What to do if your computer has a virus

So, the unthinkable, the only thing which you always thought that it can’t happen to you did happen: your computer got a virus or more.

What to do now?

First of all, don’t be scared and think well before taking the next steps.

Many people format first their computer and reinstall the operating system or even change their hardware without thinking at the consequences: you lose all your data!

Let’s start with a risk analysis of the situation without going into too many technical details.

If you have a file infector virus (e.g. W32/Stanit) then potentially any access to other executable files would lead to new infections with this virus. If you have a keylogger, there might be the danger that it may have recorded all keystrokes, or it may be sophisticated enough to monitor for specific activity – like opening a web browser pointing to your online banking site. If it spied on your login credentials then you might have a long term problem. If it was a trojan, it might have downloaded other malicious software on your computer.

Of course, you can’t really know what kind of virus it is unless you work in a Virus Lab, so the best thing to do in case of an infection is to perform an offline scan. An offline scan means that the operating system is not started and you have full access to all files existing on the hard drive of your computer.

Our Knowledge Base provides a very short and useful How-To in three steps:

  1. Start your computer in Safe Mode and run a full scan with Avira software (in safe mode)
  2. Download and create Avira Rescue CD
  3. Start the computer with Avira Rescue System and use it
In order to make sure that the system is really clean, we recommend to perform another System Scan after rebooting again and starting Windows.

At this point, the computer should be clean but you’re not done yet. You must find out how did you get the virus in the first place:

  • did it come via email?
  • did you download it via a website?
  • was it from a freeware product you used?
  • did you use cracked software?

But, independent on which way you got it, make sure you have always your antivirus active and if you do deactivate it even temporarily, make sure you don’t do that action which got you the virus again. Just to be sure, simply never deactivate your antivirus.

We also recommend performing the following actions immediately after system cleaning:

  • check your email accounts (Outbox, Sent items) – The virus might have distributed itself via email to all your contacts and it would make sense to inform your contacts that they might receive strange emails from you. They should erase them without opening.
  • change the login data for home banking, eBay, Amazon, PayPal, Facebook and so on – in case the virus installed also a keylogger as payload, change all your password immediately.
  • keep a close eye on your finances for the next couple of months – if the keylogger was long enough active on your system, it might happen that the cyber criminals already have your credit card data or other login information which they can use to get some money from you.


If you can’t manage to get rid of that virus you can always call for help.

© Copyright Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.

Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca
Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since over 20 years in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is CEO and owner of Endpoint Cybersecurity GmbH focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .
%d bloggers like this: