Access Keys:
Skip to content (Access Key - 0)

Q: Does my computer have malware on it?

Answer

If you believe a breach of MIT Information may have occurred, immediately report the incident by sending email to infoprotect@mit.edu. You should avoid trying to address situations on your own, as they may corrupt forensic information necessary to determine the scope of the issue and the risks to MIT.

Here are some signs to look for that might indicate that your computer has been attacked and contains malware:

  • Exceptionally slow, unable to connect to network services, or simply non-functional. These symptoms may be indicative of a "denial-of-service" attack (an attack aimed at preventing you from using a certain resource.) However, from time to time MITnet is down or exceptionally slow. If you find that you are unable to connect, first check to see if other people are having the same problem. If it is isolated to your system, and you have not received an email notifying you that your drop has been turned off, then the problem may indeed be the result of a malicious hacker.
  • Unexplained disk activity. Be aware that some systems do disk-related cleanup while the system is idle, so this may be merely system "housekeeping."
  • Unusual log entries such as login failures, user additions/ deletions, or network connections to unfamiliar services.
  • System appears to be less responsive than expected. For example, computer stops responding (freezes) more frequently, computer takes longer to start up.
  • Your anti-virus software has triggered an alert that your computer is infected, particularly if it says that it was unable to remove or quarantine the affected files.
  • Unusual browser activity, including: 
    • The browser closes unexpectedly or stops responding
    • The browser home page has unexpectedly changed or is taking you to sites you did not want to go
    • Additional toolbars are added to the browser
    • Web pages are automatically added to list of favorites
    • You may not be able to reset browser settings or preferences
    • Performing a search from a search page provides results on unrelated or unwanted sites or display Web site advertisements.
    • Clicking a link does nothing or goes to a unrelated Web site.
  • There are new accounts on your computer you did not create, there are new programs you did not install, or a program is asking your authorization to make changes on your system although you're not actively installing or updating any applications.
  • Your firewall alerts you that a program you do not recognize is requesting permission to access the Internet.
  • Pop-up advertising windows appear when the browser is not open or over Web pages that do not normally have pop-ups.
  • Desktop icons are automatically added to the desktop.
  • When you start your computer, or when your computer has been idle for many minutes, your Internet browser opens to display Web site advertisements.
  • You cannot start a program.
  • Components of Windows or other programs no longer work.
If you believe you have malware on your computer, read the article: How do I remove malware and recover from a system compromise?

IS&T Contributions

Documentation and information provided by IS&T staff members

Last Modified:

September 26, 2018

Get Help

Request help
from the Help Desk
Report a security incident
to the Security Team
Labels:
malware malware Delete
c-virus c-virus Delete
security security Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.
Feedback
This product/service is:
Easy to use
Average
Difficult to use
This article is:
Helpful
Inaccurate
Obsolete
Adaptavist Theme Builder (4.2.3) Powered by Atlassian Confluence 3.5.13, the Enterprise Wiki