all, why do you think someone may be accessing your computer?
Are files missing or tampered with? is your antivirus telling you that
you may have a rootkit?

Are there any unauthorized processes running
(http://www.sysinternals.com/Utilities/ProcessExplorer.html) or
starting up (http://www.sysinternals.com/utilities/autoruns.html). Are
these programs phoning home?
(http://www.sysinternals.com/Utilities/TcpView.html)

do you have a root kit?
http://www.sysinternals.com/utilities/rootkitrevealer.html



These are the tools I usually use in determining such things. Im
interested in hearing from other people what they use.



On 12/13/05, kacrut <kacrut () gmail com> wrote:

Dear all,


I would like to know if someone is accessing my computer. As far as i
know,  by typing netstat (in M$)..i can see someone's IP connected to
my PC, but i don't know what is being accessed (like opening file,
etc...). Is there any way or any tool to view this? Any help would be
appreciated.

Sorry for my bad english and grammar... :)



Kacrut

Current thread:

Access viewer kacrut (Dec 13)
- Re: Access viewer John Patota (Dec 14)
- Re: Access viewer Ippatsu Man (Dec 14)
- Re: Access viewer Dharmendra (Dec 14)
- <Possible follow-ups>
- Re: Access viewer mjcarter (Dec 14)
- RE: Access viewer Daniel Jimenez (Dec 14)