At work, if we have any devices that we *think* are compromised, we immediately unplug it from the network and we just reinstall the OS as we have images ready to deploy. This process sometimes takes a while. I feel like our process could be improved as I think there could be other things we could check first before reinstalling the OS.

What’s your “go-to” process to verify a computer is “clean”? Is an AV-scan, followed by a Malwarebytes scan still viable? (What AV is reliable? Are AVs even any good?). Do you manually check files and processes for any abnormalities? What do even look for? Thank you!

Share This Discussion

1 Comment

  • themanchicken

    November 11, 2021

    Yeah, that’s what I would do. There’s no good reason to risk it. I would, instead, focus on improving the process of reimaging the machines. Maybe some automation, something like that.

    Don’t mess around with suspected malware. Just nuke it.

    Reply

Leave a Comment

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.