Malware Removal: Remediating an Infected System

You work for an organization that is focused on maintaining a highly secure environment. A system has been hit with a virus, what is the recommended strategy to respond to the infected system?

Format the system and reinstall Windows

What tool can you use to monitor processes that are running and view details of the processes such as the file location and registry entries that launched the process?

Process Explorer

Which of these represents a sign that you may be infected with malware?

Random popups

You performed a system image backup a week ago. Your system was hit with a major virus and you would like to restore the system image. What would you do?

Restart to the repair options, restore system image

You have not performed a backup of the system. You are trying to run system restore on your system to revert to a previous restore point, but the feature does not seem to work. What would you try next?

Run System Restore from the repair options

If you find that your system is infected with malware, what boot option might you use to ensure that additional software is not loaded at startup?

Safe mode

Your system is running slow and you suspect it is infected with malware. Because the system is running so slow, it is hard to launch the antivirus software. What tool could you use to revert to a snapshot of the system before the virus affected the system?

System Restore

Your manager is concerned about boot sector viruses, what is one of the reasons why boot sector viruses are so hard to remove?

They are loaded into memory before the OS

What is the name of the free software you can use to remove malware from an infected system when your antivirus software is not working?

Windows Malicious Software Removal Tool

You cannot boot your Windows system due to boot sector problems, what command could you use to fix the MBR?

bootrec /fixmbr