Network intrusion detection and prevention and malware removal
Clean up spyware with the Windows Security Clinic
By Robyn Lorusso
No one is safe from spyware -- particularly not naïve users who are quick to click pop-up boxes and installation prompts, entertain spam offers or surf malicious Web sites.
The best preventative measure is probably end-user education, but for many, it's already too late and spyware issues are running rampant on Windows workstations. To help you identify, troubleshoot different types and clean up spyware infections, check out the following scenarios. We'll present several end-user complaints followed by diagnoses and possible courses of action to take from three Windows security experts. You'll find that each expert has a unique solution to each problem -- so be sure to consider them all when troubleshooting your own spyware issues. Good luck!
The users' problems
I support over 300 users who have both home and work computers running either Windows XP or Windows 2000. Several users have reported the following problems:
- When the browser is closed (not even connected to the Internet sometimes) pop-up ads appear.
- When opening Internet Explorer, a site like HotOffers.com appears instead of our intranet home page.
- A search toolbar called Viewpoint appeared on the browser, and it keeps running searches on whatever we type into our address fields.
I have up-to-date antivirus software and found no viruses. My Spybot - Search & Destroy scans find unfamiliar files that I'll remove, but it does nothing to solve these problems. What are they? How can I get rid of them? HELP!
The experts' remedies
Lawrence Abrams: CTO of a New York City-based ISP, and owner/creator of BleepingComputer.com, a Web site devoted to teaching basic computer concepts focusing on the removal of malware.
Do you have an idea for a Windows Security Clinic? and we'll address it in our upcoming editions.
23 Jun 2005
Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.