A technician responds to a call from a user who claims to have a virus on a workstation.
The technician observes the following notification from the system tray: There are 1033 infected files on this computer.
Click here to disinfect.
The link is blocked by the corporate content filter and displays a message stating the site contains known malware.
Which of the following should the technician complete to secure the computer with MINIMAL impact to the user?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
The most appropriate action for the technician to secure the computer with minimal impact to the user would be option A: Compare the startup items and services to a known clean image, and remove any startup items not found in the other image. Run an anti-malware scan.
Option A suggests that the technician should compare the startup items and services to a known clean image, meaning that they will compare the current state of the workstation with a known good configuration. If any startup items or services are found on the workstation that are not present in the known good configuration, the technician should remove them.
After removing any unwanted startup items and services, the technician should run an anti-malware scan to detect and remove any malware or viruses that may be present on the system. This will help to ensure that the system is clean and secure.
Option B, on the other hand, suggests that the technician should disable security software on the workstation, which is not a recommended approach as it would leave the system vulnerable to attacks. Additionally, validating that the alerts are false positives is not a guaranteed solution as the notification indicates that there are 1033 infected files on the computer, which is a significant number.
Option C involves backing up the user's files, restoring the system to the original system image designated by corporate IT policies, and then restoring the user's files. While this approach would ensure a clean system, it is time-consuming and may result in the loss of some user data.
Option D suggests that the technician should request a content filter exception to allow access to the link from the notification. However, this approach is not recommended as the link is already blocked by the corporate content filter due to containing known malware.
In summary, option A is the most appropriate solution for the technician to secure the computer with minimal impact to the user by comparing the startup items and services to a known clean image and running an anti-malware scan.