Acting in a timely manner is essential when dealing with the consequences of a hacked computer. As soon as you suspect that your computer's security has been compromised, you should assess the damage caused by the computer virus or the hacker and, based on that assessment, either wipe your computer clean or attempt to remove the malicious application using a reputable antivirus program.
Assessing and Addressing the Damage
Before even attempting to fix your computer, your first goal should be to assess the situation and take measures to safeguard your data.
Consider the following questions:
- Are you certain that your computer has been hacked? An application that recently started crashing, a slow computer or an unresponsive operating system, for example, may not always be caused by malicious software or a hacker. On the other hand, warnings from your antivirus application or router logs showing unauthorized access coming from unknown Internet protocol addresses are signs that clearly point to a security threat.
- Was the attack caused by a virus or by someone using a weakness in your network to access your machine? While viruses -- also known as malware -- usually target users indiscriminately and can have consequences that range from negligible to critical, a successful intrusion on your computer from a hacker should always be treated as critical, as it indicates that someone specifically targeted your machine or network. While viruses are typically detected by antivirus applications, a remote intrusion on your computer should show up in your firewall logs.
- If the attack was caused by malware, what kind of virus was it? As previously mentioned, viruses can perform a wide range of actions, ranging from displaying pop-up ads to recording your keystrokes or even images from your webcam. If your antivirus detected the virus that infected your computer, it should normally provide you with more information about the threat, including its name and threat level and tell you whether that virus can steal personal data from your machine. If your antivirus supplies you with only the name of the virus, perform an Internet search to learn more about that specific malicious application.
If, after assessing the damage, you suspect that a third party may have been able to access some of your personal data, take these immediate steps:
- Log in to any account that contains sensitive data from an alternate, clean device and change the associated password. Examples of such accounts include your bank's online banking platform, PayPal or even social network accounts.
- Contact your bank to cancel any credit card you recently used to make purchases online.
- Disconnect or disable recording devices connected to the hacked PC, such as webcams or microphones.
If a computer virus is present on your computer, you have two options when it comes to fixing your computer: using an antivirus application to attempt to remove it, or performing a clean install of Windows.
Both options, however, come with drawbacks. While scanning your machine with an antivirus lets you keep your documents and files, it may also fail to accurately delete all infected files -- for example, if a hacker encrypted some of them. On the other hand, a clean Windows install deletes all files from your hard drive -- including all your documents and personal files -- but, in the process effectively removes the virus with a 100 percent accuracy.
To remove infected files using an antivirus, download a free, reputable security suite such as AVG Antivirus FREE 2015, Bitdefender Antivirus Free Edition or Avast 2015. Install the program and update its security definitions before running a full system scan.
Clean Windows install
To perform a clean install of Windows 8 or Windows 7:
Insert your Windows DVD in your computer's DVD drive or plug in a USB drive containing the Windows installation files.
Reboot your computer and enter the BIOS by pressing a specific key.
Change your machine's boot priority so that it attempts to boot from the DVD or USB drive first.
Save your changes and exit the BIOS. Your computer then reboots and loads the installation files from the removable media.
Refer to your computer or motherboard's documentation on how to enter the BIOS, and edit the boot priority on your machine.
Select Install, type in your license key if the wizard prompts you to enter it and accept the terms of service.
On the next screen, click on Custom and select the first partition.
Click on Format to erase that partition's contents. Repeat this process for every partition on your hard drive.
Once you have formatted all partitions on your hard drive, click on the partition where you want to install Windows and select Next.
Follow the on-screen instructions to finish installing Windows.
Formatting your partitions permanently deletes your files. Consider saving the files you want to keep on a USB drive or external hard drive before formatting your hard drive. However, do not save files that may potentially contain executable code -- such as EXE, RAR or even DOC or XLS files -- as they might have been infected.
Dealing With a Network Intrusion
Hackers who successfully penetrate a network or computer usually do so by exploiting open ports on a router or machine. To prevent hackers from remotely accessing your entire network, consider purchasing a router and enabling its built-in firewall. Alternatively, to secure a single computer, enable the Windows Firewall.
If hackers were able to remotely access your computer despite your enabling Windows Firewall, it may be due to a misconfigured rule that allows insecure connections to pass through the firewall. You can reset your Windows Firewall rules by selecting Windows Firewall from the Control Panel and clicking on Restore Defaults.