What to Do After Detecting a Virus or Trojan? Complete Guide 2026
Practical guide for responding to malware infection. Learn how to secure accounts, change passwords, enable MFA, and protect yourself from identity theft. Step by step.
Detected a Virus on Your Computer? Don't Panic - Act Methodically
Discovering that your computer was infected with a virus, trojan, or other malicious software is a stressful situation. However, the most important thing is to stay calm and follow a proven plan. This guide will walk you through all the necessary steps to secure your data and accounts.
Remember: The faster you act, the smaller the potential damage.
Step 1: Immediately Disconnect from the Network
This is the absolute priority! Before you do anything else:
- Turn off Wi-Fi on the infected computer
- Unplug the network cable (Ethernet)
- Don't shut down the computer - it may be needed for analysis
Why is this important? Trojans and keyloggers send captured data (passwords, card details) to criminals over the internet. Cutting the connection immediately stops the data leak.
Step 2: Use a CLEAN Device for Further Actions
CRITICAL: Never change passwords on the infected computer!
For all subsequent steps, use:
- Another computer (trusted)
- Mobile phone
- Tablet
If using a phone, make sure:
- You're using mobile data (not home Wi-Fi)
- The phone was not connected to the infected computer
Step 3: Secure Your Most Important Accounts (Critical Priority)
Order matters! Start with:
1. Primary Email Account
Why first? Email is the key to resetting passwords for all other accounts. If an attacker has access to your inbox, they can take over all your accounts.
What to do:
- Change password to a strong, unique one (min. 16 characters)
- Enable two-factor authentication (2FA/MFA) - preferably an app (Google Authenticator, Microsoft Authenticator) instead of SMS
- Look for "Sign out of all devices" option and use it
- Review email forwarding rules - remove unknown ones
- Check recent logins - watch for unknown locations/devices
2. Banking and Financial Accounts
What to do:
- Log into online banking from a clean device
- Change password
- Enable SMS/push notifications for transactions
- Check transaction history - look for unauthorized operations
- Consider calling your bank to inform them of possible breach
- If you see suspicious transactions - immediately block your card
3. Password Manager (if you use one)
- Change master password
- Enable 2FA if you haven't already
- Check if any unknown devices were added
Step 4: Change Passwords for ALL Accounts
List of accounts to secure (decreasing priority):
| Priority | Account Type | Action |
|---|---|---|
| CRITICAL | Primary email | Change password + enable MFA |
| CRITICAL | Online banking | Change password + check transactions |
| CRITICAL | PayPal, Revolut, crypto | Change password + enable MFA |
| HIGH | Social media (Facebook, Instagram, LinkedIn) | Change password + enable MFA + sign out everywhere |
| HIGH | Work accounts (Microsoft 365, Google Workspace) | Change password + notify IT |
| HIGH | Online stores (Amazon, eBay) | Change password + check orders |
| MEDIUM | Streaming services (Netflix, Spotify) | Change password + check devices |
| MEDIUM | Forums, online games, other services | Change passwords |
Rules for creating new passwords:
- Minimum 16 characters (longer is better)
- Unique for each account - never reuse passwords!
- Use a password manager (Bitwarden, 1Password, KeePass)
- Avoid obvious information (birthdate, names)
Step 5: Enable Multi-Factor Authentication (MFA) Everywhere
What is MFA and why is it so important?
MFA (Multi-Factor Authentication) means you need more than just a password to log in - for example, a code from an app on your phone.
Even if a thief has your password, without the second factor they can't log into your account.
Best MFA methods (from most secure):
- Hardware key (YubiKey, Titan) - highest security level
- Authenticator app (Google Authenticator, Microsoft Authenticator, Authy)
- SMS - better than nothing, but vulnerable to SIM swap attacks
Where to enable MFA:
- All email accounts
- Online banking
- Social media
- Work accounts
- Online stores (especially those with saved cards)
- Cloud services (Dropbox, Google Drive, iCloud)
Step 6: Remove Malware from Your Computer
Option A: Professional Scanning
- Boot computer in Safe Mode with Networking
- Update your antivirus program
- Run a full system scan
- Use additional tools:
- Malwarebytes (free version)
- HitmanPro
- ESET Online Scanner
- Remove detected threats
Option B: System Reinstallation (recommended for serious infections)
If the infection was serious (banking trojan, keylogger, ransomware), the safest solution is a complete system reinstall:
- Back up important files (documents, photos) to external drive
- Don't copy executable files (.exe, .bat, .cmd, .scr)
- Format the drive and install fresh OS
- Install updated antivirus software
- Restore files with scanning
Step 7: Check If Your Data Was Leaked
Tools to check:
- Have I Been Pwned - check if your email was in a data breach
- DeHashed - advanced search
- Check notifications from services (they often inform about breaches)
What to do if data was leaked:
- Immediately change passwords for affected services
- If SSN/personal ID leaked - consider freezing your credit
- Monitor your credit report
Step 8: Protect Yourself from Identity Theft
Preventive actions:
- Freeze your credit with major credit bureaus
- Set up credit monitoring alerts
- Monitor bank statements for the next few months
- Watch out for phishing - criminals may try to use stolen data
Signs of identity theft:
- Unknown transactions on your account
- Collection letters for unknown debts
- Credit denials without reason
- Unexpected bills or payment demands
Step 9: Notify Appropriate People/Institutions
Who to inform:
- Employer/IT department - if you used the computer for work or have access to company systems
- Bank - if you suspect card/account data theft
- Police - if funds were stolen (file a report)
- National cybersecurity center - report the incident
Step 10: Secure Yourself for the Future
Security checklist:
- Install and update reputable antivirus software
- Enable automatic updates for OS and programs
- Use a password manager with strong, unique passwords
- Enable MFA on all important accounts
- Don't click suspicious links in emails
- Don't download programs from unknown sources
- Regularly create backups of important data
- Consider professional security audit for your business
Need Help?
nex-IT offers professional IT security support:
- Computer and network security audits
- Malware removal and data recovery
- Security system implementation (Sophos, ESET)
- Cybersecurity training for employees
- 24/7 security monitoring
Contact us - we'll help you secure your business and personal devices against threats.
Summary - Quick Checklist
- ✅ Disconnect computer from network
- ✅ Use a clean device for further actions
- ✅ Change primary email password + enable MFA
- ✅ Secure banking accounts
- ✅ Change passwords for all accounts
- ✅ Enable MFA everywhere possible
- ✅ Remove malware or reinstall system
- ✅ Check if data was leaked
- ✅ Protect yourself from identity theft
- ✅ Notify appropriate institutions
Remember: Prevention is better than cure. Invest in security before an incident occurs!
Related articles
How to Prepare Your Company for a GDPR Audit?
Practical checklist for GDPR audit preparation. Learn what documents you need, what mistakes to avoid, and how to ensure compliance.
Read moreSlow Computer - How to Speed Up Windows Without Reinstalling
Practical guide on how to speed up a slow Windows computer. Proven methods you can apply yourself - without system reinstallation.
Read moreHow to Secure Your Home WiFi Network
Practical guide on securing your home WiFi network. Password change, network hiding, connected devices list - everything explained step by step.
Read more