This is an update on my first post about the removing the trojan called smithfraud. I help my friend get rid of the trojan and had the system purring, but shortly after he got back on the Internet with no protection and got hacked again. This time worse then before. Not only did he get smithfraud AGAIN but he got some crap I never even heard of. I may have to wipe his entire hard drive.
I constantly tell him how important it is to secure your system even if your on dial-up. Just having Sp2 for XP is not enough. I recommend at least a firewall.
If you have a broadband connection check out my walk through on securing broadband Internet connections.
3 Easy Steps for Broadband Internet Security for your Cable Modem and DSL
Broadband Internet Security for Cable Modems/DSL:
1) Get Yourself a Router
your ISP issues you a fairly robust router with instructions on how to
secure it, you may not need a router. Just follow their instructions on
how to configure the security on the device. Step 1B explains what
security features are needed.
A. Types of routers:
linksys, Netgear, Actiontec When you buy a router look for the following features:
Four 10Base-T/100Base-TX RJ-45 ports, one 10Base-T broadband WAN port, one 10Base-T/100Base-TX RJ-45 uplink port
This means that it can get four of you
computers online using Cat 5.
If you have multiple computers and your Cable/DSL device does not support more than one connection I do NOT recommend wireless.
you can, connect the DSL device to another router. You will need to use
a crossover CAT 5 cable to connect the two like devices (i.e. computer
to computer, router to router) require a crossover cable.
A USB cable will also work.
B. Configure the Router Correctly:
security, as a minimum, use the Network Address Translation (NAT)
feature of the router to hide your internal computers from the
You may have to go to an Advanced Setup Feature on your router to turn on the NAT feature.
C. Additional Router Security
routers offer additional firewall features for broadband Internet
security such as actively closing ports, blocking websites, blocking
services and integrating third party software firewalls such as
ZoneAlarm and PC-Cillin.
2) Consider using software to protect your system for broadband Internet security
A. Virus protection
Free online virus scan:
More Free Virus tools:
Thefreesite Dot Com
Free trial of Norton Anti-Virus
Free for DOD Employees
Other virus tools:
heard that Norton was better than McAfee and vise-versa, but in my
experience basic computer security can not be beat. The best practices
are to not download e-mail attachments from unknown sources, turn off
java script, cookies and asp functions on the browser and make sure you
dont put virus infected disks into your system. If you do use
Anti-virus software make sure it is updated with the latest virus
Even More Anti-Virus Resources
As you can see MajorGeeks is one of the best resources for freeware on the net.
B. Ad-ware protection
my opinion, adware, spam and spyware have become worse than Virii,
trojans, worms, logic bombs or any other malware in compromising
broadband Internet security.
times there is no difference between adware, spyware and malware.
Adware and spyware creators are constantly coming up with creative ways
to get there software on our computers. Just when I think Ive figured
out a way to eliminate ALL adware, and adware, they come up with a new
brilliant method of deploying their software on my system and keep it
Here is a list of common Adware/Spyware removal tools:
Hijackthis (dont use unless you know what your doing)
best resource in getting rid of adware and spyware and malware are
search engines. Usually you can find someone online who managed to fix
the problem. Forums are an incredible resource for your broadband
Even More Anti-Spy/Ad ware Resources
**BEWARE of WARES**
of Freeware & Shareware from illegitimate sites. A lot of spyware
and shareware comes from freeware such as P2P (i.e. Kazaa). Manytimes
what you think is free is really not free at all. Even if you have a
rare legitimate copy of beloved Kazaa or Sharezaa, WinMX, or whatever,
you MUST beware of what you download.
aware that malware and spyware can be hidden in .jpg, .gif, video and
even sound files. Its call stenography. Its very cool. The safest thing
to do is not use P2P at all. It is almost as bad as wireless.
For secure methods of P2P check out:
Creators of Kazaa: Joltid
C. Software firewall
have used firewalls built in Linksys, Netgear, and Actiontec routers
and I think they work great. They are by no means the push button
solution to broadband Internet Security. For one thing they have holes
just like any other software, hardware and firmware on the market.
Malware can still get to your system. Many times people think just
because they have a firewall they have an S on their chest.
Computer Security Principles
Be humble. Know that you need:
– More than one layer of defense (patches, security configurations, cleaning tools)
Security awareness of what is going on with the services, applications
and operating system you are running that are exposed to the Internet.
Be proactive. Look at your Event/Audit logs, processes, and network
activity at least bi-weekly.
– If your system seems slower than usual assume the worst and check it out immediately.
I hate software firewalls but they are probably the best way to protect your home computer if you keep up with it.
Free software firewalls:
Not free but still good:
3) Check your Security
A. SCAN your own IP
These are sites that allow you to scan your system from the outside. It is a very simple penetration test.
I would also recommend using a port scanner such as SuperScan
Check your processes with Task Manager
If your on a Windows NT/2000/XP system hit
CTRL + ALT + DEL
and choose Task Manager. Once your in Task Manager select processes and
take look at what is running. This is a great resource for locating and
killing rogue applications.
Use netstat to examine what network activity is happening on your system.
Netstat is a built in feature.
Go to Start | Run | type “cmd”
This will bring up a DOS prompt. Type “netstat”
there is a ridiculous amount of activity scrolling up the screen and
your system is a sluggish, you may have a Trojan, virus or worm.
I had one called HWCLOCK.exe
on my system. It actually scanned other people in my ISP's network
looking for other people to exploit. I had to shut off the process
called HWCLOCK in my Task Manager and remove the malware while in Safe
Other Broadband Internet Security Sites:
Broadband Internet Security software
CERT Home Network Security
Broadband Internet Security links
Broadband Internet Security
Securing Internet Explorer:
Step 1. Turn Security WAY UP
Tools | Internet Options | select the Security tab | Move the
“security levels for this zone” to HIGH
Step 2. Turn off and Delete All Cookies.
The first thing you should do is clear out all your cookies.
Tools | Internet Options | select the Privacy tab | Move the slider in the Settings area to a higher level of security. Keep in mind that if you block ALL cookies some sites will be limited or even unaccessable.. but you can always go back and change it.
Limiting the number of cookies you except can increase your privacy
Step 3. Disable Java and Active X
THIS IS PRETTY EXTREME. YOU WILL NOT BE ALOWED TO LOG ON TO WEB BASE EMAIL ACCOUNTS AND OTHER SITES REQUIRING A LOG IN. BUT YOU WILL BE ABLE TO SURF. I personally Can not use this because it is TOO restricting.
Jave and Active X are know as mobile code because they download software from a remote source (or run from a remote source) to your computer. Some of the most effective malware are mobile code.
Tools | Internet Options | select the Security tab | Select the “Costum Level” button which will open up “security settings.”
Once in Security Settings disable everything under “Active X” and “Scripting.”
What I do is Highten the Security Tab and use Internet Explorer as little as possible. I use Firefox. It is also very important to update these (and all other applications) with the latest patches. This, combined with my router firewall, seems to work really well.
Neither Firefox or Internet Explorer are secure if you don't take the appropriate measures.
http://elamb.blogharbor.com/hacked/igothacked.htm –> get rid of malware
http://elamb.blogharbor.com/broadband/broadband.htm –> secure your broadband connection