Worms and Trojans can make their way into local intranets fast if you don’t have a good firewall to protect your networking environment. Most of it originates from overlooked files like granting access to the Internet for specified users. But rest assured, unless you document and orient these people on potential risks, chances are the ones to whom you grant access will be the bane of your network security issues.
A worm can multiply fast if not contained immediately. For one, it can affect the whole network. So how do you go about it?
1. Unplug all the computers from the network. Cable disconnection would be a good start. If they are not connected, then there is no place for them to go. Depending on the number of workstations, you may have your work cut out for you. But at least it defeats the need to come and go from one workstation to the other once one is cleaned.
2. Scan the computers manually using a CD. As much as possible use a write-once optical disc. This way, if you find the worm or virus, you have it cornered. There is no place to hide nor go for them.
3. Restart and make a second check. Make sure everything is clean for one workstation. Do this for the rest of the computers that have been potentially affected.
This process requires a lot of patience. But it beats having to turn to the usual formatting and clean everything from scratch. It is indeed demoralizing, but the thing is, you just have to deal with it since better security policies need to be enforced on your end as far as users are concerned.