Home
| > hashbang.iacl.org > Computer Security > Windows Security
Windows Security |  | |
Help page for identifying and removing malware components from Windows operating system:
Check Add/Remove Programs. (Remove unused or suspicious programs)
*Check currentversion/run registry. (Be careful with what you delete in regedt32)
Check Control Panel/Networking for Protocols. (MS networking protocols may not be needed)
*Check Control Panel/Admin Tools/Services for running Services. Stop and or disable those known to be suspicious.
Check Start Menu/Programs/Start-up under Start Key.
*Check Win.ini and System.ini - do a search for *.ini and go from there.
Check Control Panel/Internet Options.
Those options can be tricky, there are a few legacy default ones that are weak.
Check Scheduled Tasks for a task that runs with start-up.
Check "Users" for suspicious entries (Some software creates it's own "user". Caution is advised.
Check Windows Explorer for shared folders, recently created folders and files.
(server) for default script mappings, default site and initial "example" scripts in inetpub folder.
|
|
|
