Hackers get into your computer for a variety of reasons. Some wish to steal sensitive information and sell it on the dark Web. Others will hold your computer to ransom till you pay up, while others are just in to mess you up or use your computer as a zombie in another elaborate hacking attempt on others. Even if the hacker doesn’t demand anything from you, it is still possible to determine if you have been hacked. And when you realise it, you might need more than an antivirus and malware protection software to be free of the infection. You should take the following steps to restore your computer.
Quarantine
Before you even decide to use an antivirus or malware remover, the first thing to do when you realise you have been hacked is to quarantine your computer. This means disconnect your computer from any internet source and from all networks and computers. Remember that the hacker needs the internet to siphon sensitive data from your computer. Disconnecting your computer blocks that access even if it doesn’t remove the malicious code from your system.
Don’t try to turn off the Wi-Fi access through the computer, as a hacked computer can prevent you or even trick you into thinking you are offline. Instead, turn off your router or remove the network cable. Make sure your computer is no longer connected to any company or house network in order to prevent any contagion.
Remove your hard drive
The goal now is to try and recover your hard drive. While you might be tempted to use an antivirus or malware remover immediately, note that the virus could have compromised so much that the antivirus or malware remover would miss it. Also, the fact that the hacker got into your system anyway must mean something is up with your antivirus.
You should therefore disconnect your hard disk. Then set it as a slave drive, and connect it to another computer. You could also install a new drive as primary drive in the same computer and set up your infected drive as a slave drive. By setting it to slave, the new computer will not try to boot from this infected drive. There are different ways of connecting your drive; one is by opening up the PC to remove the drive, the other is via a USB caddy. At this stage, it is important to ensure that you have a well-configured antivirus and malware protection software on your primary drive.
Scan and back up your files
The next step is to scan the slave drive for the malicious code the hacker used to infiltrate you computer. If you are using a default antivirus that already came with your computer, this might be the time to upgrade to something more powerful. Do multiple full scans where possible, using different antivirus and malware protection software.
After making sure that the drive is rid of the hacker’s footprint, you can go ahead and save all relevant data. If you have not been backing up your data, this should be the first step to doing so regularly. Make sure you do a back up of only relevant files. Having done that, you can then erase that drive. Do not use only the formatting function. There are different disk erasure utilities you can use. The idea is to have a blank hard drive that has been rid of all of the hacker’s virus or malware no matter how stealth they are.
Restart all over again
The next step is to re-install a new operating system onto your blank hard disk. Make sure you are downloading it from a secure marketplace and not a torrent site. You can also install the applications you need. After installing a new, powerful antivirus or malware protection software, you can go ahead and copy the files you salvaged from the old hard disk.
Make sure you immediately change all passwords you have entered on the old hard drive. Consider using a password manager in the future if you have to log in to a lot of platforms.