Avatar of dovidf
dovidfFlag for United States of America

asked on 

How do I safely clean up an infected computer

We have a computer that was behaving suspiciously.  We disconnected it from the network and from the internet and loaded Emsisoft and Malwarebytes offline versions.  Emsisoft found 2 instances of malware and 1 pup, which were supposedly quarantined.  We then ran Malwarebytes which, after a 55 hour run, found 10 instances: 3 of malware and 7 of pups.  Before we had a chance to quarantine the items, Malwarebytes completed the scan and moved the findings to a log without quarantining or deleting the items. Two questions:

  1. How should we go about cleaning the items Malwarebytes found?  Should we just navigate to the files and delete them?  Should we right click on them & do a Malwarebytes scan and allow Malwarebytes to deal with them?
  1. Once we have cleaned the Malwarebytes items, is there still room for concern and if so what should be done next?
Anti-Virus AppsAnti-Spyware* MalwarebytesSecurity

Avatar of undefined
Last Comment
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image

In industry if a machine is compromised then that machine can no longer be trusted.  Wipe and reinstall from known good backup.

A clean install is warrented. If you install Malwaarebytes then you should be able to go into its detection history  are you sure it didn't remove anything into the quarantine?

PUPS are potentially unwanted programs.  you might want to keep bongo bunny and exclude it
Avatar of Hello There
Hello There

Once you've been infected, reload the system. This is the safest thing you can do right now.
Avatar of Dr. Klahn
Dr. Klahn

I agree with the above.  Polymorphic viruses are exceedingly clever and can hide for months, then pop up for no apparent reason.

Back up any user files to an external drive.  Then erase the drive using a product such as Darik's Boot and Nuke.  This ensures that there is nowhere to hide and the infection cannot reload.

Reinstall Windows.  Bring it up to date.  Reinstall the application software.  Then make a full image backup of the system so that if this happens again, the reinstall can be accomplished rapidly.
Avatar of dovidf
Flag of United States of America image


The machine has legacy data and programs which I couldn't reproduce at this time. I can't afford to nuke it and lose that particular old Access application. I will keep the machine off the network so no other machines are affected and will simply run a certain program on it and copy a data file to it and copy a modified data file from it.
Avatar of Eirman
Flag of Ireland image

Blurred text
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Another option, if you can, is to reinstall the computer and all of the software, and restore only configuration files and non executable data that has been scanned and cleaned.
Avatar of Eirman
Flag of Ireland image

Have you tried the obvious ?

Go back to a restore point that predates the suspicious behaviour.
This will most likely provide a 100% quick fix.
Avatar of dovidf
Flag of United States of America image


Unfortunately although I have multiple restore points, I am not aware of any that predate the suspicious behavior

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection. Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews


IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo