- Disable access to certain sites including Microsoft, known Antivirus sites
- Creates a lot of traffic on your network
- Makes domain controllers slow to respond
- Force account lockouts on domain computers
- Many other stuff (depending on the variant)
- Perform Windows Update. http://windowsupdate.microsoft.com . Get service packs if needed. Run windows update at least twice.
a. If you do not want to run Windows update, just get this patch: http://support.microsoft.com/kb/958644 the patch from the MS08-067.
b. Download and install this KB patch http://support.microsoft.com/kb/967715/ .Look under the “Prerequisites to disable Autorun capabilities” section and download according to your system. Without this patch, some computers may not be able to disable network autorun function which the virus can propagate. Now, go ahead and disable autorun via GPO/manually like described in that article.
- Download and install (the free version). http://www.malwarebytes.org/mbam-download.php
a. Close all running applications include browsers etc.
b. Install the software
c. Update the database (as instructed during setup)
d. Run the scan (as instructed during setup)
- Stop the Task Schedular service in all your Windows machines. (this service allows you to automate processes based on time, such as windows backup. It is safe to remove them on workstations under the assumption that automated running programs are not needed on desktop levels)
- Stop the Server service on desktops (not server). The server service allows it to share files accross the network. To access shared files, is the Workstation service. Just stop the server service for the time being until you’ve got the network sorted out.
- Start scanning like the steps above.