Hacked and Hijacked: What to Do if Your PC Gets Compromised
Symptoms:There are a range of telltale signs that your PC has been infiltrated by a binary ne'er-do-well, but, counterintuitively, the worst case scenario is when there are no obvious symptoms at all. For starters, you may have an infection if your PC or Internet throughput has become consistently sluggish, and a restart doesn't cure it. Frequent, random pop-up windows with ads or system warnings are almost always clues to an infection. And, if you've discovered that your login credentials for any website have been hijacked -- whether for e-mail, banking or Facebook -- there's a possibility that malware is on your PC.
Diagnosis:You're doubtless familiar with at least a few of the ever-multiplying terms for the nasties that can frustrate and even destroy your PC, such as viruses, Trojans, worms, malware, adware, spyware and rootkits. Depending on what bug your computer has caught, the ailment may just be an annoying hindrance, like those viruses that reset your browser home page or spew Viagra pop-up ads. Some varieties, however, are legitimately dangerous. Some can suck up all of the personal info from your PC and send it off to a remote hacker. Others can record your keystrokes in order to steal the password to any site. Still others can take complete control of your PC -- using it to send out spam e-mails by the millions, to host porn or illegal software, or even to attack corporations and governments. Botnets -- networks of thousands or even millions of hacked PCs that have been turned into "zombie" armies under the control of an individual or group -- are actively used by organized crime these days. It's serious stuff.
Side note: At the risk of starting a commenter flame war, currently all of these ills -- and by that we mean 99.999999-percent, in real-world circumstances -- only affect Windows users. So, if you are a Mac or Linux user who hasn't shut off your firewall or installed sketchy pirated software, any computer issues you have are almost definitely software- or hardware-related. We're sure some day soon you'll have to worry about this stuff, and a few instances of malware on OSX have crept up, but it's currently a non-issue. You'd certainly be smart to run anti-virus software, but the odds your OS X or Linux box have been infected with something are extremely low to non-existent. (Flame on!)
If you're a Windows user and have ruled out software and hardware issues, it's safe to assume you've been infected with something. Congratulations! Figuring out what it is, or they are, can be as simple as running a garden variety anti-virus program. For especially devious bugs, though, you may need more specialized care. In some cases, it may end up being more time- and cost-efficient to call it a day, erase your hard drive altogether, and reinstall the OS -- after backing up all of your important files and media to an external hard drive first!
Causes:Hopping online without having a secure, "hardened" PC is the equivalent of walking down a dark alley with wads of Benjies hanging out of your pockets. An old but intriguing study by the SANS institute documented how a bare Windows XP system would be compromised in under 20 minutes simply by being plugged into the 'Net. The good news is that Microsoft has made great strides with security since then, and Windows 7 in particular is notably robust out-of-the-box (and technically even more secure than Apple's vaunted OSX, by some accounts). Yet, for some reason, a healthy plurality of Windows users still use XP (about 40-percent). Plus, while there have been a million security patches in the intervening years, a lot of users just don't bother to install updates, much less upgrade their operating system.
As a result, even basic Web surfing on an older, unmaintained PC is enough to get socked by so-called drive-by infections (whereby simply visiting sites that have been hijacked can install malware on your PC). Downloading torrents and cracked software are also surefire ways to put your PC at risk. Simply visiting torrent sites (and porn sites) can be just as disastrous. Flash drives are especially popular in corporate and government espionage, and an exceedingly common way for malware to be spread. But, by far the most prevalent way to hose your PC is by clicking on links in places you shouldn't: spam e-mails, pop-up windows, and unsolicited messages on Skype and instant messaging applications.
With older Windows systems, users often sign into their PCs as administrators. If a user does so, and he is duped into accidentally installing malware, the bug is able to burrow deep into the PC. Newer versions of Windows require users to enter the administrator password every time they want to install something that can affect the system (instead of just their account).
- As always, back up all your most important files, applications and data to an external hard drive, lest you lose it all if your PC dies on you. You should do this regularly anyway, but definitely do it now.
- Check and make sure a firewall is installed and running. (Click here to see how depending on your Windows Version.)
- Install all the Windows security patches you may have neglected in the past; if you're a novice user with generally basic needs, we'd recommend allowing automatic updates directly from Microsoft, though advanced users may prefer to do so manually. (Click here for info on how to enable automatic updates.)
- Update and run an anti-virus program. (Remember the one you quit updating when the free trial ran out?) Either pay up, or install a free version of anti-virus/malware software, such as Microsoft's own Security Essentials 1.0 or Ad-aware Free Internet Security (which we prefer). Update them, run them, and run them again. It may take a while depending on how big your hard drive is and how slowly your PC runs.
- If things still aren't hunky-dory, you'll need to try a hybrid approach. Install and run an alternate security application, such as Spybot Seach and Destroy (free) or pony up for Spyware Doctor 2011 ($30), Norton Anti-Virus 2011 ($40) or Kaspersky Anti-Virus 2011 ($40); we're partial to Spyware Doc as it gets top marks from testing labs, but it's still possible for any one of these programs to clean up stuff others can't, and vice versa. Be warned that you'll likely have to uninstall or disable security software before installing and running new ones or they'll cause trouble; check the specifications of whatever program you use first before attempting to install another.
- Some malware is smart enough to prevent you from doing any of the above, or will have hacked up your system so thoroughly that you'll need to download anti-virus software to a separate PC, put it on a flash drive and then plug it into the infected PC and attempt to install and run it. If that doesn't work, trying rebooting your PC into safe mode (by hitting F8 until you see the Safe Mode screen after hitting restart). And if that fails you may need to boot from a system CD that came with your PC, and then install and run the downloaded software.
- It's still possible that newer rootkits and malware can evade detection or removal from even top-shelf security programs, in which case you'll need pro help. We're fans of the Tech Support Guy forums, where kind-hearted experts diagnose and try to cure intractably sick machines for free. But the process isn't for the faint-hearted, and is best left to the technically inclined. It's worth a shot, though; otherwise it's up to you to find a reliable and trustworthy professional -- and again, make sure you've backed up everything before handing your PC over to anyone.
- If you haven't already, create an administrator account on your PC. Then, create another account for you (or several for family members) that requires you to log out and use the administrative password whenever you want to install software. (Click here for directions.) These maneuvers will go a long way in keeping malware and crapware off your PC.