How to Check if Someone is Remotely Accessing Your Computer

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
what you guys got another video on how to detect a remote access to your computer without your knowledge this is if someone is basically uh using some sort of malware to remote access into your computer without you knowing maybe you've downloaded some dodgy files or maybe you got a suspicion that someone is remote viewing your computer without your knowledge the first thing to do is to check inside your processes inside task manager if there's any sort of high CPU usage here from Rogue uh programs that are running in the background and you don't know what they are you could simply be uh infected with some sort of Rogue process like some sort of crypto Miner or a back door or rat on the system that is allowing people to remote access into your computer without your knowledge you can use programs like process Explorer which are more advanced and these are from Microsoft and you can look for processes in here that are running on the computer and you can then weed these out and basically investigate more further so if you've got some sort of program here that you know and I can see some stuff already on this system because I know because I've put it there and I want to show you exactly what to look for when you've got it on your system so if you got suspicion that one of the programs on here is running and it's Rogue you can quickly right click on these and you can look at the properties of that particular process one the opens up you should see something looking like this and if you've got some sort of remote access connecting out and coming into your computer then you will see remote access uh here and you will see the local address and you normally see some sort of domain name or IP address which is unknown to you and it's allowing that person to remote in and out of your PC and it is that particular program that is running on the system that is allowing them to do that and these can lay undetected for quite some time and they can be running there in the background and basically uh you would not know what is going on with your computer have you booted up your computer and started to see some weird stuff popping up on the screen like this then you've probably been infected by some sort of malware or back door or something like that maybe it's a Trojan downloader it could be anything and this is the problem I never installed uh this web browser it's just basically installed this onto the computer I've got a bunch of command prompts popping up here trying to run some applications in a particular location this means you've been infected and you've either uh clicked on a program or clicked on some email link or went to some site or downloaded something off of someone and installed it on your system this is really dangerous cuz you don't know what they are they could be ransomware they could be key loggers they could be back doors and I can already see when I open this window up again that I can now see there's some other stuff on here that is running and if you look look closely you will start to see uh weird processes running here and they're pretty crafty it just says search suspended and that means my search has been suspended it says this uwp is basically on here to improve processes and performance but really it's a trick because they don't want you searching for certain files to finding certain files on the system and if you go to search for anything you're not going to be able to because it's blocking it and you can see that's running on the system here it's done its damage and if you try to close it will basically just restart up again because there's tons of stuff on this PC so if I look here and look on the details here you might be thinking this is a a genuine legitimate uh Windows operation that's actually running on the system and it can lay there without you detecting it so you got to know what you're looking for and if you don't know what you're looking for you need to start running scans on the PC to see whether you do have some sort of infection on that P PC there's another suspicious file here that's just got a weird name has anything got a weird name that you don't know what it is well you can open this file in location and you can also check the details of this file and you can get the location of it and it's in as you can see here system apps and it will be inside here and these have been either tampered with or Modified by the malware so let's have a look here now the problem is your PC might not necessarily have a remote connection straight away this might happen in a day or two uh or it might not never happen it just depends on what it's doing we don't know what this malware is doing on the system but you can see there's another one right here and if I open this up and I can go to location you can see it's modified the system apps area here and there is a file inside here and this is what it's doing so if you try to close this down it's going to com completely restart itself again and this can be really Troublesome to get rid of it so let's go back to process Explorer here and enable the virus total feature inside here so we can see and you can see straight away I can see there is a file here with 56 out of 76 detection rate this means that we do have a nasty uh virus on this PC and we need to do something about it because it's sitting there running and you can see also see the uh Oprah browser is there as well so I never installed that so it's probably part of it and you can probably see here at a later date there will be some sort of remote access popping up here because I know exactly what I installed on this system once I establish a connection you will see uh there is some sort of uh IP address or domain name showing up here and this is the actual virus we got on here for this particular one and there's probably a bunch of other stuff on here as well so let's go ahead and open up TCP View view this is another thing you can do to view all of the connections on your computer to see what is actually happening this will give you the remote addresses of all of the uh IPS that are connecting to your computer as we speak so right here you can see the remote address and you can see the local port and we got the local addresses and we got the state where it says listen established if it's established that means there is a connection to the outside world you can see one drive has got a connection here because it's connected outside and again you can see some other ones here which is your Chrome browser and there will be a bunch of other stuff here if you see any sort of weird programs or processes running here that you haven't installed on your PC and they've got a remote connection out then you've been infected and you need to do something about it the simple solution would be to back up your data and reinstall Windows obviously not everyone wants to reinstall Windows and and you might want to try to remove it yourself and that's perfectly fine if you want to but again remember you don't know what this infection is it could be some sort of key logger it could be something to do with uh banking software to collect information and this is where you've got to be super careful so when you're looking at something like this do your uh research and make sure you know what you're doing before you mess around with things now another thing you can do here is when you find an actual IP address that is a bit dodgy for you you can look at this and look at the who is and once you do this it will tell you the information of that IP address and it belongs to the domain name and it will give you some other information right here so this is where you can sort of do a bit more detective work to find out what is going on before you start deciding whether you're infected or not and we're going to get to the scanning part in a second but I'm just going to move on and show you where we can get a demain name that does pop up with blocked so let's have a look right here and there is an actual application running here install uh .exe here and we'll go ahead and what we're going to do is we'll quickly right click on this and we'll take a look at the who is for this one so let's go ahead and right click here and go to who is and we can close the connection as well and you should see there is a domain name there right up the very top and you can do a search for that as well and again this might be a malicious domain name you need to work out for yourself whether you're one you're looking for is dodgy so you can see with the domain name there there is an update date and a creation date as well and it will give you some other information about it so we can now do a quick search here for that domain name and when I push enter you can see how has been blocked by my ISP another thing you can do is check your firewall settings if your firewall has been tampered with by some sort of malware it can add entries in here and it can also disable your firewall and you will be able to see inbound and outbound rules here and maybe some piece of remote software has allowed itself to go in and out of your computer by adding in a rule so you can check through your uh ins and outbounds uh and make sure there's no rules here for some sort of Rogue program that you've not installed on your computer so that is the Windows Defender Firewall advanced settings you can also check inside the Windows Defender Firewall settings and you might have some sort of application that's been allowed to connect to your computer by adding itself inside here with the allow an app or feature through your Defender Firewall and it will be added inside here and you can do some investigation if it has been added in here then you need to make sure that you uh remove it or remove the application and you can see some of these remote desktop here and remote assistant is on but again yours might be a malicious app that's been added in here so make sure you check here as well so that is in the firewall now moving on to scanning your PC it's important that you scan your PC on a regular basis to make sure that you don't have any infected files now we know that we do have infected files on this computer and I'll show you by doing a quick scan with Hitman Pro here and it should detect some files and uh you want to make sure that you do multiple different scans with different software and there is that do host.exe file and we got win logon uh as wellex and we also have some other files inside here as well and there's quite a few of them so you want to make sure that you're removing all of the this stuff now of course if you've got a lot of stuff that is really bad stuff like remote connections and things like that i' would advise you to just back your data up and reinstall Windows that way you can be 100% sure that everything has been removed from your computer now don't just rely on one application to uh scan and clean your PC you need to run different types of software because you may have traces or other files that have been missed by one particular piece of software and another piece of software will detect it this is why it's important to have a really good antivirus program on your computer especially if you've got bad habits of downloading stuff off the internet or clicking on links in email addresses and things like that so make sure you're careful with what you're doing on your computer now kasperski rescue uh disc is another great piece of software from kasperski which you can boot up to and and remove a lot of malware and nasty stuff on your PC so basically when you boot it up to it you're in a pre-installed environment like this one here and you can run scans on your PC so I'm going to do a quick scan here I've pretty much cleaned a lot of the stuff off now I'm just checking here and we'll run a scan now while you're here if you know what you're doing you can basically go in and manually remove some of the stuff that might be have left behind why maybe uh the malware removal program it hasn't removed some remants and you can go and clean up if you want to if you know what you're doing if you don't it's probably best just to back your data up and reinstall Windows but we're just going to play along here and let this do a scan and remove what it can find and I'll go ahead and I'll also go in and remove stuff manually myself because I know what I'm doing I'll let this finish finish off here and we can continue it's found one detection here on a quick scan and you can see this one's a Trojan and it's inside the Google Chrome it's called update.exe I'm going to disinfect and remove that from the PC and it will probably want to do a more advanced scan on the system to do a full fur scan to make sure there's nothing left behind and this is why it's important to do scans with different types of software and if you're heavily infected then you might want to use something like kasperski rescue tool to basically remove stuff so you can navigate around your computer in kasperski as well while that scan is going and again this is not for the fainthearted so if you don't know what you're doing i' probably say leave it well alone I'm going to go into places I know that where malware sort of resides and hides and these can be sort of tricky places for malware to remove and you can see there's a lot of executables inside here and these are also malware and they've got no name to them and they've just got aexe here so these need to be removed and this is what you're seeing on the screen when you restart the computer and you see those prompt boxes popping up so I'm going to quickly delete these from the computer as well now again be very very careful with what you're deleting if you're deleting files that you don't know what they are they could be key files for your window Windows operating system and you could end up rebooting the system and the system doesn't boot because you've deleted something that Windows needs you are in a pre-installed environment here and it makes it very easy to break the system if you don't know what you're doing so I'm going to leave these alone I can see some stuff in here which I'm going to remove I'm going to go into start up here there's some stuff probably going to be inside here and lo and behold there's a batch files in here with which were related to those executable files and these are probably what's causing a major problem so I'm going to go ahead and remove a lot of this stuff as well and you can open this up in mouse pad here to have a look at the text here I'm just going to remove all of this stuff from the computer now we'll say that Windows has become more secure over the years and it's very hard to infect Windows unlike it was years ago where it was quite easy Windows is quite secure nowadays if you've got it set up correctly it's quite difficult for malware to get onto the system and uh you know unleash its payload there so I've gone ahead and remove the rest of that malware and let the scan finish and again when you're doing this you need to be 100% sure that all of the malware has been removed from that computer if there's any remnants left behind that can run it could download more in the background and you you could go loging onto your bank and it could be some sort of banking malware which could also collect all your information so you got to be super careful and that's why sometimes it's better to reinstall Windows and clean it up now don't worry about that little red one down there saying one uh sl76 that is actually process Explorer uh it's completely safe it's from Microsoft and that is basically it that's how you can check to see whether someone is remot into your computer and how to remove malware and things like that my name is B Brian from bric computers. C.K hope this one helps you out thanks again for watching bye for [Music] now
Info
Channel: Britec09
Views: 335,926
Rating: undefined out of 5
Keywords: how to check if someone is remotely accessing your computer, how to detect a remote access to your PC, what happens when a hacker gets remote access to my computer, signs that your computer has been hacked, how to tell if someone is remotely viewing your computer?, britec09
Id: pDwENUhCxdw
Channel Id: undefined
Length: 16min 58sec (1018 seconds)
Published: Thu Oct 19 2023
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.