🛡️ Policy Violations Playbook

(Covers: Unwanted Software, Prohibited Files, and Malware)

Windows (Desktop & Server)

Objective: Find and remove software and files that violate security policy, including games, “hacking” tools, PUPs, malware (backdoors, keyloggers), and unauthorized media files.
Tools:
- appwiz.cpl (Apps & Features)
- File Explorer
- Windows Security
Common Actions:
- Unwanted Software: Open appwiz.cpl. Review the list of installed programs. Uninstall anything that is a game, a “hacking” tool (e.g., Wireshark), a PUP (e.g., CCleaner), or other unauthorized software.
- Prohibited Files: Use File Explorer to search the entire system (especially user C:\Users directories) for prohibited file types (e.g., .mp3, .mp4, .avi, .iso) and delete them.
- Malware: Run a full scan using Windows Security. Malware is often “hidden” and won’t appear in the appwiz.cpl list.

Objective: Find and remove software and files that violate security policy, including games, “hacking” tools, PUPs, malware, and unauthorized media files.
Tools:
- Terminal
Common Actions:
- Unwanted Software: List installed packages with dpkg --list. Remove unwanted packages using sudo apt remove <package-name> (e.g., aisleriot, ophcrack).
- Prohibited Files: Use the find command to search for files. Example: find /home -name "*.mp3". Once found, remove them with rm.
- Malware: Install and run tools like chkrootkit or rkhunter to scan for common rootkits and backdoors.