A plus 1002 Sub-objective 3.3
A plus 1002 Sub-objective 3.3 – Given a scenario, use best practice procedures for malware removal
Welcome to ExamNotes by CertBlaster. Here we cover A+ 1002 Exam Sub-objective 3.3 that lays out a plan for removal of Malware. OK! So here is your counterattack plan laid out. This is a step by step process, so do it all.
Identify and research malware symptoms
Every different type of malware has exhibits different behavior. Observe and record anything odd. Is it pop-ups? Inaccessible websites for updates? Everything you can observe will help you research the type of malware you are trying to remove.
Quarantine the infected system
Once you suspect an infection unplug the NIC and/or disable wireless connectivity. Remember this malware got into your system somehow and it’s fair that it hasn’t stopped trying to infect others locally or globally. Cut the cord (not literally)
Disable system restore (in Windows)
While system restore points and snapshots are useful tools, once you have an infection it is reasonably certain that the malware has tucked itself away in the restore files waiting to come back rested and fresh after you have spent hours removing it. Disable system restore (System Protection) which will remove all restore points.
Remediate the infected systems
Now it’s time to deal with your bug. First, we know you don’t trust the system, so create bootable Rescue media with updated definitions from another clean machine for use on the infected system.
Update antimalware software
If possible try to update your existing AV software after remediation. Success here will provide hope that you’ve resolved the issue.
Scan and use removal techniques (safe mode, pre-installation environment)
Now while booting directly to the system try scanning in safe mode, the pre-installation environment then hopefully you’ll come out clean.
Schedule scans and run updates
Once you are satisfied the condition is resolved, complete any and all OS updates and those of other programs especially malware. Set these programs to update automatically.
Enable system restore and create a restore point (in Windows)
Once all of your updating is complete re-enable System Protection and create a restore point. Label it to allow you to be sure this is the clean baseline.
Educate end user
Now, all along we touched on do’s and don’ts when it comes to running your system safely. So DON’T Click it! Seriously when you have to fight an infection of any sort you will immediately become proactive regarding defense. User education is the tip of the spear in malware defense. Take the time to inform the user tell them what happened, why, what the consequences are and then let them see the aggravation, I mean the steps necessary to eradicate the threat. Engage them in the solution – help them grow.
Well, that’s everything for objective 3.3! Hope you enjoyed it! Don’t just sit there! Look for 3.4! This stuff doesn’t learn itself! Good luck on the test!