How to Determine if a Computer Has Been Hacked? Diagnose & Cure a PC Virus

Page content

Viruses, Trojans, Keylogers, Oh My!

While some people are simply naive, or ignore security and privacy concerns, I am not one of them. I was a high-end systems and network administrator for several years. My first computer administrator certification was received before there was such a thing as Internet Explorer, or Netscape, or even before TCP/IP came with Windows (you had to install something called Winsock). I write about high-end technology all over the place. Granted, I am no hacker, and am a grade D programmer at best, but I do know my way around computers and networks. Bottom line is that I’m not the guy who falls for the simple tricks.

However, as a writer, I roam all over the Internet looking for information, and not just the information you can get at the “official” source. Sometimes, my online destination isn’t the kind of place you would take your grandmother. Sometimes I go there on purpose, sometimes, I can’t tell the kind of place it is until it’s too late.

I take multiple precautions, of course. I run the NoScript plug-in on Firefox to prevent sites from running JavaScript that might either be malicious, or cover up something else malicious. Likewise, I also us a plug-in called Redirect Remover to stop shifty websites from making it look like I’m clicking a link to one place, while actually sending me to another. And, of course, I have anti-virus software running on my computer.

So, when my computer started acting a little bit funny, my last thought was a virus. However, the more I tried to figure out what was happening, the more it became clear that I didn’t have a typical computer issue.

For me, the clue was dropped characters when typing into Notepad++, a free notepad replacement with a bit more functionality. I have a wireless keyboard and if the batteries get low that starts to happen as well, but it happens on all my applications not just one. Finally, I noticed the kicker. It happened most frequently after typing “tps”. Why is that suspicious? Encrypted websites like banks use https:// addresses instead of the normal https:// addresses. The extra ‘s’ signifies that the site is “secure”. Whatever was on my computer was most likely waiting silently for that combination of characters and then logging what came next hoping that it would be a username and password.

Once I got suspicious, the evidence came in waves. My wireless router was logging denied Internet connections from my PC, and when I went through the running processes on my computer, there were a couple of “normal” processes that seemed to be using too much memory too often. I ran a manual virus scan, and it detected two threats, and then crashed. Not good.

After that, clean up was brutal. Eventually I downloaded three different virus scanners and had to run them after booting from non-writeable CDs, because the virus managed to infect everything else before (or maybe during) the cleaning process. I never got a name, but whatever it was, it was very clever.

When you lose your wallet or purse, the damage from losing the actual items within isn’t near as great as the potential loss from people who exploit what they have found. So, you have to cancel your credit cards, stop payment on checks, and so on. Even then, you have to watch everything for a while, just to be sure.

When you catch a virus like this one, it is very much the same. Since I had no idea, if any, of my passwords being compromised, I had to change every one of them on every website I use, anywhere. Sometimes, having a valid username is enough of a head start that it is prudent to even change those, which isn’t always easy. And, of course, I watch every credit card and my credit reports like a hawk.

And last but by no means least, look for reviews of the products mentioned here at Bright Hub. While they will not guarantee 100% security of your system, the likes of Kaspersky, Panda, McAfee, Norton, et al, are sure to stay one step ahead (or behind!) in the game.

This post is part of the series: Computer Security Versus Computer Viruses and Other Attacks

A tech savvy computer user gets infected by a virus and walks you through how to tell if you’ve been infeced when your virus scanner is quiet and what to do about it. Plus, utilities and resources to help keep your computer secure.

  1. How to Tell if You Have Been Hacked
  2. A Tech Savvy User Gets Infected: Troubleshooting Computer Hacker Attacks