I am not sure if this is the proper forum for this, so I apologize if I am breaking etiquette here.
I have been tasked with developing a procedure on how to handel infected machines and I am looking for advice on the best way to handle a machine that is infected. I am under the impression if Symantec detects malware that I should pull the PC and reimage it immediatly. I am wondering if this is overkill.
For instance on my machine, Symantec detected a Trojan.Zbot and a Trojan.Maljava. SEP (Symantec Enpoint Protection) detected these and deleted them. I did run Malwarebytes and the scan came clean. I am still tempted to pull the PC and reimage it. Then I began to think, if Symantec detected and deleted the malware, do I really need to do this?
What is the best procedure when Malware is detected? Should I wipe the PC and reimage it or do I trust SEP when it says it has successfully deleted the Malware?
I really appreciate any advice on this.
Thank you.