Recovering from an Attack

Despite the best defenses available, such as anti-virus software. An attack against computer may still be successful. There are so many different types of attacks, and it is difficult to diagnose precisely what actions to take to recover from an attack. These are basic steps to perform in the event of a successful virus attack:

The first step to be perform is to physically disconnect the computer from the network. This will prevent the computer from infecting other computers and will prevent further damage with the computer from the attackers.

The next step is to determine exactly what infection has taken place on the computer. If the anti-virus software installed did not stop the infection, this could mean the signature files being out of date, or the snit-virus software being turn off resulting to malfunction, or the anti-virus software unable to detect the virus. First, run a scan of the entire computer’s hard drive with the anti-virus software if that is accessible to identify the infection. If that is not possible it may be necessary to reconnect to the network and use an online scanner to examine the computer. Most available anti-virus software have free online scanners at their website that do not require installation.

Once the virus has been identified the virus, it needs to be removed from the system. Anti-virus software offers disinfect or quarantine options. There are also malicious software removal tools available online.

Once the malware had been removed. The computer should be scanned again for any sign of malware. I recommend to use different brand of anti-virus for recheck, an online scanner from different anti-virus can be used to scan the computer.

If the malware continues to be identified and cannot be purged then may be necessary to wipe out the hard drive clean. And reinstalling the latest backup. This is the only way we can guarantee virus is totally removed.

The final step is to determine why the attack was successful. Were the virus definition files not being updated properly, did it came from opened attached email, or maybe it was downloaded from a website. A thorough examination of the desktop security is a must to prevent an attack from happening again.