How did I get infected?

use a condom, Practice safe Internet!

Edited by Derek Ellis, 10 May 2010 - 10:59 PM.

Can you update your list from the first post? Would you still recommend Spybot? The information is also for IE 6. Thanks!

Can you update your list from the first post? Would you still recommend Spybot? The information is also for IE 6. Thanks!

I do not recommend Spybot now. There are better ones, the old stalwart, SpywareBlaster, and the new ones SUPERAntispyware and Malwarebytes' Anti-Malware. All three are free and paid versions; the paid version of SpywareBlaster adds autoupdate for ten dollars a year.

@Andrew, you said that you use NoScript. Can't that get annoying if it by some chance blocks a legit script from running? I mean, aren't some Javascripts on a page good? I mean, isn't that how we receive content in some matters of fact?

8. Stay away from Warez and Crack sites! In addition to the obvious copyright issues, the downloads from these sites are typically overrun with infections.

8) you got me i did get infected by that just today, but running it under sandboxie is pretty good

Hi, I use Google Chrome as my browser, I really like it, but would like to know what security measures I can use to keep it safer, I've seen the ones you posted for firefox and IE, so are there any for Chrome??

Though this won't always work, using Web of Trust (WOT) for your browser, such as Chrome, and Firefox, you can see if the website you'd like to visit is "safe" to visit. I use it all the time, and haven't had a malware attack in the longest time.

@Andrew, you said that you use NoScript. Can't that get annoying if it by some chance blocks a legit script from running? I mean, aren't some Javascripts on a page good? I mean, isn't that how we receive content in some matters of fact?

Sure - but NoScript is pretty flexible. For example:

Main Purpose - You go to an unknown or accidentally click on a link and the site launches 50 pop-up windows faster than you can close them. Since these are usually launched by JavaScript, with NoScript, you won't get any windows except the main site.

Now - you go to a site like bleepingcomputer.com and try to register and nothing happens when you enter the Captcha. You are pretty sure this site is safe, so you right-click the NoScript Icon and it shows the script sites it is blocking on the page. You allow these and the page automatically refreshes and works properly. If you aren't sure if the site is safe or not, it has an option to temporarily allow the site and if something bad happens (a pop-up), you can close the browser and the next time you visit the site the script will be blocked.

It isn't foolproof, but it's safer than browsing without using it.

First and foremost, change your browser. I prefer Firefox. Learn how to edit Firefox config settings (about:config) and add in Ad Block Plus, running two solid filters. No Script is overkill. Run something like Network Monitor, Wireshark, or Comodo Killswitch on occasion and analyze your traffic. Or go old school and run netstat. Check your event logs, particularly security logs, and look for events referencing foreign IP addresses/and or domain names. Use a decent Internet Security Suite. Bitdefender is very good, but Symantec or McAfee will suffice. You want a good two client firewall behind your router. Don't be afraid to get familiar with your router. Run some port scans and see what is open. If you want to get creative, run VMWare or virtual pc and set up a few Virtual machines as test environments. Find out what actually works. Most of us here work in IT, and have seen just about every kind of infection you can imagine. 98.9% of them could have been avoided.

And of course, keep your operating system patched.

If you are uber freaked, you can always go the hardware firewall route. If you do not work in IT however, I would avoid that as you are probably getting in over your head.

Main just use common sense. Peer to peer file sharing and warez is a sure fire way of getting infected. Don't open attachments you do not recognize. And please people, if you insist on living on Facebook please lock down your environment.

Most importantly, use complex passwords and do not use the same password twice. Minimum eight characters in length, containing any three of the four following groups, upper case, lower case, number, and symbol.

Also, some of my fellow administrators and engineers need to clean up their networks a bit. Run audits, use group policy properly, implement solid IDS and patch management solutions.

Edited by I eat wyrms, 05 December 2011 - 03:50 PM.

that was a great information...

Thank you for giving important guidelines.I will surely keep them in mind and will apply them in order to prevent my computer from getting infected.

Main just use common sense. Peer to peer file sharing and warez is a sure fire way of getting infected. Don't open attachments you do not recognize. And please people, if you insist on living on Facebook please lock down your environment.

I simply do not like Facebook, ergo I very seldom use it.

Hopefully my ignorance will be forgiven, but what is meant by "lock down your environment"?

what is meant by "lock down your environment"?

It means hardening Windows Security and taking all measures to protect your computer.

See the first page of this topic.
Also see Best Practices for Safe Computing - Prevention

Thank you quietman7!!

You're welcome.