Remotely scan pc for spyware

neo468

Is there any kind of program out there that you can scan pc's remotely for spyware, over the network.

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

sprkymrk

There are a couple of Enterprise versions of Anti Spyware programs, like Counter Spy Enterprise and Pest Patrol. They generally will let you initiate scans remotely, but require a client piece of software be installed on the remote machines in order to manage them from a common console.

tibul

also spybot search and destroy also have a network version of there product that allows you to scan for spyware remotly, but you need some software on the client machine to be able to run it.

neo468

It would be ideal to have scanner that doesnt need a client install, the whole reason for remote scanning is so I dont have to bother the user from their work. I know most require a client install though

kujayhawk93

I've never tried this, but maybe it would work:

Have the user create a share of their C drive. (Not the existing C$ share, but a new share)

Map a drive on your computer, or whatever computer you're initiating the scan from, to the share on the user's machine.

Run your antispyware software and tell it to scan that mapped drive.

What does everyone think, would this work?

Trailerisf

Doubt it... how would you access the registry?

sprkymrk

kujayhawk93 wrote:

I've never tried this, but maybe it would work:

Have the user create a share of their C drive. (Not the existing C$ share, but a new share)

Map a drive on your computer, or whatever computer you're initiating the scan from, to the share on the user's machine.

Run your antispyware software and tell it to scan that mapped drive.

What does everyone think, would this work?

You would probably spend an extremely long time and end up only finding temporary internet files and cookies. You would miss things like running processes, registry entries, modified hosts files, etc. Maybe if RussS chimes in he could let us know if he's ever tried it. Removing malware is one of his specialties.

kujayhawk93

I realized after I posted that it wouldn't be able to scan the registry or detect anything running in memory, oh well!

JDMurray

Applications can easily access another machine's Windows registry over a network, assuming that they have the permission to do so. And scanning the memory of a remote machine is accomplished by having a scanning service in stalled on the machine, but administered from a remote management application. Remote scanning is a common feature of most "for pay" A/V and Spyware scanners.

RussS

neo468 - Your best bet is CA Pest Patrol. There is no need to interupt your users as you can push the client out to them and can then control when they are scanned. I have a few sites that scan at shut-down so the user is not effected.