Help
restore.log:
SOFTWARE hive restored from RP4
SYSTEM hive restored from RP4
SECURITY hive restored from RP4
SAM hive restored from RP4
Great!!! After rebooting, the windows started normaly without USB drive.
The Desktop is white with button called Restore my Active Desktop.
In a lower right corner of the screen message appeared:
Search Settings Notification
A program was blocked from changing your default search settings.
Thanks for the help
I'm looking forward for further instructions
Rootkit kbdclass.sys and win32:alureon-FZ infections?
Back to top
#32
- Bleepin' Blonde
-
- Group: Malware Study Hall Admin
- Posts: 38,987
- Joined: 05-October 07
- Gender:Female
- Location:Romania
Posted 10 February 2011 - 01:59 AM
Does your desktop come back when you click that button?
MALWAREBYTES ANTIMALWARE
-------------------------------------------
Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
MALWAREBYTES ANTIMALWARE
-------------------------------------------
Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
- Make sure you are connected to the Internet.
- Double-click on mbam-setup.exe to install the application.
- When the installation begins, follow the prompts and do not make any changes to default settings.
- When installation has finished, make sure you leave both of these checked:
- Update Malwarebytes' Anti-Malware
- Launch Malwarebytes' Anti-Malware
- Update Malwarebytes' Anti-Malware
- Then click Finish.
- If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
- If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
- Make sure the "Perform Full Scan" option is selected.
- Then click on the Scan button.
- If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
- The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
- When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
- Click OK to close the message box and continue with the removal process.
- Click on the Show Results button to see a list of any malware that was found.
- Make sure that everything is checked, and click Remove Selected.
- When removal is completed, a log report will open in Notepad.
- The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
- Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
- Exit MBAM when done.
#33
- Member
-
- Group: Members
- Posts: 21
- Joined: 31-January 11
Posted 10 February 2011 - 06:17 AM
When I click the button Restore my Active Desktop it opens message:
Internet Explorer Script Error
An error has occurred in the script on this page
Line: 65
Char: 1
Error: Object doesn't support this action
Code: 0
URL: file:///C:/Documents%20and%20Settings/greg/Application%20Data/Microsoft/Internet%20Explorer/Desctop.htt
Do you want to continue running script on this page?
No matter which button I click Yes or No - nothing happen
Anyway, I start your instructions on MALWAREBYTES ANTIMALWARE
Internet Explorer Script Error
An error has occurred in the script on this page
Line: 65
Char: 1
Error: Object doesn't support this action
Code: 0
URL: file:///C:/Documents%20and%20Settings/greg/Application%20Data/Microsoft/Internet%20Explorer/Desctop.htt
Do you want to continue running script on this page?
No matter which button I click Yes or No - nothing happen
Anyway, I start your instructions on MALWAREBYTES ANTIMALWARE
#34
- Member
-
- Group: Members
- Posts: 21
- Joined: 31-January 11
Posted 10 February 2011 - 06:53 AM
Malwarebytes' Anti-Malware is Downloaded, Installed and Updated and now Scanning is started. I suppose that it will take an hour or two. Till now - Objects infected: 11
#35
- Member
-
- Group: Members
- Posts: 21
- Joined: 31-January 11
Posted 10 February 2011 - 12:46 PM
MBAM log report:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5730
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
10.2.2011 г. 19:26:54
mbam-log-2011-02-10 (19-26-54).txt
Scan type: Full scan (C:\|D:\|F:\|H:\|I:\|J:\|)
Objects scanned: 350665
Time elapsed: 4 hour(s), 31 minute(s), 34 second(s)
Memory Processes Infected: 2
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 7
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 6
Memory Processes Infected:
c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> 2296 -> Unloaded process successfully.
c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> 1456 -> Unloaded process successfully.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Value: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Value: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\COMPONENTS\WIDGITOOLBARFF.DLL (Adware.WidgiToolbar) -> Value: WIDGITOOLBARFF.DLL -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ADP (Rogue.Multiple) -> Value: ADP -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Bad: (93.188.162.80,93.188.161.13) Good: () -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> Quarantined and deleted successfully.
c:\program files\iobit toolbar\IE\4.1\iobittoolbarie.dll (PUP.Dealio) -> Quarantined and deleted successfully.
c:\program files\autocad 2006 full version_english + keygen 100% w0rking\autocad 2006\Keygen.exe (Malware.Gen) -> Quarantined and deleted successfully.
c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
c:\program files\iobit toolbar\widgihelper.exe (PUP.Dealio) -> Quarantined and deleted successfully.
c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5730
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
10.2.2011 г. 19:26:54
mbam-log-2011-02-10 (19-26-54).txt
Scan type: Full scan (C:\|D:\|F:\|H:\|I:\|J:\|)
Objects scanned: 350665
Time elapsed: 4 hour(s), 31 minute(s), 34 second(s)
Memory Processes Infected: 2
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 7
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 6
Memory Processes Infected:
c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> 2296 -> Unloaded process successfully.
c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> 1456 -> Unloaded process successfully.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Value: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} (PUP.Dealio) -> Value: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\COMPONENTS\WIDGITOOLBARFF.DLL (Adware.WidgiToolbar) -> Value: WIDGITOOLBARFF.DLL -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ADP (Rogue.Multiple) -> Value: ADP -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Bad: (93.188.162.80,93.188.161.13) Good: () -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> Quarantined and deleted successfully.
c:\program files\iobit toolbar\IE\4.1\iobittoolbarie.dll (PUP.Dealio) -> Quarantined and deleted successfully.
c:\program files\autocad 2006 full version_english + keygen 100% w0rking\autocad 2006\Keygen.exe (Malware.Gen) -> Quarantined and deleted successfully.
c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
c:\program files\iobit toolbar\widgihelper.exe (PUP.Dealio) -> Quarantined and deleted successfully.
c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> Quarantined and deleted successfully.
#36
- Bleepin' Blonde
-
- Group: Malware Study Hall Admin
- Posts: 38,987
- Joined: 05-October 07
- Gender:Female
- Location:Romania
Posted 10 February 2011 - 12:57 PM
#37
- Member
-
- Group: Members
- Posts: 21
- Joined: 31-January 11
Posted 10 February 2011 - 01:18 PM
Thanks Elise,
I'm very satisfied! My PC is back in life...
Everything seems to work properly.
Is the computer clean and safe now or we should do something more?
BTW, some message appears when keyboard and mouse are not touched for a minute (this is from a long time ago not from now):
Error
Could not find the file "swflash.ocx"
I click OK and it disappears but starts again when I don't touch the mouse.
I'm very satisfied! My PC is back in life...
Everything seems to work properly.
Is the computer clean and safe now or we should do something more?
BTW, some message appears when keyboard and mouse are not touched for a minute (this is from a long time ago not from now):
Error
Could not find the file "swflash.ocx"
I click OK and it disappears but starts again when I don't touch the mouse.
This post has been edited by mrblond: 10 February 2011 - 01:20 PM
#38
- Bleepin' Blonde
-
- Group: Malware Study Hall Admin
- Posts: 38,987
- Joined: 05-October 07
- Gender:Female
- Location:Romania
Posted 10 February 2011 - 02:09 PM
Hi, I'm glad to hear that!
UPDATE XP
--------------
Your Microsoft Windows installation is out of date. Using unpatched Windows systems on the Internet is a security risk to everyone. When there are insecure computers connected to the Internet, malware spreads faster and more extensively, distributed denial-of-service attacks are easier to launch, and spammers have more platforms from which to send e-mail. Whenever a security problem in its software is found, Microsoft will usually create a patch for it. After the patch is installed, attackers can't use the vulnerability to install malicious software on your computer. Keeping up-to-date with all these security patches will help prevent malware from reinfecting your machine. If you are not sure how to do this, see How to use Microsoft Update.
For additional information, be sure to read "Windows Xp Service Pack 3 (sp3) Information".
Then go here to check for & install updates to Microsoft applications.
Note: The update process uses ActiveX, so you will need to use Internet Explorer for it, and allow the ActiveX control that it wants to install.
Please reboot and repeat the update process until there are no more updates to install.[/color]
ESET ONLINE SCANNER
----------------------------
I'd like us to scan your machine with ESET OnlineScan
UPDATE XP
--------------
Your Microsoft Windows installation is out of date. Using unpatched Windows systems on the Internet is a security risk to everyone. When there are insecure computers connected to the Internet, malware spreads faster and more extensively, distributed denial-of-service attacks are easier to launch, and spammers have more platforms from which to send e-mail. Whenever a security problem in its software is found, Microsoft will usually create a patch for it. After the patch is installed, attackers can't use the vulnerability to install malicious software on your computer. Keeping up-to-date with all these security patches will help prevent malware from reinfecting your machine. If you are not sure how to do this, see How to use Microsoft Update.
For additional information, be sure to read "Windows Xp Service Pack 3 (sp3) Information".
Then go here to check for & install updates to Microsoft applications.
Note: The update process uses ActiveX, so you will need to use Internet Explorer for it, and allow the ActiveX control that it wants to install.
Please reboot and repeat the update process until there are no more updates to install.[/color]
ESET ONLINE SCANNER
----------------------------
I'd like us to scan your machine with ESET OnlineScan
- Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan - Click the
button. - For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
- Click on
to download the ESET Smart Installer. Save it to your desktop. - Double click on the
icon on your desktop.
- Click on
- Check
- Click the
button. - Accept any security warnings from your browser.
- Check
- Push the Start button.
- ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
- When the scan completes, push
- Push
, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Note - when ESET doesn't find any threats, no report will be created. - Push the
button. - Push
#39
- Member
-
- Group: Members
- Posts: 21
- Joined: 31-January 11
Posted 11 February 2011 - 10:29 AM
ESET online scan report:
D:\Documents and Settings\greg\My Documents\Downloads\registrybooster.exe Win32/RegistryBooster application deleted - quarantined
H:\Adobe Photoshop 9.0 CS2.iso a variant of Win32/Keygen.AO application deleted - quarantined
two more infections..
What is next?
D:\Documents and Settings\greg\My Documents\Downloads\registrybooster.exe Win32/RegistryBooster application deleted - quarantined
H:\Adobe Photoshop 9.0 CS2.iso a variant of Win32/Keygen.AO application deleted - quarantined
two more infections..What is next?
#40
- Bleepin' Blonde
-
- Group: Malware Study Hall Admin
- Posts: 38,987
- Joined: 05-October 07
- Gender:Female
- Location:Romania
Posted 11 February 2011 - 10:33 AM
Those were just some leftovers.
Any problems left? If not, you're good to go!
Please read these advices, in order to prevent reinfecting your PC:
Any problems left? If not, you're good to go!
Please read these advices, in order to prevent reinfecting your PC:
- Install and update the following programs regularly:
- an outbound firewall. If you are connected to the internet through a router, you are already behind a hardware firewall and as such you do not need an extra software firewall.
A comprehensive tutorial and a list of possible firewalls can be found here. - an AntiVirus Software
It is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats. - an Anti-Spyware program
Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
SUPERAntiSpyware is another good scanner with high detection and removal rates.
Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions. - Spyware Blaster
A tutorial for Spywareblaster can be found here. If you wish, the commercial version provides automatic updating.
- an outbound firewall. If you are connected to the internet through a router, you are already behind a hardware firewall and as such you do not need an extra software firewall.
- Keep Windows (and your other Microsoft software) up to date!
I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.
Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!! - Keep your other software up to date as well
Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on yourmachine. - Stay up to date!
The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing.
- Miekies' prevention suggestions
- So How did I get infected?
- Microsoft - 'Security at home'
- Calendar of Updates: See which updates have been released.
- How to backup your Data with Cobian Backup:because you never know, when your harddisk might fail
- Commonly Used Freeware Replacements: a nice list of freeware programs in all categories, that are regarded as useful by the users of this forum.
- osalt: Find (free) open source alternatives to known commercial software.
#41
- Bleepin' Blonde
-
- Group: Malware Study Hall Admin
- Posts: 38,987
- Joined: 05-October 07
- Gender:Female
- Location:Romania
Posted 11 February 2011 - 10:33 AM
Those were just some leftovers.
Any problems left? If not, you're good to go!
Please read these advices, in order to prevent reinfecting your PC:
Any problems left? If not, you're good to go!
Please read these advices, in order to prevent reinfecting your PC:
- Install and update the following programs regularly:
- an outbound firewall. If you are connected to the internet through a router, you are already behind a hardware firewall and as such you do not need an extra software firewall.
A comprehensive tutorial and a list of possible firewalls can be found here. - an AntiVirus Software
It is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats. - an Anti-Spyware program
Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
SUPERAntiSpyware is another good scanner with high detection and removal rates.
Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions. - Spyware Blaster
A tutorial for Spywareblaster can be found here. If you wish, the commercial version provides automatic updating.
- an outbound firewall. If you are connected to the internet through a router, you are already behind a hardware firewall and as such you do not need an extra software firewall.
- Keep Windows (and your other Microsoft software) up to date!
I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.
Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!! - Keep your other software up to date as well
Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on yourmachine. - Stay up to date!
The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing.
- Miekies' prevention suggestions
- So How did I get infected?
- Microsoft - 'Security at home'
- Calendar of Updates: See which updates have been released.
- How to backup your Data with Cobian Backup:because you never know, when your harddisk might fail
- Commonly Used Freeware Replacements: a nice list of freeware programs in all categories, that are regarded as useful by the users of this forum.
- osalt: Find (free) open source alternatives to known commercial software.
