I Have Infected Systems - Now What?

Follow our five fundamental steps for treating an infected system.

For full details on how to perform these steps on the page, please see our best practices for troubleshooting viruses on a network.

Learn More

Step 1.

Identify the Threat and Attack Vectors

In order for a threat to be contained and eliminated, you must first know what the threat is and what it is designed to do.

Step 2.

Identify the Infected Computers

Once the threat(s) have been identified, it is important to understand which computers are infected, and how many uninfected computers could be affected.

Step 3.

Quarantine the Infected Computers

To prevent the threat from spreading, compromised computers should be removed from the network while being remediated.

Step 4.

Clean the Infected Computers

Once isolated, the threat can be removed and the side effects it caused can be reversed.

Your Security Team should consider the following factors:

Step 5.

Post-op: Prevent Recurrence

Once the outbreak is resolved, it is time to review the incident and make necessary changes in internal processes and procedures to avoid this type of attack in the future.

Malware Protection

STAR Malware Protection Technologies

The Security technologies Symantec Creates

ISTR Volume 23

Symantec 2019 Internet Security Threat Report

Our 123 million sensors record thousands of threat events per second from 157 countries and block 142 million threats daily. Use intel from the world’s largest civilian threat network to your advantage–download ISTR 24 now.


Virus Removal and Troubleshooting on a Network

Read the full details on how to perform these five fundamental steps