Looking for ill-named processes is not a bad idea, but what about a hacker that name is trojan like WINLGEXEC.exe or w2kreport.exe ?

Another idea is to take another computer, with a portscanner and portscan your computer.

It is easy for an hacker to modify your "netstat" command so It won't report the port of the trojan.

Jean-Francois