Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I've been hacked


  • Please log in to reply
5 replies to this topic

#1 BMan411

BMan411

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 20 July 2016 - 03:09 PM

Long story short here is what happened and what I did. I awoke at about 4:30am to my laptop running but when I got over to it, it went to sleep. I checked last wake which was at 3:36am. I checked to make sure I didn't have any update permissions which I did not. My computer is set to need my permission for any update. I checked the last update ran and it was when I did it myself the previous day. My sleep settings as always were set to 5 minutes. I then checked the process history and verified my computer was logged into and that the search process was utilized. I did not have a TCP viewer downloaded but upon downloading one I do not think that they left a backdoor. My investigation has stalled here. I have purposefully stopped using that computer just incase there is a ip address in some history somewhere. So my question is can I find a history of ip addresses so that I can check that time and find the culprit. 


Edited by BMan411, 20 July 2016 - 04:14 PM.


BC AdBot (Login to Remove)

 


#2 Trikein

Trikein

  • Members
  • 1,321 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rhode Island, US
  • Local time:06:38 AM

Posted 20 July 2016 - 04:16 PM

"I have purposefully stopped using that computer just incase there is a ip address in some history somewhere. "

Can you explain this? IP address in history?

 

"So my question is can I find a history of ip addresses so that I can check that time and find the culprit. "

 

Do you know what method was supposedly used to access your computer? If RDP, check those logs. 



#3 BMan411

BMan411
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 20 July 2016 - 04:18 PM

I am not well versed to this so I am just hoping there is a history log of ip addresses I have been connected to.



#4 BMan411

BMan411
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 20 July 2016 - 04:22 PM

I checked that link and will try that out. Thanks a lot.



#5 JohnnyJammer

JohnnyJammer

  • Members
  • 1,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:09:38 PM

Posted 20 July 2016 - 09:55 PM

Just note that some power settings in keyboard and mouse can start a PC from sleep, say if you have a cat or a small dog or somethign that bumps a keyboard or mouse then it will sleep and then as you have it turn to sleepmode after 5 minutes.

Well the cat may have been watching youtube clisp of other cats hacking computers!.

Always shoot to the event log mate, it has all login etc details and also the command systeminfo in a dos prompt will give you boot tiem and last login times.



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,758 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:38 AM

Posted 21 July 2016 - 05:08 PM

I have been hacked...What should I do?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users