See cuddly´s malware removal guide over at reddit: http://snipe.pm/malware-guide
The computer surgeon
If your computer has catched a cold it needs a remedy much like we humans do. It might be infected with a severe cold like ransomware or something milder like ad-pop ups.
When your computer has a cold you need to become a surgeon, not any surgeon, a computer surgeon. In your arsenal of tools as a computer surgeon you do not use a stethoscope or sphygmomanometers, much like these tools however you use specialized software-tools built by people that helps you make your job of getting the virus out of your computer easier.
There are many virus removal tools out on the market. But just as there are bad tools for doctors, there are bad tools for computer doctors. Some virus-removal programs on the internet are viruses themselves. How you might ask? It is, unfortunately, some peoples business model to trick people into buying their software and then extract data out of their customers. Because of this reason you should beware of that there are options out on the market that will do nothing but infecting your computer more. Make sure to read online reviews about virus removal programs before downloading. Googling (using google's search engine and typing in a query) XXX-Virus removal tool on Google followed by 'Reddit' or 'Stackexchange' will bring up different peoples opinions and experiences with a program. Be sure to do the googling first to make sure a program is safe.
The computer surgeon should also be aware that malware removal tools slow down the computer, especially if the software is installed permanently. A computer virus scanner or removal tool often comes with a
monitoring feature. The monitoring feature is a guardian that catches 'computer-colds' so they don't infect your computer. This feature is there to help you but at the expense of your computer speed. When a monitoring program runs on your computer your computer uses some (or a lot of) it's resources to help the program do it's job. Since malware is stored somewhere in our computers (it can be either in your Working memory (RAM, random access memory) or in your long term memory (harddrive)) our monitoring software is playing a game of find the needle in a haystack.
If you were to find a needle in a haystack it would take quite a lot of effort from your part. It's very similar with computers and virus-scanning and monitoring programs. These program are searching through your entire library of documents and in your computers preferences to make sure that everything is okay.
Were do computer viruses live?
Just like how a tick's likes to be cozy up in your private parts, because it's hard to spot them there, a computer virus aims to be as undetectable as possible. After all it's another human being that created the virus and this person does not want you to know were the virus is located so you can remove it.
Viruses often work by first infecting one part of your computer, usually the registry, and then spreading across all your files. So just like viruses in humans it multiplies from one location, hence the name, computer virus. Some viruses, for example, mimics the way that that a normal computer would work and when they have fully infected the computer they lock the entire system down and ask the user to pay a price to unlock their files. These kinds of viruses are called ransomware due to their nature of asking for a ransom to unlock what is already yours.
Common computer viruses
Candy toolbars & 'AD pop-ups'
The most common kind of virus that users become infected with in my experience are web-browser toolbars. These are 'extra toolbars' that are supposed to help you search better across the net but in reality they are making your computer slower by using a lot of precious resources and are programmed in a way to generate money to the person that created the program by either running what's called a bit-coin miner (a small program that uses your CPU power to mine virutal coins called BitCoins that can be exchanged for real money) or are redirecting all of your traffic to them so they can read what you search on google and sell that information to the highest bidder, or a combination of both.
When infected with a ransom everything will look fine in the beginning but them BAM your computer locks itself up and tells you to that all of your files have been encrypted and you need to pay a price to unlock your files again. This price is often very high. What does encryption mean? Encryption is a tool that was developed to keep secrets secrets and do that very good. It was developed for military use but was such an valuable asset that it's creators released the algorithms to the general public so that they can keep their secrets secrets too. When you use Google or iCloud (from apple) your data is encrypted so that Google or Apple cannot read your personal data (atleast they say so). But in the case of Ransomware, what was once good has become bad and encryption is used against the user to ask the user for a sum of money so that the user can unlock his/her files.
Newer types of ransomware are ferocious like an angry tiger, even more so than their old counterparts. You see a computer consists out of it's local hardware but it also exists in a larger network of other computers called the Internet. What is local is on your computer and what is on the internet are files that are not on your computer, but are made available to your computer by other people.
I like to think about this as a conversation with another person. Local conversations are conversations were you and the other person are present in the same room, while the internet is more like you dialing the other person over a phone.
Just like how you can infect someone with your cold by sneezing in their face when you are in the same room (please don't do that); newer types of viruses look at your local network to see if it can sneeze on other computers in close proximity.
If you are using a cloud service provider, like Dropbox or Google Drive, the virus-creators have been creative and teached the virus to also sneeze it's way into these services. And in doing so it can spread long ways, especially if you are collaborating with other people over the internet. It may also sneeze, i mean, send, unauthorized emails to your colleagues in an attempt to infect their computers.
Ransoms have become very popular in the virus-community because its very profitable and people need to have their files accessible. There are computer researchers and members at universities that are dedicating their precious time to create counter-measure tools to to ransoms. These counter-measures are released freely on the web but take time and money to develop.
Standard procedures to keep your files safe for that one time when you get a virus and lose everything from the last 20 years. Or if your computer is dropped from a 10 story building.
You are smart. You can foresee a plan for when you might accidentally click that ad in the corner of the website and just happen to click on a an ad that infects your computer with ransomware. You have a backup plan.
Backups are worth their initial setup. Google is developing a backup-tool, much like their google-photos application, that works for your entire computer. Apple's iCloud can back up your computer entirely to the cloud so your files are safer. Much like choosing toothpaste in the grocery store you have a range of options available to you.
There is something called the 3-2-1 backup guideline. It goes like this: Have at least three copies of your data. Store the copies on two different media. Keep one backup copy offsite. This guideline will keep you floating when your files are are crashing. More about this below.
You can opt-in and buy another hard-drive for your computer or use an online service that does the backing-up for you automatically. If you are backing up locally (remember, you have your computer and the external hard-drive in the same room) you are prone to your disk failing and need to think about how to keep your files safe in-case your backup disk stops spinning (this is the 2 in the 3-2-1 guideline). In the unlikely event that your home catches fire online solutions help you retrieve your data.
Backing up online (offsite, the 1 in the 3-2-1 guideline) requires you to have a somewhat speedy internet but keeps your files safer because you do not need to keep track of any hard-drives (that is done by the company that you pay to store your backups) or in the event of a natural disaster your files are backed up safely to a distant location. As with anything online you will need to keep an eye open about what kind of company you are entrusting and letting your files get backed up to. Is this company trustworthy? Are they extracting data from your files without your consent? Are they transparent? What type of encryption do they use...? are good questions to ask yourself if you are concered about your privacy.
If you are collaborating with someone else, especially over a cloud service like Dropbox or Google drive, and you get an infection make sure to inform your colleagues right away. Informing them that you have got a virus and that they should not open any email from you for a while (you might use an alternative email address accessible only from the web in the meantime, for example, create a new google mail address and use that temporarily) keeps everyones files safer.
Making your computers immune system better
Remember that ad that you clicked that infected your computer, in the example above? To make it harder to get infected in the future you can make the computers "immune system" better at spotting viruses.
At what place does your computer catch the most amount of viruses? When you have unplugged your computer from the internet, or when you are browsing the internet? (when you are browsing the internet). Because of this reason you need to make your browsing habits safer.
There are a few tools that i use and suggest you have a look at. These are tools that are installed in your browser, called
plugins, and are, just like the name implies, another piece of software designed by another human that are optionally plugged in into the software that you use to browse the web with (You plug the plugin into Google Chrome or Firefox for example).
- No more Internet Explorer. There are better options out there.
- The second step (for most people) is to choose either Chrome or FireFox, there also also a host of other browsers like Opera and Yandex. I recommend any of the first two mentioned (Firefox or Chrome), they have proven themselves reliable and because they have a lot of plugins that can be used to enhance workflow.
- Thirdly, install broswer-plugins to make you computers immune system the best it can be.
Rundown of problemsniper.com recommended browser extensions/plugins for security:
Is a fast, lightweight adblocker that does not track you when you browse the web. It is is opensource, meaning that a lot of people are contributing to the software and they make sure that there are not sneaky tracking things inside of the plugin that sells information about you to other companies. An added bonus, since you will no longer see ads on YouTube or any-were else you will save computer resources from loading ads on the webpage which makes your browsing experience snappier and faster. Keep in mind that for the websites that you like, which are ad-supported, to turn the plugin off so that you can support the content creators of the website.
Badger and Disconnect works in the same way. They allow you to specify what should run on a website and what should not. For example, you can target ads to run or not run with this plugin. Keep in mind that this software blocks thing on websites from running. Anything that Privacy Badger or Disconnect thinks is suspicious (they use a database to determine if something is suspicious and should be blocked) they block. This means that some features of websites can become broken when you use these programs, it's easy to fix this issue. You can read more about fixing this issue here.
On windows download the program 'uncheky'. This program unchecks 'extra toolbars' or other ad-pop-up software that comes bundled with some computer programs.
As an added bonus (because i love and care about your safety on the internet), i recommend that you use what's known as a Password Manager. Password managers were built by people that didn't like to keep track of all their passwords and wanted to automate that process. They work much like a bank-vaults, but are created for everything password related to your computer. You create a master-password and with that password you can access you vault of passwords. Password managers are great because they create strong passwords for you to use (my google account password has 99 characters in it) and allows you to work much faster with your computer because it auto-fills your login credentials when you have signed in. I recommend LastPass because they are cheap and reliable and have a good user interface. Also because they use AES-256 encryption to store passwords, their service has never been broken into as far as i know either. Other options for you to investigate are DashLane, 1Password or opensource alternatives like KeePass. You can read more about password managers here: (to be updated).
My computer has catched a cold, what do i do now?
See cuddly´s removal guide over at reddit: http://snipe.pm/malware-guide
You are now armed with new tools and knowledge to increase your computers immune system and make surgeries in your computer when it has cached a really bad cold.
Hope this helps.