Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 1. Go to start, run, type msconfig, go to the start up tab and remove everything you cant positively identify as "good" - better be safe - you can always re install software
- 2. Go to add/remove programs in the control panel and uninstall anything the user(s ) don't use/can't explain the presence of/don't use
- 3. Install the MVPS HOSTS file (www.mvps.org/winhelp2002/hosts.htm) - which WILL block some“parasites” talking to their base and will on occasion make it harder to get spyware.
- 4. Reboot
- 5. Physically disconnect computer from any network/phone lines/Internet etc
- 6. Uninstall current AV (make sure you have the install file at hand though) & anti-spyware & firewalls etc [normally not a clever move]
- 7. Reboot computer
- 8. Install following software(from CD/usb etc):
- spybot s&d (http://www.spybot.info/en/mirrors/index.html)
- ad-aware se ( http://www.lavasoftusa.com/products/ad-aware_se_personal.php)
- nod32 AV – (download a 30 day trial from www.eset.com http://download1.eset.com/eval/win/v2/nentenst.exe)
- sunbelt/kerio firewall ( www.sunbelt-software.com/Kerio.cfm)
- 9. reboot
- 10. a) scan with spybot s&d then ad-aware and lastly nod32 AV (remember this computer is still not on the Internet)
- b) deal with any viruses/Trojans/worms etc you may find by deleting them - you should delete any viruses etc you may find in the scans
- 11. probably wise to reboot
- 12. connect to Internet, update AV, update anti-spyware programs, make sure kerio is up to date is probably also a good idea.
- b)You probably DON'T need to rescan the computer now but if you wanted to be VERY secure you should go back to to step 10 - depends how much time one has
- 13. watch the firewall like a hawk - it will pop boxes up to allow new programs to access the Internet. any resident spyware will almost certainly attempt to access the Internet
- if this spyware is still running with all this AV and anti spyware stuff running then you have a very interesting infection (because it seems to b invincible) and you should probably try and find out where it is and manually delete it - this will probably do nothing but there is always a chance -the firewall will show the .exe(or other .pif for example) which is trying to connect and where it is located
- 14. update windows from windows update - even if the copy of windows is pirate or its origin is suspect, critical updates are still available, and install them is compulsory -though out of kindness to the user( of a suspect copy) go on "custom" when updating and don't install anything to with "windows genuine advantage" - otherwise you will be installing "windows nagware/spyware" - about as bad as what u have just removed
- 15. install firefox and import bookmarks from ie etcput on the adblock plus[plus subscriptions] and the firefox active x plugin and fasterfox extension, if user has gmail account install gmail notifier, alternatively look for other notifier extension if user has hotmail/yahoo etc though don't necessarily install it. set firefox the default browser. REMOVE prominant links to IE from desktop etc (but don't make it impossible to find it)
- 16. re-install any software which you accidentally made malfunction during virus removal.
- 17. make an active decision:
- keep nod32 AV + kerio firewall + spybot + ad-aware
- personally i would recommend that (though if the machine is a bit low spec i would remove ad-aware and just have nod32, kerio, & spybot)
- OR
- if the user prefers, reinstall previous security software and set it up correctly
- step 17b) set scheduled AV scan for every monday night, (or other convenient time) - most AV can do this
- 18. train user with software - how to do AV scans, anti spyware scans, what not to allow access to the Internet (anything to do with shopping or money in its name usually if a good general one)
- 19. preferably show the user a detailed log of everything you have done, the hours you have worked with a three figure number at the bottom ALTERNATIVELY suggest they do summat for u/owe u a favour for u sorting out their computer
- 20. give him a piece of paper with your name, phone number, mobile and email and tell him not to lose it
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement