How to fix computer if you have been hacked or spammed
Has a scammer recently gained control of your computer and you want to make sure they no longer have access?
Scammers use multiple ways of getting control of your computer, some you have control of (you inadvertently grant them access) and others gain access via a computer virus or phishing attack (from a malicious email or compromised website)
- What are Remote-Access Programs?
- How to check what programs are currently running on your computer
- Removing Remote Access Programs from Windows Computers
- Removing Remote Access Programs from Mac Computers
- Removing Viruses and Malware from Windows computers
- Removing Viruses and Malware from Mac computer
- How to prevent Remote-Access when your computer is unattended
These scams are also known as “Remote access scams” or “Technical support scams” and usually involve scammers contacting people over the phone to get access to their computers and to steal their money.
There are multiple ways of defending yourself against such attacks (anti-virus programs, patching programs etc) but this article deals with the deep-cleaning of your computer to remove any programs that may still be lurking on your computer and giving access to others.
To gain access to your computer remotely the scammer must have used an existing or installed a remote access program on your computer… or you have a virus or malware program installed that is doing same. First action is to detect and remove them.
What are Remote-Access Programs?
There are hundreds of legitimate remote-access software products out there legitimately employed by computer-support companies to remotely fix issues on client computers.
Most of these programs will sit inactive on your computer until activated usually by means of a shared code generated when you run the program.
The majority of these programs only work on Microsoft Windows computers (Windows 11, Windows 10, Windows 8/7 etc) but there are a limited number that will also work on Apple Mac computers.
Scammers tend to use the same popular programs used by Microsoft and legitimate IT support companies include “GoToAssist“, “AnyDesk“, “LogMeIn” “ConnectWise Control“,”ScreenConnect” and “TeamViewer” but there are hundreds of others (see here)
Windows 11 and Windows 10 computers also have a built-in-function called “QuickAssist” which does the same thing but cannot be removed as it is built-into Windows.
Most programs require you to pass a code to the remote operator before they can get one-time access (which is only valid until you reboot your computer), so action #1 is to power down your computer or laptop and reboot it. Simply closing the lid of the laptop is not enough. Hold down the power button for at least 30 seconds to ensure the device is completely closed down. Then restart as you usually would.
Rebooting the computer should break the remote session if the installed program was running a single-use session, however, some remote programs such as “TeamViewer” also have a “Host” version that allows remote control at any time the computer is switched on.
So the best way of preventing future events is to look for and remove ALL remote access programs from your computer.
How to check what programs are currently running on your computer
On a Windows computer run “Task Manager” (see How to run Task Manager on Windows 11) there are six ways to do this but the easiest is to right-click the Start button on the taskbar. Select “Task Manager” from the menu that appears.
If all is well, you should only see legitimate programs listed here that are currently running on your computer. If you see a program that you do not recognise, force close it by right-clicking over the program and selecting “End Task”
If you are unsure what the particular program does, select “Search Online” and a browser window will open and give you information about the program.
If “End Task” is greyed-out and not available, then it means you need “admin-rights” to access the task … close task-manager and run Task Manager as an Administrator.
On an Apple Mac computer simple press Command-Option-Escape to see all open applications
Select any unrecognised or remote control programs such as “TeamViewer” and click the Force-Quit button to quit that program.
Removing Remote Access Programs from Windows Computers
Look in the programs or Apps and uninstall any you think maybe remote access programs or have been recently installed and you do not know what they are
Alternatively, from the start button goto – Settings > Apps > Installed Apps
This shows a list of the programs installed on your computer. Look for recently installed programs that you do not recognise or correspond with the date of the security incident you encountered. Uninstall any you suspect.
Removing Remote Access Programs from Mac Computers
In Finder locate the Applications folder and locate any remote-access programs and then by simply dragging the icon to the Trash and follow the prompts to remove the application
Removing Viruses and Malware from Windows computers
The best program to detect and remove malware and computer viruses is called “MalwareBytes” and there is a FREE-Trial version available for occasional users. You can find the Windows version here
Download the file, install the program and let it run and it will automatically detect any suspect programs. All all suspect programs to be quarantined. Your computer may need to restart into safe mode to complete the process, allow this to happen and follow all instructions.
MalwareBytes will clean up your computer but will not prevent further infections. To stop this happening again, keep your devices updated with the latest patches from Microsoft and purchase a reliable Anti Virus product for Windows such as Bitdefender
Removing Viruses and Malware from Mac computers
The best program to detect and remove malware and computer viruses is called “MalwareBytes” and there is a FREE-Trial version available for occasional users. You can find the Mac OS version here
Download the file, install the program and let it run and it will automatically detect any suspect programs. All all suspect programs to be quarantined. Your computer may need to restart into safe mode to complete the process, allow this to happen and follow all instructions.
MalwareBytes will clean up your computer but will not prevent further infections. To stop this happening again, keep your devices updated with the latest patches from Apple and purchase a reliable Anti Virus product for Mac such as Trend Micro
How to prevent Remote-Access when your computer is unattended.
The simplest way of preventing your Computer or Mac from being accessed when unattended is to always shut the device down after use. Do not simply close the lid or let it go to sleep.
Close it down from the menu or simply hold the power button down for 30 seconds.
Further Help and reading
- Visit the Australian Competition and Consumer Commission’s (ACCC) Scamwatch website to learn more about current scam types.
- Contact not-for-profit ID Care via raising an online request form ID Care are Australia and New Zealand’s national identity and cyber safety support service. They have a team of trained counsellors that can assist individuals facing identity and cyber security concerns. https://www.idcare.org
- Visit the Australian Communications and Media Authority Website to learn more about online scams and misinformation.
- The Australian Cyber Security Centre (ACSC) is a federal government led initiative to securely report instances of cybercrime. You can submit a Report at www.cyber.gov.au.