Posted by: kurtsh | December 20, 2010

BETA: Whitepaper–“Infrastructure Planning and Design guide for Malware Response”

Want a framework for responding to malware that might hit your organization?  Here’s a document that helps lay that plan out for you.  Here’s the table of contents of this 55 page document:


  • The Planning and Design Series Approach. 1
  • Introduction to Malware Response. 2
  • Step 1: Confirm the Infection. 4
  • Step 2: Determine Course of Action. 8
  • Step 3: Attempt to Clean the System.. 14
  • Step 4: Attempt to Restore System State. 22
  • Step 5: Rebuild the System.. 25
  • Step 6: Conduct Post Attack Review.. 28
  • Conclusion. 29
  • Appendix A: Malware Security Products at a Glance. 30
  • Appendix B: Examining Malware’s Effects on a System.. 31
  • Appendix C: Create an Offline Scanning Kit. 43
  • Version History. 54
  • Acknowledgments. 55

As a member of the Security Solution Accelerator review community your feedback is needed on the Infrastructure Planning and Design Guide for Malware Response Beta. This guide replaces the popular Malware Removal Starter Kit: How to Combat Malware Using Windows PE.

About the guide. Plan the best and most cost-effective response to malicious software by using the Infrastructure Planning and Design Guide for Malware Response. This guide assists organizations in determining the appropriate response strategy to an incident or outbreak of malware. The guide discusses three primary recovery methods: cleaning the system, recovering system state, and rebuilding the system. Each method presents different risks to the organization. The guide also describes approaches to investigating outbreaks and cleaning infected systems. Read this guide to make an informed decision about how to return the systems to operation while limiting the organization’s exposure.

Download the Beta! Get the Infrastructure Planning and Design guide for Malware Response by visiting the Microsoft Connect Web site at:


%d bloggers like this: