Having a computer hijacked can range from an annoyance to an exceptionally serious problem. In the more extreme cases, financial information can be taken from the computer, the computer could be used as part of a DoS attack or it could be used to host illegal content. If you suspect that your computer has been hijacked, you have two options: surgically remove the malicious software, or back up your data, wipe out your system and reinstall everything from scratch. Have a question? Get an answer from online tech support now!
Removal - Hijack This is a tool developed to detect the type of software that can take control of a computer system, technically referred to as Rootkits. While Hijack This is an in- depth rootkit detection tool, it is also beyond the scope of most home users to read the diagnostic report and then act on its output. The Hijack This forum can be of assistance and is populated with people who are both knowledgeable and helpful, if this is a course of action you feel comfortable pursuing. To a lesser extent anti-virus software can be of assistance. If it detects a rootkit infection, also referred to as Trojan Horses, the anti-virus package may be able to remove it. Be advised: Some of the more sophisticated virus infections have the capability to disarm many of the anti-virus software packages while leaving the user with the belief that they are protected.
Reinstallation - The process of backing up a system, wiping the currently installed operating system, and reinstalling it is well-documented elsewhere. Critical to this discussion is whether this option is the best way to eradicate the hijacking. In most cases this action will ensure that your system will be freed from the hijacking code once the process is complete, but there is a small chance that the virus can be carried over to the new installation with your data. It is also possible, however unlikely, that the virus infected a portion of memory that will not be obliterated during the hard drive erasure. A virus can copy itself to another computer system or to another storage medium, such as an external hard drive, memory card or a USB drive where it can re-infect your system later.
Recommendations - First, establish that the system has been hijacked. Once this is verified, the actual infection should be identified by name. Research that specific infection and base the next course of action on what information is available. If a detailed removal process is given, an attempt should be made to remove the code by following the instructions. Make sure to verify that the removal process has been successful by rebooting the system when finished and running whatever scan found the infection originally. If the surgical removal fails, proceed to the re-installation method and only take the data which is critical to you over to the new computer.