Users are recommended to take the following actions to remediate GameOverZeus infections:
- Use and maintain anti-virus software - Anti-virus software recognises and protects your computer against most known viruses. It is important to keep your anti-virus software up-to-date.
- Change your passwords - Your original passwords may have been compromised during the infection, so you should change them.
- Keep your operating system and application software up-to-date - Install software patches so that attackers can't take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it.
- Use anti-malware tools - Using a legitimate program that identifies and removes malware can help eliminate an infection. Users can consider employing a remediation tool (examples below) that will help with the removal of GOZ from your system.
- http://www.f-secure.com/en/web/home_global/online-scanner (Windows Vista, 7 and 8)
- http://www.f-secure.com/en/web/labs_global/removal-tools/-/carousel/view... (Windows XP)
- http://goz.heimdalsecurity.com/ (Microsoft Windows XP, Vista, 7, 8 and 8.1)
- http://www.microsoft.com/security/scanner/en-us/default.aspx (Windows 8.1, Windows 8, Windows 7, Windows Vista, and Windows XP)
- http://www.sophos.com/VirusRemoval (Windows XP (SP2) and above)
- http://www.symantec.com/connect/blogs/international-takedown-wounds-game... (Windows XP, Windows Vista and Windows 7)
- http://www.trendmicro.com/threatdetector (Windows XP, Windows Vista, Windows 7, Windows 8/8.1, Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2)
The above are examples only and do not constitute an exhaustive list. We do not endorse or support any particular product or vendor.
GOZ has been associated with the CryptoLocker malware. For more information on this malware, please visit the CryptoLocker Ransomware Infections page at US-cert.gov