How many times have you heard this question?
Often friends and colleagues ask me “my computer was hacked/infected, what can i do right now?”
There are different type of response, often based on the other party’s technical knowledge.
However, broadly speaking, the ten steps provided by this article on LifeWire are (almost) all very useful:
1. Isolate Your Computer
Isolation will prevent it from being used to attack other computers as well as preventing the hacker from continuing to be able to obtain files and other information.
Really useful in case of ransomware.
2. Shutdown and remove the hard drive and connect it to another computer as a non-bootable drive
If your computer is compromised you need to shut it down to prevent further damage to your files.
3. Scan your drive for infection and malware
Use the other host PC’s anti-virus , anti-spyware, and anti-rootkit scanners to ensure detection and removal of any infection from the file system on your hard drive.
4. Backup your important files from the previously infected drive
You’ll want to get all your personal data off of the previously infected drive. Copy your photos, documents, media, and other personal files to DVD, CD, or another clean hard drive.
IMHO: backup, backup, backup every day!
5. Move your drive back to your PC
Once you have verified that your file backup has succeeded, you can move the drive back to your old PC and prepare for the next part of the recovery process.
6. Completely wipe your old hard drive (repartition, and format)
After you have backed up all your data and put the hard drive back in your computer, use a secure disk erase utility to completely wipe the drive.
Even the wipe? Shure?
7. Reload the operating system from trusted media and install updates
Using trusted media helps to ensure that a virus present on tainted operating system disks doesn’t reinfect your PC.
8. Reinstall anti-virus, anti-spyware, and other security software prior to any other programs.
Before loading any other applications, you should load and patch all your security related software.
9. Scan your data backup disks for viruses before your copy them back to your computer
Even though you are fairly certain that everything is clean, always scan your data files prior to reintroducing them back into your system.
10. Make a complete backup of your system
Once everything is in pristine condition you should do a complete backup so that if this ever happens again you won’t spend as much time reloading your system.
For more information, take a look to the original article: https://www.lifewire.com/ive-been-hacked-now-what-2487230