Weekly released mini-blogs featuring signs you may be hacked and how to fix them.
Anti-virus, Task Manager, or Registry Editor are not working and you can’t start them.
If a hacker can first compromise the security of your computer then they are free to carry out much more comprehensive attacks against you. So this is a common first sign of attack to watch out for.
The hacker is hoping you don’t notice the damage to the security software on your computer; or, if you do notice, maybe they can make it look like just another bug or glitch. Because the longer you let it go, the more attacks they can carry out, the more data they can get, and the more damage they can do.
If you notice that any of your security software (anti-virus, anti-spam, Windows firewall …) is disabled and you didn’t do it, you have almost certainly been hacked. Especially if you try to start Task Manager or Registry Editor and they won’t start, start but disappear, or start with reduced functionality. This is NOT just another bug. Take immediate action. Turn off your computer.
WHAT TO DO – BEFORE INFECTION
- Make sure your software is completely patched and up to date. Enable automatic update features in your Operating System and software applications.
- Make regular backups.
- In this case, it’s a good idea to have backups stored on an external hard drive or second computer to keep them isolated from threats.
- Do your due diligence and run a complete antivirus scan on your computer
- Looking for unwanted installed programs and toolbars.
- Tell your friends to do the same.
WHAT TO DO – AFTER INFECTION
There is no telling what has been done to your computer after the hacker turned off your security. So ideally, you should perform a complete restore to a prior backup that is known, or can be tested to be, free of infection. You will likely lose some files and work at this point. But it is by far the best way to clean the computer. Usually it is worth the lost data in both time and quality of outcome.
If you cannot bear to lose some of the files (family pictures, etc) then you can try and save those files first. Using a computer that is not infected, research on the internet methods for copying files from an infected computer in a way that they can be safely restored. Then after you complete a clean restore of the computer from a prior backup you can restore the individual files. And then immediately make another backup.
If you haven’t been making regular backups (please make regular backups), using a computer that is not infected, research the many methods on how to restore the lost functionality (any Internet search engine will return lots of results). Often, I have to try a handful of different methods to find one that works. Make sure you get rid of the malware program (using the methods listed above) prior to doing this work.
When you are ready, restart your computer in Safe Mode and begin the hard work; usually it isn’t easy or quick. If you are not comfortable enough to perform these steps, hire an IT security expert to clean your system for you and recommend practices and solutions to prevent a reoccurrence.