Blog post on what to do after detecting malware

Post Reply
User avatar
MyWOT-Team
Posts: 685
Joined: Mon Nov 30, 2015 12:05 pm

Blog post on what to do after detecting malware

Post by MyWOT-Team » Wed Jun 15, 2016 3:02 pm

We just published a new blog post with tips on what to do if you come across malware while browsing. Do you think this covers what users should do?
Please share it with your network if you think it can help people!
https://www.mywot.com/en/blog/when-you-find-malware

Dynamoo
Posts: 18
Joined: Tue May 10, 2016 9:34 pm

RE: Blog post on what to do after detecting malware

Post by Dynamoo » Wed Jun 15, 2016 9:24 pm

Well, that's a can of worms. I guess a lot of people will have an opinion on this!

Some thoughts - prevention is always better than a cure. Make sure your software is up-to-date (for home users hxxp://www.flexerasoftware.com/enterprise/products/software-vulnerability-management/personal-software-inspector Flexera (formerly Secunia) PSI is good. Script blockers (such as hxxps://noscript.net/">NoScriptx for Firefox or hxxps://chrome.google.com/webstore/detail/umatrix/ogfcmafjalglgifnmanfmnieipoejdcf?hl=en Matrix or other tools for Chrome) can disable active scripting which is very effective at stopping malware, but it can make sites harder to use sometimes (some assembly required). Adblockers can stop a lot of malicious advertisements too. Common attack vectors for malware are Flash, Java, QuickTime, Adobe Reader.. remove them if you don't use them.

Prevention is better than a cure. And remember, you won't always know if you are infected (Trojans such as Dridex are very hard to detect). Good anti-virus software can help, but you shouldn't rely on it alone.

If you are deliberately visiting sites that you think might be infected then it's a whole other ball game. Tools such as hxxps://urlquery.net/ URLquery can help analyse some forms of malware without even visiting the page. There are a whole lot of other scanners out there too. Never visit a compromised site on a computer that you care about - use a test system instead, this could be an old laptop running Linux or a Virtual Machine (e.g VMware although there are others) running either Windows or Linux that you can just reset every time.

Finally for now.. where I work, our standard procedure for pretty much anything infected with serious malware is to nuke it from orbit and rebuild it from scratch. It's the only way to be sure.

Post Reply

Who is online

Users browsing this forum: No registered users and 4 guests