|
|
> Computer Related > Computer Security > Windows Security
Windows Security |  | |
Help page for identifying and removing malware components from Windows operating system:
Check Add/Remove Programs. (Remove unused or suspicious programs)
*Check currentversion/run registry. (Be careful with what you delete in regedt32)
Check Control Panel/Networking for Protocols. (MS networking protocols may not be needed)
*Check Control Panel/Admin Tools/Services for running Services. Stop and or disable those known to be suspicious.
Check Start Menu/Programs/Start-up under Start Key.
*Check Win.ini and System.ini - do a search for *.ini and go from there.
Check Control Panel/Internet Options
Check Scheduled Tasks for a task that runs with startup (only on more "server" oriented systems)
Check "Users" for suspicious entries (Some software creates it's own "user". Caution is advised.
Check Windows Explorer for shared folders, recently created folders and files.
*Check IIS (server) for default script mappings, default site and initial "example" scripts.
Check patch status and patch up to iac resouce page to protect against known network attacks. (Many Windows patches are for protection from exploits that require you to brwose to a specifically malformed site in IE) Exercise caution or use a different browser when surfing to otherwise unknown locations.
* Admin item requiring highly specific knowledge of what to look for and do.
|
|
> Computer Related > Computer Security > Windows Security
|
