how to remediate an infected system

Posted by IT-NEWS Posted on June 03, 2021 No comments

how to remediate an infected system


Video Explanation - Remediating an Infected System (4 min) Hello everyone. We are here to freak out because our system is infected. Is it infected? Well, let me click on a random link in my web browser and bam. Pop-up, threat found. My Windows Defender Antivirus has found a threat. I'm clicking, I want to get details. What did I just do? Well, here's my Windows Security area and it says there's no threat whatsoever. Oh no, there it is. So there's a current threat. So the test file, severe virus. Eeh, severe sounds crazy and bad. So I'm going to click on that little expand button, and I can choose what to do with this threat. I can either delete it or I can put it in quarantine. I'm going to quarantine this threat because I want it to be like analyzed later. I don't just want it removed. I'm going to click on Start actions. We're going to get rid of this threat. There we go. It is now quarantined. 


So what I can do is, if I want to see the history of what this thing actually did on my machine and what it was trying to do, I can click on Threat history. And in Threat history, I can go down to see the full history of my box. And now here we can see that virus. So I'm going to click on the drop down, and I'm going to click on See details because I want to make sure that my system is secure. I need to remediate anything that this has done on my system. And in seeing the details, it pops up with User Account Control. I'm going to go ahead and click on Yes because I want to be able to access this. And here we're going to see, the alert level was severe, and this thing has been quarantined. So I don't have to worry about it. Now, we got the date and time stamp and also the details. This program is dangerous and replicates by infecting other files. Ooh, I don't like that. Well then down below, we can see the infected items. So where this file was loaded into, it looks like it came out of my Downloads folder, because I was using my web browser. So what I'd want to do now to make sure my system is virus-free and remediate any other infections that could be occurring, is I want to get out of this Details area, and I want to go back to my virus and threat protection. I would want to run a full scan. Now you either do the Quick Scan option, or I can use my scan options and pick things like Full Scan, or even a Custom Scan. After going through and running a full scan on my box and feeling a little better about myself, I like to also check out some common areas that viruses will try to let's just say put themselves so they can load up at your next boot. I'm going to right click on my Task bar at the bottom and when I right click on that I'm going to click on Task Manager. When Task Manager opens up I would like to take over the Startup tab. I'm going to make sure that here in the Startup tab that there's nothing suspicious hanging about and if I don't know if its suspicious or not I can right click on it and I can do things like either open file location to see the directory that this is residing in or even better I can search this entry online. Besides just the Startup tab here we can go into the process area and here we can look through all the processes running the background on my machine. Again I can look for anything suspicious that looks out of place. If I don't know what it is I can always right click on the item and again I can search online or open the file location to see the directory where it's housed. There are some third-party applications as well that you can load up and you can analyze all of these processes and have them submitted to a website that'll tell you if their malware or not. There's a lot of great options. So to protect our system we got a couple ways to go about it, but if your virus is all over the place in your system and you just can't seem to get rid of it there's other things you can do as well. You can choose how your system boots at the next boot and you can try to then get rid of the virus. One example is I can right click on the Start button, I go to run and I can type in MSCONFIG. When I use MSCONFIG I can hit okay and this loads up right here to my system config box. Here I can choose how my systems going to boot generally and I can control the individual boot settings when my computer comes online. On top of that we've already mentioned services that we can enable or disable or look up online. Then of course Startup that we saw inside of the task managerSo there's a lot of options for you to try to utilize in order to help remediate an infected system, but starting from the beginning, keeping your anti-virus up to date and the definitions of your anti-virus up to date is beautiful and perfect. Also making sure that you don't have anything just loading at start up that shouldn't be there and of course processes running in the background that should not be running in the background. So use these tools, remediate your own infected system and become that IT professional regardless of those scary pop-ups you might see.
Categories:

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)