You need to take some steps immediately to prevent spread of the infection and limit the damage to your business.

  • Disconnect the infected PC from the network.  If it is on a wired network, unplug the network cable.  If it's wireless, put the PC in Airplane mode or disable the wireless connection.  If you don't know how do disable wireless, shut down the infected computer.
  • Interview the user who got the infection.  Find out what preceded indicators of infection.
  • Check other PCs on the network for signs of infection.
  • Contact malware removal experts for further analysis and malware removal.

P3iSys has technologists with specialized training for malware removal and analysis.  Once we are certain an infected PC is isolated from the network and cannot damage other PCs, we can perform detailed analysis to examine indicators of compromise (IOCs) and see if the malware is trying to contact command and control servers on the Internet.  This helps us to classify the malware.  Once the malware is classified, then we will proceed to remove all traces of it from the infected system and allow the user to get back to work, but only as soon as we are sure the infector is removed and can do no further harm to the infected PC or other computers and devices on your network.

With a persistent or dangerous infection, it may be necessary to re-install the operating system to ensure no further damage or compromise to your business.  In these cases, we recommend replacement of the hard drive to ensure the infected hard drive does not have a hidden re-installer for the malware, and to allow further analysis of the infector after the repair.

In most cases, however, we can detect, classify, and remove the infector safely.

If you are infected, don't wait!  Don't think the infector will go away on its own!  Call us immediately before a suspected infection can do further damage!

