Virus Infected Computer
So, your computer is running slow, with error messages and maybe pop-ups? That's great! At least you know something is wrong. The worst infections are the ones that go undetected. When you suspect a virus infection you should not trust your computer. It's very likely logging your keystrokes and obtaining passwords as you use it.
Remove the infection. We are successful in making the machine usable again about 90% of the time. It varies from month-to-month as the severity of infections and quality of tools changes constantly. Depending on the nature of the infection that was removed some degree of computer functionality may not return. It's like having a car fixed after being in an accident. It might look normal and mostly drive normal but it's not necessarily like it originally was.
Reinstall the computer. This is the long route. It guarantees removal of the infection but it's also the most time consuming and disruptive to the user. Often you may be in a position of needing data recovery from the same machine before it can be rebuilt.
Hackers and intruders
Having a virus infected computer isn't always where things stop. You have to stop and think about what else may have been tampered with. One of the jobs of the virus is to open the doors so foreign hackers can pry further. The virus logs the keystrokes of the users and administrators. At a later time those hackers will enter the network using those stolen credentials. From there they start searching for specific financial and password data. They are not stupid and are going for your money.
How to detect and resolve this:
Step 1: Make sure all machines connected to the network have up-to-date patches and anti-virus software. Enroll all machines in our Server and Desktop Care programs.
Step 2: Perform an Internal and External security audit.
Step 3: Make the recommended changes as discovered by the audits.
Our experience with detecting and removing hackers has enabled us with unique skills for incident analysis of many kinds:
We have direct experience with all the following:
- Failed hard drives.
- Failed operating systems.
- Deleted files.
- Corrupted files.
- Lost passwords.
- Encrypted files.
The complexity of recovering information all depends on how and why you lost access to it in the first place. A worst case scenario is that you're being held randsom by a virus that has intentionally encrypted your data. If we can't find a shadow copy or way to rewind the changes you're going to lose the data or end up paying the hackers with Bitcoin. Each scenario is different and we'll need to make an estimate of recovery based on your individual case.