Clusters of Infected Machines Indicate a Systemic Problem
But suppose you didnt get the green light saying that your computer is OK. If that happens, the DCWG offers a list of places where you can access malware removers that will clean the malware out of your system. Most security vendors, including Symantec, McAfee, Kaspersky and Microsoft, have free software that will clean your system. Note that the same page also provides a list of resources for making sure your computer is really free of malware and stays that way. Resources for PC and Macintosh computers are included in these lists.If you find that your security systems are compromised, then the answer is clear, call the person in your company who is in charge of data security and ask for help. Now, suppose its Monday morning and you just found out that one or more of your computers suddenly cant find the Internet when everyone else can. If you havent already downloaded one or more of the free malware removal tools provided by DCWG, you should do so now, even if you have to use a computer outside the office. Save the malware removal tool on a flash drive, take it to the affected computers and before doing anything else, check the DNS settings. You may be able to clear up the problem just by fixing the DNS settings. If those settings dont stay fixed, then run the malware-removal tool doing the full-system scan. This will take a while. When its finished, the malware will be gone, and youll have a list of what was done. None of this is rocket science, but some of it is tedious. Dont try to take shortcuts. Instead, do the full removal job. But while youre waiting, you can start thinking about what you need to accomplish to make your systems as secure as they should be from now on.
Once youve finished the initial tests and fixed the malware infection or its after-effects, its time to review your security posture. While an infected computer or two inside a large organization may not indicate a systemic problem, seeing more than a few will. Likewise, seeing malware infections in clusters within an office will indicate a problem. It may be that a specific remote office isnt being as careful as it should, for example, or it may mean that the anti-malware application in that location is compromised.