So, the unthinkable, the only thing which you always thought that it can’t happen to you did happen: your computer got a virus or more.
What to do now?
First of all, don’t be scared and think well before taking the next steps.
Many people format first their computer and reinstall the operating system or even change their hardware without thinking at the consequences: you lose all your data!
Let’s start with a risk analysis of the situation without going into too many technical details.
If you have a file infector virus (e.g. W32/Stanit) then potentially any access to other executable files would lead to new infections with this virus. If you have a keylogger, there might be the danger that it may have recorded all keystrokes, or it may be sophisticated enough to monitor for specific activity – like opening a web browser pointing to your online banking site. If it spied on your login credentials then you might have a long term problem. If it was a trojan, it might have downloaded other malicious software on your computer.
Of course, you can’t really know what kind of virus it is unless you work in a Virus Lab, so the best thing to do in case of an infection is to perform an offline scan. An offline scan means that the operating system is not started and you have full access to all files existing on the hard drive of your computer.
Our Knowledge Base provides a very short and useful How-To in three steps:
- Start your computer in Safe Mode and run a full scan with Avira software (in safe mode)
- Download and create Avira Rescue CD
- Start the computer with Avira Rescue System and use it
At this point, the computer should be clean but you’re not done yet. You must find out how did you get the virus in the first place:
- did it come via email?
- did you download it via a website?
- was it from a freeware product you used?
- did you use cracked software?
But, independent on which way you got it, make sure you have always your antivirus active and if you do deactivate it even temporarily, make sure you don’t do that action which got you the virus again. Just to be sure, simply never deactivate your antivirus.
We also recommend performing the following actions immediately after system cleaning:
- check your email accounts (Outbox, Sent items) – The virus might have distributed itself via email to all your contacts and it would make sense to inform your contacts that they might receive strange emails from you. They should erase them without opening.
- change the login data for home banking, eBay, Amazon, PayPal, Facebook and so on – in case the virus installed also a keylogger as payload, change all your password immediately.
- keep a close eye on your finances for the next couple of months – if the keylogger was long enough active on your system, it might happen that the cyber criminals already have your credit card data or other login information which they can use to get some money from you.
If you can’t manage to get rid of that virus you can always call for help.
© Copyright 2013 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity
Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.
Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch
