Clinic

Clean up spyware-infected PCs: Stage two -- Immediate actions

Do you know what to do immediately after a workstation is infected with spyware? Read what the experts have to say, or click here to go back to the scenario.


Kevin Beaver: In this case, you should run another antispyware scanner or two to see if the mess can't be cleaned up. Unfortunately, spyware and adware protection will require a multi-layered defense to be effective going forward.

Tony Bradley: To prevent any Windows Messenger Service spam from sending pop-up messages to the system, you can disable the Windows Messenger Service (not to be confused with the MSN Messenger instant messaging utility) or block traffic coming in on UDP ports 135, 137 and 138 and TCP ports 135, 139 and 445.

The user has already verified that the antivirus software is up to date and has run Spybot - Search & Destroy, one of the best antispyware utilities available. The fact, however, is that none of the antispyware applications are 100% effective. Rather than relying simply on the S&D results, the user could also try other antispyware software, such as Lavasoft's Ad-Aware, the beta version of Microsoft Windows AntiSpyware or Webroot Software Inc.'s Spy Sweeper.

Lawrence Abrams: Though hijackers do not spread to other machines, in many cases they do severely lower the security settings of Internet Explorer. It is, therefore, important to prevent users from using their computers until these infections have been removed in order to avoid further infections.


Stage three: Cleanup and recovery


About the experts: More information about our experts is available on the scenario page.

This was first published in June 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: