Few things can be as frustrating to the user as unauthorized access to a computer. If you think your computer has been jailbroken, disconnect it from the internet first. Then, find the vulnerabilities that the attacker exploited to break into the system and fix them. Then take steps to avoid similar intrusions in the future.
Steps
Part 1 of 2: Signs of unauthorized access
Step 1. Disconnect your computer from the Internet
Do this if you think someone else has access to it. Disconnect Ethernet cables and Wi-Fi connection.
- The most obvious signs of active unauthorized access are moving the cursor, launching programs, or deleting files without your participation. However, not all pop-ups should alarm you - they also appear during the automatic updating process of many programs.
- Slow internet connections or unfamiliar programs are not necessarily the result of unauthorized access.
Step 2. Check the list of recently opened files and programs
On both Windows computers and Macs, it's easy to see which files were opened last and which programs were recently used. If these lists contain unfamiliar objects, it is possible that someone has access to your computer. Here's how to check it:
- Windows: To see which files have recently been opened, press Windows + E to open File Explorer. At the bottom of the main panel, check "Recent Files" to see if there is anything among them that you did not open yourself. You can also see a list of recent documents at the top of the Start menu.
- Mac: Click the Apple menu in the upper left corner of your screen and select Recent. Then click Applications (for a list of recently used programs), Documents (for a list of files), or Servers (for a list of remote outgoing connections).
Step 3. Start Task Manager or System Monitor
Using these utilities, you can identify active processes.
- On Windows, press Ctrl + Shift + Esc.
- On Mac OS, open the Applications folder, double-click Utilities, and then double-click System Monitor.
Step 4. In the list of running programs, find programs for remote access
Also look for any unfamiliar or suspicious programs in this list. Here are some popular remote access software that can be installed without the user's knowledge:
- VNC, RealVNC, TightVNC, UltraVNC, LogMeIn, GoToMyPC, TeamViewer.
- Also look for unfamiliar or suspicious programs. If you do not know the purpose of this or that active process, find information about it on the Internet.
Step 5. Pay attention to the abnormally high CPU utilization
It is displayed in the Task Manager or System Monitor. High processor utilization is normal and does not indicate a compromised computer, but if it occurs when no one is using the computer, most likely a lot of processes are running in the background, which is very suspicious. Keep in mind that high CPU utilization may simply mean background system updates or large file downloads (which you may have forgotten about).
Step 6. Scan your computer for viruses and malware
If you have Windows 10, you can use the built-in scanning tools: Settings > Updates and security > Windows Security.
Mac users can find information on how to use Mac scanning tools.
- If your computer does not have antivirus software, download the installer to another computer and copy it to your computer using a USB drive. Install antivirus and scan your system.
- One of the free and easy-to-use malware scanners for both Windows and Mac is Malwarebytes Anti-Malware. It can be downloaded from
Step 7. Quarantine the detected malware
If your antivirus or malware scan finds suspicious objects, quarantine them so they can no longer harm the system.
Step 8. Download and run Malwarebytes Anti-Rootkit Beta
This program can be downloaded free of charge from malwarebytes.org/antirootkit/. Anti-Rootkit Beta detects and removes rootkits, which are malicious programs that allow an attacker to gain a foothold in the system and hide traces of infiltration. A full system scan will take some time.
Step 9. Monitor your computer's behavior after removing malware
Even if antivirus and / or other software has found and removed malware, monitor your computer's behavior to determine if there is any hidden malware.
Step 10. Change all passwords
If your computer is compromised, it is most likely that the attacker obtained your passwords using a keylogger. In this case, change the passwords for different accounts. Do not use the same password for different sites or services.
Step 11. Log out of all accounts
Do this after changing passwords. Sign out of accounts on all devices on which you use these accounts. In this case, the attacker will not be able to use the old passwords.
Step 12. Reinstall the operating system if you cannot block unauthorized access to your computer
This is the only reliable way to prevent intrusion and get rid of all malicious files. Please back up important data before reinstalling the system, as the process of reinstalling the system will delete all information.
- When backing up your data, scan each file, because there is a risk that old files will lead to infection of the reinstalled system.
- Read this article for more information on how to reinstall your Windows or Mac OS system.
Part 2 of 2: Preventing Unauthorized Access
Step 1. Configure automatic updates of the anti-virus program
Modern antivirus detects malware before it gets on your computer. Windows comes with Windows Defender, which is a pretty good antivirus that runs and updates in the background. You can also download an excellent and free antivirus such as BitDefender, Avast! or AVG. Remember that only one anti-virus program can be installed on a computer.
- Read this article for more information on how to enable Windows Defender.
- Read this article for more information on how to install your antivirus software (in which case Windows Defender will turn off automatically).
Step 2. Configure the firewall
Unless you own the server or run a remote access program, there is no need to keep ports open. Most programs that need open ports use UPnP, which means that ports are opened and closed as needed. Permanently open ports are the main vulnerability of the system.
Read this article and then check if all ports are closed (unless you own the server)
Step 3. Be careful with email attachments
They are the most popular way of spreading viruses and malware. Open attachments to letters from people you know, and even in this case, it is better to contact the sender and clarify whether he sent any attachments. If the sender's computer is infected, malware will be sent out without his knowledge.
Step 4. Set up strong passwords
Every secure account or program must have a unique and strong password. In this case, an attacker will not be able to use the password for one account to hack into another. Find information on the internet on how to use a password manager.
Step 5. Do not use free Wi-Fi hotspots
Such networks are insecure because you cannot know if someone is monitoring your inbound and outbound traffic. By monitoring traffic, an attacker can gain access to the browser or more important processes. To keep your system safe while connected to the free wireless network, use a VPN service that encrypts traffic.
Read this article for information on how to connect to a VPN service
Step 6. Be careful with programs downloaded from the Internet
Many free programs that can be found on the Internet include additional and often unnecessary software. Therefore, during the installation of any program, choose a custom installation to discard unnecessary software. Also, do not download "pirated" (unlicensed) software, because it may contain malicious code.
Advice
- Be aware that sometimes the computer may wake up itself to install updates. Many modern computers are set to automatically install updates, usually at night when the computer is not in use. If the computer seems to turn on by itself when you are not touching it, it is likely waking up to download updates.
- The likelihood that someone has gained remote access to your computer is there, but very small. You can take steps to prevent an invasion.