Hello dear friends,
In my experience as a Support Technician I have stumbled upon quite a few types of infection, so I decided to write an article on why we get infected in the first place and how to protect ourselves. Let's put ourselves in the shoes of the ill intended person who created the infection in the first place. If we take the time to write malicious code, we would definitely want some kind of benefit from it. Otherwise it would just be a waste of time, right?
So, how can one make money, by infecting a computer?
Here are some examples:
1. Steal payment information - this is the easiest way to make money.
2. Steal e-mail contacts - we could sell these to other ill intended people, so they can have a large database of e-mail addresses they can send scam e-mails to. This will bring the ill intended person more benefits than just stealing your payment information.
3. Steal your browsing habit. With such information at hand, they can create phishing sites (sites that look exactly as the original) with which they can either get access to your e-mail contacts or payment information.
4. Steal your internet band. The programs these ill intended people run, could run directly from your computer, making you an unaware accomplice.
5. Steal company information and other "secret" documents. This is valid for most of us, even if we do not hold any classified information. With information comes power, so even if the document they steal is only an essay on marine life, they could be able to sell it to someone who's interested in buying.
6. Steal images. It's not uncommon for adult sites to buy images of beautiful young girls/boys, to display on their site, regardless of the owners consent.
7. Scam. Sometimes, an ill intended person can write an infection to mess with the computer's settings and make the person owning the computer believe that they can remove the infection only if they buy a removal tool (which of course they provide).
And so on... These are just a few examples that should make you aware that anything on your computer can be stolen and sold. The infection can combine two or more of the above. So, what can we do about it?
I personally recommend and do this, even if it's a tedious process in the beginning:
1. The first thing you will want to do is start with a clean Windows installation. Then, install your Antivirus, install all Windows Updates, install your drivers for external hardware, and install your other applications (such as the mobile phone control panel, your printers control panel and so on).
At this stage, you should install only the programs and applications that you know for a fact that they are infection free. Instead of creating a restore point, which can become infected, at this point we will do a registry backup:
XP and Vista:
https://support.microsoft.com/kb/322756
Windows 7:
https://windows.microsoft.com/en-US/windows7/Back-up-the-registry
It sounds fancy, but it's very easy to do. Make sure to save this on an external drive (external hard disk, USB flash disk, or burn it on a CD). Whenever you install a new program which is safe (it has proven to be safe), you can make a new backup of the registry. This will keep your system updated.
2. Now that we know for a fact that we can restore our registry whenever we want, thus restoring the instructions the computer needs, in order to run the system files, we can restore the actual files, if needed (when needed), with a simple command in Command Prompt (cmd.exe):
sfc /scannow. Take note that this only restores system files, so if the files of your programs become corrupted, you may need to re-install them.
3. The last thing we want to make sure of is that we save all our personal (documents, images, movies) on another drive. Whatever files that you do not use on a daily basis, you should save(backup) on another drive (online backup, external hard disk and so on) I know that this calls for an investment, but in case our system get's corrupted, the information that can be stolen is minimized and also the files are less likely to become corrupted by the infection.
Ok, what this provides us with is a way to delete the infection, regardless of it's type, without us loosing precious information or files. It also allows us to restore the computer with just a few clicks and typing, without having to start from scratch again.
For people who want to protect even more, I will return with a guide on how to backup and restore your other personal information and settings, such as your browser history and favorites, your e-mails and contacts, your Desktop and so on, but those three steps are the minimum protection steps anyone should take the time and follow.
Best wishes,