What is the best way to track, prevent, and uninstall rogue software?
What is the best way to track, prevent, and uninstall rogue software? Process or steps?
K1000 version 5.4xx
Community Chosen Answer
For tracking: I setup an automated report that displayed all software installed in the last 24 hours and reviewed that report each morning. Being proactive is one of the best ways to mitigate malware.
Prevention: Don't have your users running as local admins. Have a strong antivirus installed on all of your systems. Don't allow USB drives to freely connect to your systems with something like Sophos or GPO.
Uninstall: See your other two questions on the same topic. I setup a Managed Installation associated with a Smart Label on the K1000 that would detect rogue software and automatically uninstall it using the command line. For more malicious malware, check out my blog post on using Sysinternals tools for malware remediation: http://www.itninja.com/blog/view/malware-hunting-with-sysinternals-tools