The Windows Club

How do I know if my Computer has been Hacked and what to do next

At times, rather than using the theory of logic and reasoning we follow our gut instinct to understand things instinctively. Hacking is one such instance where this principle may be followed. We know, hackers can get access to your devices in surprising ways and manifest themselves into different avatars that we might not be aware of. IRC Clients, Trojans, Backdoors are some of the malicious programs that are used to hack computers. The least we can do is look for some possible indicators suggesting we might have been hacked and then look for some quick action against it. Here’s how you can know if your Windows computer has been hacked.

How do I know if my computer has been hacked

You know that your computer has been hacked and compromised if you see the following signs:

  1. Your online passwords or settings have been changed
  2. Your computer’s local account passwords have been changed or you see new User Accounts
  3. You are seeing strange posts ‘made by you’ in your social feeds. Or maybe your ‘Friends’ are receiving inappropriate messages, allegedly from you.
  4. Your friends are reporting receiving strange spam or emails from you.
  5. You find that new programs or toolbars have been installed on your computer.
  6. You receive messages from fake antivirus or other rogue software
  7. Your Internet speed has become sluggish and slow
  8. There is a marked increase in Network activity.
  9. Your Firewall is busy blocking several outward connection requests
  10. Your security software has been disabled.
  11. The home page or default browser search engine has been hijacked
  12. Your mouse moves automatically to make selections
  13. You start getting calls from your Bank, Credit Card company, Online Store about non-payment, dip in the bank balance, unexpected outstanding balances or purchases.

Let us take a look at some of these signs in detail, in no specific order.

Change in online passwords

If you notice one or more of your online passwords have changed suddenly, you’ve more than likely been hacked. Here, usually what occurs is that the victim unknowingly responds to an authentic-looking Phishing email that purportedly claimed to be from the service ending up with the changed password. The hacker collects the log-on information, logs on, changes the password, and uses the service to steal money from the victim or the victim’s acquaintances. See how you can avoid Phishing Scams and Attacks. and take steps to prevent your Online Identity Theft.

As a damage control action, you can immediately notify all your contacts about the account compromised. Second, immediately contact the online service to report the compromised account. Most online services are aware of this sort of maliciousness and have the requisite strength and expertise to restore things to normalcy and get the account back under your control with a new password. You can recover hacked Microsoft Accounts, Google Accounts, Facebook account, Twitter account, etc., using their properly laid down procedure.

Amount missing from your bank account

In an event of misfortune, you can lose all your money if a hacker gets access to your personal information (Credit Card, Online Banking details, etc). To avoid this, turn on transaction alerts that send text alerts to you when something unusual is happening. Many financial institutions allow you to set thresholds on transaction amounts, and if the threshold is exceeded or it goes to a foreign country, you’ll be warned. It would be a good idea to follow these Online Banking Tips.

Fake antivirus messages

Fake antivirus warning messages are among the surest signs that your system has been compromised. Clicking No or Cancel to stop the fake virus scan yields no benefit since the damage is already done. These programs, often make use of unpatched software like the Java Runtime Environment to exploit your system.

Frequent random popups

This problem is mostly associated with your browsers and indicates you have unwanted software or malware installed on your computer since websites do not generally generate harmful pop-ups.

Redirected Internet searches or home page

It’s a well-known fact that most hackers make their living by redirecting your browser somewhere else than the address you would want to visit. That’s certainly because hacker gets paid by getting your clicks to appear on someone else’s website, often those who don’t know that the clicks to their site are from malicious redirection.

You can often spot or pinpoint this type of malware by simply typing a few related, very common words into the search bar of popular search engines and checking to see whether the results relevant to your search appear or not. The traffic sent and returned will always be distinctly different on a compromised computer vs. an uncompromised computer.

Is your PC acting as a Botnet Node?

Botnets are networks of compromised computers, controlled by remote attackers in order to perform such illicit tasks as sending spam or attacking other computers. Maybe your computer has been compromised and is acting as a Node.

TIP: Before you proceed, you might want to read our post – Why would someone want to hack my computer?

What to do if your computer has been hacked

1] If you feel that your Windows PC may have been hijacked, you should disconnect from the Internet and boot into Safe Mode and run a full deep scan of your antivirus software. If your security software has been disabled, use a good on-demand antivirus scanner. and run it from an external disk or USB.

2] You may also use specialized tools like Norton Power Eraser, an anti-hacker software or one of these Botnet Removal Tools.

2] You can remove bogus toolbars from the browser using a good Browser Hijacker Removal software.

3] Open your Control Panel and uninstall programs that may look suspicious in nature.

4] When you are connected to the Internet, open a Command Prompt, type the following command and hit Enter:

netstat –ano

With a glance, an IT administrator will be able to To keep a watch on your open Ports, and the network activity going on in the system.

Check for any suspicious connection. Please note that any connection saying ‘Established’ and the PID number and ensure that all such connections are valid connections. If need be, press Ctrl+Shift+Esc to bring up the Task Manager. Then, navigate the mouse cursor to ‘Processes’ tab and hit the ‘View’ tab, select columns and check the Process Identifier PID column. Instantly, the complete list of PID numbers will be displayed. Look for the number you noted down moments ago in the CMD window. If in doubt, terminate the process.

5] Install a bandwidth monitoring tool so that you can keep an eye on your usage. Use Packet Sniffing Tools intercept and log network traffic.

Keep your operating system and installed software updated at all times so as to close all software vulnerabilities and use a good security software.  It is essential to keep yourself aware of these developments since, in today’s threatscape, antivirus software offer no 100% peace of mind. To combat this, antimalware programs that monitor program behaviors – Heuristics – to catch previously unrecognized malware should be used. Other programs that use virtualized environments, VPNs and network traffic detection software can also be deployed for use.

6] Make use of Detekt, a free anti-surveillance software for Windows.

Here are some tips that will help you keep Hackers out of your Windows computer.

If you need more help, please go through this Malware Removal Guide. You may also like to read this post titled, how do you tell if your computer has a virus.