It’s a scary fact of digital life that there are a lot of ways your PC can be exposed. Maybe you’ve been hacked by a state agent, or cracked by weird Nazi trolls. Fortunately you’re not powerless, and there are lots of ways to fight back. You don’t need to be a hacker, cracker, or computer savant to protect your laptop.
If you suspect that something unwelcome has taken root on your computer, these are the best ways to root out the cause of the problem and claim back your machine.
Viruses and spyware
If your computer is slowing down and behaving erratically, you might have a virus or spyware app to contend with (or you might just have a really old computer). If you’ve already got antivirus software set up, then most threats should be blocked, but there’s always a chance that something has crept through — like a freeware app that isn’t what it says it is.
The obvious place to start is with whatever antivirus program you have: Update its definitions and run the most thorough scan it can offer. It's possible that since the malware took hold, your security app has been updated to spot it (security companies say a lot of the CIA's preferred hacking tools have now been blocked).
Weeding out viruses or spyware that are already on board your machine can be difficult though, as they're often built to evade standard removal tools. Specialist on-demand scanners, such as the ones offered by Kaspersky, BitDefender, SuperAntiSpyware and Microsoft can run thorough scans and remove threats without installing a full security suite on your PC.
If you're noticing a specific issue or a specific error message, a quick web search will help -- a specific removal tool might be available that you can make use of, or there might be specific steps you need to work through to get rid of the threat. On top of that, the old adage to always keep your software updated is still as relevant as ever.
Bad browser extensions
Browser extensions are fantastic, but they're not all as wholesome and as friendly as they claim to be. Like apps on your phone, the less scrupulous add-ons can monitor your online activities, steal your data, and more.
If you want to avoid this threat completely you can, of course, not use any extensions at all. On the other hand, there's probably a plug-in or two that you've come to rely on, and it's a shame to shut off all the possible functionality just to try and stay safe.
Whenever you suspect a bad extension might have got a foothold in your browser, the most straightforward step is to uninstall it as soon as you can, but it's often difficult to tell when these malicious add-ons are doing anything wrong, despite increased efforts from the browser makers themselves.
Between your browser's security measures and the antivirus software you have installed at the OS level, a lot of bad actors should get spotted and deleted. If you need extra help then use a separate tool to double check, like the one provided by Google, this utility from Avast or this free extension from security firm Qualys.
Exposed online accounts
In today's computing age, there's even more of our sensitive data online than on our computers, and so online hacks can be devastating. We've talked before about how changing your passwords is the most effective and immediate course of action to take after a problem like Cloudbleed, where masses of data are potentially exposed.
Changing your passwords online is a smart way of booting out anyone who's in your accounts who shouldn't be, but there's more you can do. Check for activity inside your accounts that you don't recognise, which is an option with most services: activity logs can be found here for Facebook, here for Twitter, and here for Google, for example.
In most cases you have the option to remotely log out of all other sessions, making sure you're the only person in your accounts, which is a step we'd recommend after changing your passwords. It's also worth reviewing which third-party apps you have connected to your social media accounts and booting out the ones you don't use, as this could be another way unwelcome visitors are getting access to your online data.
If you find yourself unable to actually get into one or more of your accounts, take a deep breath and start working through whatever official recovery processes are in place: In many cases you will be able to get your account back by proving you are who you say you are, but the procedure varies from service to service. In the case of Facebook, for example, you can get some of your friends to validate your claims.