An employee's workstation begins to display desktop alerts indicating that their system is infected with multiple viruses. However, the antivirus software installed on the machine does not report any issues. Additionally, the system has begun to experience OS update failures. Which of the following actions should be taken FIRST to address this issue?
Perform a complete scan with an updated anti-malware software.
Boot into safe mode and perform a system file check (sfc /scannow) to identify any missing or corrupted files.
Disable the antivirus software to prevent it from interfering with system updates.
Immediately restore the system to a previous state before the alerts started.
The correct action to take is to perform a complete scan with an updated anti-malware software. The described symptoms are indicative of potential rogue security software, also known as 'scareware,' which can masquerade as legitimate security alerts to convince users to purchase a fake antivirus program. Performing a thorough scan will help identify and remove any malicious software that the current antivirus might have missed. Updating the anti-malware software is essential to recognize the newest threats. Restoring the system could potentially remove the malware but might not be effective if the malware is designed to evade such measures. Similarly, utilizing a safe mode and preinstallation environment for scanning should be done if the full scan in the normal mode is not possible or effective, but as a first response, updating and scanning the system is recommended. Lastly, the suggestion to disable antivirus software is incorrect because it could exacerbate the security concerns by leaving the system vulnerable.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is scareware?
Open an interactive chat with Bash
Why is it important to update anti-malware software?
Open an interactive chat with Bash
What steps should be taken if a full scan does not resolve the issue?