Weekly released mini-blogs featuring signs you may be hacked and how to fix them.
When you find unexpected software on your computer
If you have software on your computer that you did not install you may or may not have been hacked – you may have just been tricked.
In the early days most malware were computer viruses; which work by modifying other legitimate programs. They did this to better hide themselves. For whatever reason, most malware programs these days are Trojans and worms, and they typically install themselves in the same way as legitimate programs.
Oftentimes the unwanted software is legally installed by other programs you choose to install. Frequently the end user license agreement (EULA) plainly states that they will be installing one or more other programs; it just buries it in the details. Sometimes, if you pay close attention to the install process, you can opt out of these other installed programs; other times you can’t. This is the difference between doing business with legitimate software companies versus companies that try and trick you into using their products.
WHAT TO DO – BEFORE INFECTION
Websites rarely send emails asking you to provide your logon information. When in doubt, go to the website directly; don’t use the links sent to you in the email. See if the same information is being requested when you log on using a known legitimate method. You can also call the service via their phone line or email them to report the suspected phishing email or to confirm its validity.
WHAT TO DO – AFTER INFECTON
There are many free programs that allow you to monitor all of your installed programs and let you selectively disable them. If you have Windows it includes programs like Windows Autoruns. It doesn’t show you every program installed but will tell you the ones that automatically start themselves when your PC is restarted. Most malware programs can be found there. The hard part is determining what is and what isn’t legitimate. When in doubt, Google the name and decide if you need to disable or remove the unrecognized program.