• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 549
  • Last Modified:

How to check my hacked computer

Dear experts,

My computer has been hacked, someone accessed the computer and deleted my files even controlled the cursor.
I don’t want to format the computer, I want to see the cause, program and the event log to find out how that happed so I block future access to other users.

How can I check and where to look
3 Solutions
You have probably gotten a keylogger and further malware on your system. The best utility to find malware and remove it is malwarebytes. Download, install and run it, maybe after the malwarebytes definition is updated, remove the LAN cable. Then scan the system and let it remove any malware it finds.


In the future to avoid this, make sure your system is always fully updated and patched. Also make sure you have a good antivirus utility installed. I can really recommend Panda Cloud antivirus.

Also make sure that you use your common sense when browsing the web or with your emails. Only visit sizes you know or trust. Don't click on every link you see. Don't open emails you don't know whom they come from. Don't open attachments you aren't sure about. Install the adblock plus and flashblock addons in your firefox or chromium web-browser. Don't browse with insecure browsers like IE. Enable spam filters for your email client.

Also, once installed, some keyloggers are very difficult to find and remove, even for the best utility like malwarebytes, so a fresh installation IS often the best way to ensure your system really is clean.
I'm sorry you had to go through this. This happens quite a lot. The way to secure against any further attacks is to learn from the situation, which is what I'm assuming you're heading towards. In addition to the above, I would recommend reading an essential - http://www.sans.org/reading-room/whitepapers/incident/incident-handlers-handbook-33901

The guide walks you through the various steps one would take to handle this situation with care. Simply running software to try and ascertain the cause is foolish, as the threats these days can remain hidden well after the software claims to have gotten rid of it.

My intention is not to belittle any product, just to become more knowledgeable in not only your own device, but your network, the environment in which you plug yourself into and the ever changing threats.

Good luck.
uknet80Author Commented:
so you are suggesting that it not possible to find the file name or the service name,  my concern is that we are a company of 300 laptops and this might have been spread throughout the company, that is why i want to find the source of the file so i can prevented for other laptops.  the question is, can i find the file name source name, or any indication of been hacked?
Giovanni HewardCommented:
It absolutely is possible.  I recommend you disconnect the machine from the primary network (OK to remain active on isolated analysis network) and create an image of the infected machine for analysis.  You'll then run the image as an isolated virtual machine.  See VirtualBox, VMware Workstation, etc.

A quick way to do this with VMware® vCenter™ Converter™

Once you've backed up the infected machine, I highly recommend you perform a clean install/image on your coworkers machine, so they're not down the entire time your running the analysis.

Next, read the following documents:

Advanced Malware Cleaning Techniques for the IT Professional




You'll essentially be performing the following steps:
malware cleaning stepsMicrosoft-Security-Intelligence-.pdf
Thanks for the grade and good luck.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now