[discogail]

How did I get infected in the first place?

You usually get infected because your security settings are too low.

Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:

1.) Watch what you download!
Many freeware programs, and P2P programs like Grokster, Imesh, Kazaa and others are amongst the most notorious, come with an enormous amount of bundled spyware that will eat system resources, slow down your system, clash with other installed software, or just plain crash your browser or even Windows itself. If you insist on using a P2P program, please read This Article regarding the risk of Identity Theft. The United States Computer Emergency Rediness Team (CERT), recommends avoiding the use of file sharing software...read why.

2.) Go to IE > Tools > Windows Update > Product Updates, and install ALL High-Priority Security Updates listed.
If you're running Windows XP, that of course includes the Service Pack 2! If you suspect your computer is infected with Malware of any type, we advise you to not install SP2 if you don't already have it. You can post a HijackThis log on our Forums to get free Expert help cleaning your machine. Once you are sure you have a clean system, it is highly recommended to install SP2 to help prevent against future infections.

It's important to always keep current with the latest security fixes from Microsoft.
Install those patches for Internet Explorer, and make sure your installation of Java VM is up-to-date. There are some well known security bugs with Microsoft Java VM which are exploited regularly by browser hijackers.


3.) Install Javacool's SpywareBlaster. This tool will:

• Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software.
• Blocks spyware/tracking cookies in Internet Explorer and Mozilla/Firefox.
• Restricts the actions of potentially unwanted sites in Internet Explorer.

After you install SpywareBlaster, be sure to download the latest updates. You'll see a list of all spyware programs covered by the program (NOTE: this is NOT spyware found on your computer)
Press "Enable All Protection", and you're done.
The spyware that you told Spywareblaster to set the "kill bit" for won't be a hazard to you any longer.
Although it won't protect you from every form of spyware known to man, it is a very potent extra layer of protection.
Don't forget to check for updates every week or so.

4.) Let's also not forget that Spybot Search & Destroy has the Immunize feature which works roughly the same way.
It can't hurt to use both.

5.) Another excellent program by Javacool we recommend is SpywareGuard.
It provides a degree of real-time protection solution against spyware that is a great addition to SpywareBlaster's protection method.

An Anti-Virus program scans files before you open them and prevents execution if a virus is detected - SpywareGuard does the same thing, but for spyware! And you can easily have an Anti-Virus program running alongside SpywareGuard.
It now also features Download Protection and Browser Hijacking Protection!

6.) For IE-SPYAD users, please Note: the original IE-SPYAD format that used .REG files to load and unload the Restricted Sites list is no longer available and will not be maintained. The same holds true for IE-SPYAD2. Both are replaced by what used to be called IE-SPYAD for ZonedOut. ZonedOut is a free utility that loads and unloads a plain text list of domains into the Restricted sites zone. You can think of ZonedOut as an improved replacement for the .BAT file utility used in the "original" IE-SPYAD. This new version of IE-SPYAD provides the same protection as the old version, but is easier to use and maintain.


7.) It is critical that you use a firewall to protect your computer from hackers. We don't recommend the firewall that comes built in to Windows. It doesn't block everything that may try to get in, and the entire firewall is written to the registry. Whats worse, it's only one way. It does absolutely nothing to protect you from your own computer sending your private data out to the web.

As various kinds of malware hack the Registry in order to disable the Windows firewall, it's far preferable to install one of the excellent third party solutions. Two good ones, that are freeware to boot, are ZoneAlarm and Comodo.

8.) Finally, after following up on all these recommendations, why not run Jason Levine's Browser Security Tests
They will provide you with an insight on how vulnerable you might still be to a number of common exploits.