Re: OT: Spyware
At work, I've helped to develop a checklist of things to go through for spyware/virus infected systems. Since most of the time it's bad enough to call into the helpdesk because work can't get done, the list is *very* comprehensive:
1) Run Windows Update.
2) Clean out Symantec AV Quarantine, Backed Up Items, and Repaired Items. Empty Recycle Bin, Temporary Internet Files, and Cookies. Empty Deleted Items folders in MS Outlook.
3) Run full SAV scan (check that client is on managed server, and definitions are up-to-date). Auto-clean, then use the manual removal instructions for each virus to ensure proper removal.
4) Use TrendMicro's Housecall Online virus scan, set for auto-clean. Follow manual removal instructions for any viruses found to ensure removal.
5) Run both SpyBot S&D (scan & immunize), and AdAware (scan).
6) Install and run Vision, to monitor computer's network traffic.
7) Run full SAV scan again.
A bit extreme, and at least a half-day affair (longer for the end-Users that have insane numbers of files, like 400,000). But so far it has cleaned up all the nasty infestations we've had. If the system doesn't have any data that needs to be saved though, usually it's just re-imaged and we forget about it.
__________________
GEEK CODE V.3.12: GCS/E d-- s: a-- C++ US+ P+ L++ E--- W+++ N+ !o? K- w-- !O M++ V? PS+ PE Y+ PGP t- 5++ X R !tv-- b+++ DI++ D+ G+ e+++ h !r*-- y?
SE4 CODE: A-- Se+++* GdY $?/++ Fr! C++* Css Sf Ai Au- M+ MpN S Ss- RV Pw- Fq-- Nd Rp+ G- Mm++ Bb@ Tcp- L+
|