Minimal required IT security measures

WWU-CERT and Microsoft suggest to remove and reinstall an infected system, because of the fact that you can never be sure if all malware has been found. Backup your personal data and format the system partition before you reinstall the operating system from a clean medium.

A reliable malware removal is not possible from within the infected system. You must scan the infected system with a bootable antivirus CD, see rescue systems.

Following steps have to take place if you want to secure the Windows operating system (cf. the decision of IV-L from May, 6th 2004). An unsecured operating system that is connected to the internet will be infected within minutes!

  1. Install the latest security updates for your operating system. Activate regular automatic updates for Windows and your installed software.
  2. Activate your firewall software before first entering the internet. When using Windows Vista/7 or newer the build-in firewall is sufficient (see properties of network connection).
  3. Install and activate a permanent running antivirus software (with option "Scan on demand"). When using Windows 8 or newer the build-in firewall is sufficient (see properties of network connection).
  4. Choose a complex password for your local administrator account.
  5. Create at least one local user who is no administrator.
  6. Never log in as the local administrator. Always use the low-privileged account to open emails or surf in the internet. Otherwise the former steps were useless.

Please notice the following points:

  • After cleaning the system you have to change all your passwords in particular your central password and network password of the university.
  • An antivirus software and a firewall software (at present Sophos Anti-Virus and Firewall) is available for free to all employees and students of the WWU Münster.
  • We recommend to use alternative Internet browsers like Mozilla Firefox or Chrome to minimize the risks.
  • Attackers often target security leaks in browser plugin software like Java, Flash, PDF and the like. Make sure that your plugins are always up to date.
  • Persons who distibutes consciously viruses and spam through his or her PC make themselves possibly punishable according to German law (§§ 303 a, b StGB Data modification, Computer sabotage) and liable to pay for damages according to § 823 (1) BGB.
Updated: 2018-09-04