Posted 31 January 2010 - 04:39 PM
A few weeks ago, my wife's Windows XP machine was infected with the Antivirus 2010 ransomware. Using tutorials on this site, I removed it. I also spent some time working on removing an issue with Google search redirects that she had been having. It appeared that I had removed both problems, but today, her machine tossed up a window from the Antivirus Soft ransomware. I'm currently following the tutorial to remove it, and an MBAM scan is in progress (and has found 3 infected items already).
I'm confident I can remove this instance of the problem by following the tutorial, but I'd like to see if there's anything that can be done to further prevent these infections from recurring in the future. It's not clear how the machine was infected. My wife uses Firefox to browse the web, and says she hasn't visited any obviously bad or sketchy looking sites. AVG is running on the machine, as is the Windows Firewall. After MBAM has done its work, I was going to follow the tutorial on installing SpywareBlaster, but I see it is from 2004 -- is that software still worth installing and having running?
Are there some other steps I can take to try and identify holes or vulnerabilities, or ensure that there isn't something else lurking beneath the surface that is enabling these infections? Like I said, it's not too difficult for me to remove these infections when they occur (though, of course it's a waste of my time and a slight PITA), but I'd just like to make sure the machine has a clean bill of health. Any suggestions on how I should get started?
Thanks in advance for any help!