1

Possible Duplicate:
Computer is infected by a virus or a malware, what do I do now?

I was browsing some websites and somehow obtained a trojan through some sort of silent download. Google Chrome started acting funny and wouldn't load web pages and neither would internet explorer. Only Firefox worked. I rebooted my computer and as usual logged into my email account as well as my bank account online completely forgetting about the infection. Could my information have been sent to the person or people or wrote the trojan? I downloaded Zone Alarm and took care of the issue, I'm just worried about when I absentmindedly logged into my email account and bank account online while I was infected.

Community
  • 1
Brandon
  • 11

3 Answers3

5

I suggest running some deep virus scans using your virus scanner and changing your e-mail and bankaccount passwords and usernames if possible.

Pylsa
  • 31,383
4

As another poster mentioned, if you need to ask whether it's possible if your login information has bee compromised, just assume that it is and change the password as soon as possible. Change all accounts that use the same password, even if you didn't log into all of those services.

Some security best-practices:

  1. Use strong passwords: at least 8-10 characters long (much more if it's something important like banking or SFTP password for a production server) comprised of upper and lowercase letters (randomly dispersed if possible), numbers, and special characters ~!@#$%^&*()_+-=.
  2. Don't use the same password for everything. At the very minimum, use a different password for your Digimon Central message-board account than you use for banking/primary email. Assume that sites/services (especially smaller ones, but large companies can have security breaches too) you use can and will get hacked.

  3. If you can't remember 20-different passwords/usernames, use an encrypted password manager with a master password:

    • Firefox has one built-in—remember to enable master password before you save any passwords.
    • Thunderbird also has built-in password management, but, again, you need to enable the master password. The latest version of Thunderbird also has full FIPS-140 support (needs to be manually enabled).
    • PasswordSafe is a terrific standalone password manager that is open source and has been ported to Windows, Linux, and Mac OS X. It also supports more advanced features like virtual keyboard typing so that your master password won't be intercepted by keyloggers.

  4. And if you absolutely need to write a password down, try to obfuscate it somehow. For instance, you can write it in code, replacing letters with numbers/symbols. Alternately, devise some kind of cipher system that you can use in all of your passwords that would make them look incomprehensible, e.g.:

    defenestrate = b3f3n35+5r@+3

    Then you can apply a rudimentary form of stenography by hiding your password amongst random garbage characters, e.g.:

    -3x4bn++@63fb37
b343n35+5r@+3te
q+64g6@4rn!23c4
95c42-+36+21786
418+f@k7!21n2fb

  5. But the most important thing, in relation to computer security, is just to be computer/security-literate. If you aren't at least computer literate, go take a class at the local JC. Once you've done that, a lot of computer security is just common sense:

    • Don't download random unexpected e-mail attachments.
    • Don't click on a file named Hermione_Naked.JPG.exe.
    • Don't reply to e-mail requests for passwords/personal info.
    • Avoid shady websites with Google descriptions like "free Adobe CS4 Keyg3ns!! S/Ns!! Cracks!! Pr0n!!"
    • Only send passwords over secure connections (SFTP/HTTPS)
    • Don't log into http://yourbank.com.h4ck3r.cn
Lèse majesté
  • 3,301
1

Assume the worst, from a clean PC, goto both your email and Banking sites and change your passwords now. Then monitor your Bank Accounts for a while.

BillN
  • 806