I wonder if you people would look at my checklist for the Consultant Psychiatrist at work. He came to me to say that he needed me to download a removal tool for Sasser worm which he's managed to get onto his puter and the removal tool for which he can't download because said computer is constantly shutting down.
We looked at the relevant Microsoft pages together and I explained what they were all about and what the different instructions were telling him to do. I then found out that he didn't have any Microsoft Critical Updates and Security patches in place, no firewall, he's on Broadband and I'll bet his antivirus software whatever it is is way out of date!
I have this evening put together a pack of URLs for Avast!, Kerio, Firebird, Netscape, Spybot, THunderbird, Eudora, Pegasus and Adaware so he can download these himself and at least try the different e-mail and browser solutions, and downloaded as many Critical Updates and Security Packs as I could find related to Windows XP (the relevant operating system) on Microsoft, I have also downloaded your removal tool and the Microsoft one and saved relevant web pages to disk as he can't get online to get them himself and hasn't got the necessary protection. Since I haven't heard from him I assume he's managing to follow the instructions on the Microsoft pages which include switching on the XP firewall as an emergency measure till he can download the Kerio firewall or something else more sensible than the XP one.
The plan (at least mine) at the moment is:-
(1) get rid of Sasser using the online removal tools from yourselves and if necessary Microsoft and if necessary reinstall XP
(2) get the security patches I have downloaded for him installed BEFORE he goes back online
(3) go online straight to Windows Update to find out if there are any other Critical Updates and Security Patches he needs and
(4) get him to download Avast and get rid of whatever antivirus he has if as I suspect the subscription for his updates is out of date, plus a decent firewall (either Sygate or Kerio). Then I plan to have him run a full system scan with up to date Avast!, Spybot and Ad Aware if we haven't had to reinstall. And while we're at it get him onto safer browser/e-mail system than the Microsoft ones which I think are probably what he's using at the moment.
I may not have got all of the updates but if he has at least got some of the protection he needs he should be able to go straight to Microsoft and get the relevant patch numbers from Windows Update the first time he goes online. I've also told him to attend the Turbo Charging your Computer class and the upcoming new Computer Security class at Virtual University so he can learn how to maintain his machine properly!
This is the first time I've actually done technical support work of this sort and I'd appreciate it if you would advise me if there is anything else he should do at present.
I understand the computer is a Sony laptop but I don't have any other details at this stage. It does however have the capability to run XP and he didn't mention any problems with it other than the virus.