CompTIA A+ Core 2 (220-1002) — Question 203

A technician performs a virus cleaning on a computer that has been redirecting all browsers to a phishing website. System Restore was turned off before the cleaning. The technician runs the machine through several scanners, and then tests for redirection. A smaller number of sites are still redirecting to the phishing website. The antivirus software correctly blocks the website.
Which of the following should the technician do NEXT?

Answer options

• A. Check the contents of the hosts file
• B. Do a System Restore to a date before the infection
• C. Rerun the antivirus scan with higher sensitivity
• D. Rebuild the OS on the machine

Correct answer: A

Explanation

The correct answer is A because the hosts file can be modified by malware to redirect traffic, and examining it can reveal any persistent entries. Option B is not viable since System Restore was turned off, so restoring is not possible. Option C may help but is less likely to resolve the redirection issue directly, and option D is extreme and unnecessary if the root cause can be addressed through the hosts file.