Bienvenido! - Willkommen! - Welcome!

Bitácora Técnica de Tux&Cía., Santa Cruz de la Sierra, BO
Bitácora Central: Tux&Cía.
Bitácora de Información Avanzada: Tux&Cía.-Información
May the source be with you!

Friday, August 19, 2011

Mentor, Analyst - Security Team

Clear Cookies
Clear your IE cookies. Start>Settings>Control Panel>Internet Options>General. Under Temporary Internet Files, click on Delete Cookies. Then click Delete Files.
Reset System Restore
  • Go to Start>Run, type SYSDM.CPL and press Enter.
  • Select the System Restore tab.
  • Check "Turn off System Restore on all drives" and click Apply.
  • Now uncheck the same option and click OK.
Re-enable Protection
Turn back on any malware prevention tools we might have had you switch off.
Microsoft Updates
It is very important that you get all of the critical updates for your Operating System and Internet Explorer. Keeping your OS and browser up to date will help make you less susceptible to attacks by malware. Using Internet Explorer, please go to Microsoft's Windows Update and download all of the critical updates to help prevent possible re-infection.
Please ensure that you have already patched your system against these recent critical exploits:
Enable Windows Auto Update:
  • Go to Start>Run, type WUAUCPL.CPL and press Enter.
  • Make sure "Keep my computer up to date" is checked.
  • Under settings, choose "Automatically download the updates, and install them on the schedule that I specify".
  • Click on "OK".
Tool Deletions
Feel free to remove these tools and their folders:
  • FixWareout
  • Autoruns/Autocmd
  • CleanUp! (uninstall from Add/Remove Programs)
Malware Prevention
This is a good time to set up protection against further attacks. You might want to read Tony Klein's "How Did I Get Infected In The First Place?". At the minimum, you need an antivirus that is continually updated, a good firewall, a spyware blocker such as Spyware Blaster, and a real time spyware program such as Spyware Guard to prevent spyware intrusions. I also recommend IE-Spyad, which places over 4,000 websites and domains in the IE Restricted list, thus helping prevent attempts to re-infect your system. All of these have no-strings-attached free versions available. However, be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use but often have malware in them.
Two more articles you may want to read at your leisure are "KRC Anti-Spyware Tutorial" and "Making Internet Explorer Safer".
The following is a list of free software we recommend:
AV software should be updated at least once a week for optimum protection. Here are some free AV programs available for personal use. NOTE: Do not install more than one AV program because they will conflict with each other. Only pick one.Firewalls
A good firewall is the first-line of defense for your computer and will monitor incoming and outgoing traffic. NOTE: Microsoft's Firewall does not monitor outgoing traffic. If you are unfamiliar with how a firewall works, you can read "Understanding and Using Firewalls". Here are some free firewalls available for personal use:Realtime Malware Prevention Tools
These programs actively watch your computer for possible malware-related changes and help prevent them. You can run more than one of these at a time.Passive Malware Prevention Tools
These programs configure your computer to prevent known malware-related changes. You can have more than one of these at a time and they take up minimal resources.
  • SpywareBlaster - Install & update SpywareBlaster with the latest definitions. After you have updated, click the button - enable protection for all unprotected items. Check regularly for updates.
  • IE-Spyad - Extract to your desktop and double-click install.bat. Install options #2 and #4. IE-Spyad places more than 4,000 dubious domains in the IE Restricted list, which impairs attempts to infect your system. It prevents any downloads from the sites although you will still be able to connect to them. You can read more about it on it's homepage.
  • MVPS Hosts File - extract and double-click the mvps.bat file. This will replace your current HOSTS file with one that will restrict known ad sites form serving you unsolicited advertisements, preventing your computer from connecting to those sites.
  • McAfee SiteAdvisor - helps to warn you before you interact with a dangerous Web site. Works with both IE and Firefox.
Alternative Web Browsers
Using an alternative browser can help prevent malware from being installed without your knowledge, but may not work on all websites.Alternative Miscellaneous
Here are some alternatives that are worth looking into if you use their features:
  • Trillian - an Instant Messenger client that speaks multiple IM services (AIM, Yahoo!, ICQ, MSN, etc.)
  • Miranda-IM - another Instant Messenger client with multiple IM capabilities.
  • Desktop Weather - A taskbar weather program that is free and resource light.

No comments: