OK

Computer Recovery – post Hacked

What to do after your computer is hacked to near destruction

Looking at my Windows 10 system machine I could almost see the worms racing through the screen, trojans smashing the innards, and keyloggers recording everything with a sadistic smirk. Sigh.

How did they get there – I let them in, believe it or not. I allowed criminals access to the machine, and, as they say, I was fair game from then, on

Well, I tried everything available – ran Bitdefender Total Security, found a bit, but the problems were still there.

Ran Malwarebytes Anti-malware, got some results, but problems continued, so ran again in “safe mode”. Ahh, more trash and smelly stuff, but still not satisfied, so ran Malwarebytes antirootkit in “safe mode” Really got a result, but I was clearly running into system slowdown and hesitation, now.

Checked the Microsoft.com site for assistance. Was directed to the Microsoft endorsed engineers who, after a negotiated fee, helped me understand how bad the damage was to the machine system. Yes, I sat on my hands and did a silent scream!

The answer was to completely replace the windows 10 O/S, so after some frantic backing up of stuff I really wanted to keep, it was time to pull the plug.

On a side note, it always amazes me that even though I do regular backups, there is always stuff I really need but had not included in the backups – little stuff like the desktop file with all those program references…

OK, so to the main purpose of Computer Recovery;- to recover the PC (These instructions were carried out on a Toshiba Laptop running the latest version of Windows 10)

First, make sure your machine is connected to the internet.

Regardless of all the bumph that Microsoft offers as how to start, I had to hold down the shift key (keep it down, while the computer restarts), and use the mouse to click on power/restart.

OK, now I have the start screen: “Choose an option”.

Choose the option “Troubleshoot”

Clicking on “Troubleshoot” gives you an option.

Click “Reset this PC” and you have another option:

Clicking; “Just remove my files” will remove all of your files and re-install a fresh Windows O/S

– but there is another choice, here: Click “Remove everything”, and you get the final set-up screen:

Reset this PC

Yes, the moment has arrived;- click “Clean the drive fully”!

Now the system will clean the disk data, re-install Win10 (in this case) and prepare the computer for you to begin the task of re-installing all your programs and data files.

Just take a careful look at anything you are going to re-install – do I need it, or better still, what is it – maybe a foreigner?

There will be a number of images to indicate progress

You will have plenty of time to think about your programs you may or may not want – the system re-install will take a while, and your machine will re-start more than once or twice…

OK, good luck with your future efforts. If you find these instructions do not work for your system or brand of computer then I suggest you search the web to discover what works for you.

Just remember, don’t trust anyone who approaches you unbidden, don’t let anyone have access to your machine except those who you have good reason to trust, and make sure you have protection in place as well as a regular backup system. All good practices to help ensure you don’t need to do computer recovery again.

I have been involved in providing automated solutions for companies for years. I have prepared detailed presentations and have spoken at events, repetitively warning clients and our staff how to avoid being hacked. Yet, a couple of weeks ago I came seconds close to being a victim myself!

What happened? I was at a Chicago parking meter attempting to use my charge card to get a parking ticket for my car. The card failed the first time but after a few tries it finally went through. I chalked the incident up to the zero-degree weather and a frozen parking meter. Seconds later I received a text stating, “Your card has been restricted. Please call us at 312-985-5635.” I had received a similar email from VISA in the past when my card had been hacked.

“312” is a Chicago area code, and I figured that VISA was concerned about the multiple tries at the meter so I was about to call the number but got suspicious. Instead, I called the VISA number on the back of my card. VISA said my card was not on hold and that everything was fine. Always call the number on the back of the card! Case in point – never let your guard down. A simple coincidence like above can make it seem real and logical. I did a web search on the phone number and sure enough it is a known scam phone number.

What are some of the common ways that you can protect yourself?

  • Avoid Phishing Emails. 156 Million are sent globally daily. 10% fall for a scam and share their personal information. Any email suggesting great urgency or entertainment value, especially with a link should be avoided. One clever trick that is used is emulating a popular email address with just one letter changed. When in a hurry (and who isn’t) it is very easy to click on these. Would you click on an email from DisneyyWorld.com, complete with a picture of Mickey to check out a tempting vacation offer?
  • Avoid Smishing Text Messages. Same as phishing but to text.
  • Use several security programs and update frequently. Do not rely on just one program. Not performing the updates is the same as not having it because new viruses come out every single day.
  • Stay out of “creepy sites” when surfing. If you have a terrible feeling that something is wrong but have already clicked to the site there is a simple way to check if it is safe. In Internet Explorer® click on the picture of the lock on the top right of your browser. That will check the site validation certificate to let you know if it matches. If the site is OK it will say, “This Certificate is OK.” This means whoever says they own it does. If you are on Chrome® you have to click on the 3 dots and go to More Tools then down a few layers in order to find this in Security. Some browsers do not support this function. Be very careful what you click on when power surfing.
  • Build a better password. Use 2-factor authentication. Never store passwords on your computer. Routinely refresh and vary passwords. Use 20 characters or longer. If you can’t live with doing all of these things, at least pick a couple items which will be better than doing nothing.
  • We all know about the phantom messages from friends. Some are responding to emails that you did not send. Most contain a tempting link that you never want to click on. Oddly, while writing this I just received one of these. Very common. Easy to click on in a hurry. Look carefully before you click.
  • Locked computer. While surfing you receive a scary message of how law enforcement has detected a virus on your computer. You have been locked out by Ransomware. Don’t pay. It won’t make a difference.
  • Ignore “pop-up” ads that tell you that a computer virus was detected. Often these tell you to click and the virus will be removed.

Hacking/viruses are a very serious problem. Generally, all circumstances can be avoided by incorporating a simple thought process before you proceed and taking proper precautions. Everyone is hurriedly making it through their day so quick clicks are very common and hackers know this. It is always best to fully read the content and assess all emails and text messages before responding in any way. If you do not have time to thoroughly assess, leave the message until you have time to read it thoroughly. Keep your anti-virus up-to-date and surf safely!