Malware Removal in organizations

[jae]

What software are used for malware removal in organizations? Or do they remove them manually?

 

[postmortemIA]

"manually" is not going to get you far in organizations with thousands of PCs.
Orgs use enterprise editions of AV programs. These come with full protection and plus update servers and policy enforcements.

 

[Demo24]

"manually" is not going to get you far in organizations with thousands of PCs.
Orgs use enterprise editions of AV programs. These come with full protection and plus update servers and policy enforcements.

Yup, we use trend micro which has a central server that all our clients talk to( more or less about everything) and it talks to trend servers. It monitors everything from viruses, malware, and URLs( blocks a surprising amount of ads too) in real time keeping track of statistics. If it detects a comp having too many violations in a specific time frame it can isolate the PC and attempt to clean it up, if that fails we may have to go deal with it. Thankfully that hasn't happened since we implemented this system.

 

[mechBgon]

Assuming an AD domain with Remote Installation Services set up, I'd lean towards DBAN followed by a quick system reimaging over the network. Disinfecting a heavily-hosed system takes a lot of time and leaves some uncertainty, whereas reimaging it takes a known amount of time and leaves very little uncertainty.

When I was a sysadmin, I had a loaner system ready when needed, complete with a handle bolted to the top. We had a remarkably virus-free fleet, but stuff like HDD crashes occasionally called for a rapid fix to keep the employees up and running.