I have a client who has been informed by his ISP that SPAM is being sent from the one PC that is at the location serviced by the ISP. I have ran the MS safety scanner which reported finding and removing the following thre exploits:
HTML/CVE-2010=4452.A Jave/CVE-2010-0840 Java/CVE-2010-4452
The MS Malware Protection Center Report for each of these exploits says they use Java. As far as I can tell Java is not loaded on this PC it is not listed in Conto Panel - Uninstall Programs. Is there something else I need to do to find and remove
old copies of Java?
After running the Safety.Live scanner I ran ViperRescue and TDS Killer. They both found HEUR:Exploit.Script.Generic and HEUR:Trojan.Script.IFrame
The information I found on these exploits suggest diabling Autorun for the hard drive, network drives and removable media. How is this done?
Could these exploits be allowing the SPAM?
Is there anything else I should check or do to insure that this computer can not be used to send SPAM.
