We recommend our clients implement the following:
Note: More Info on tools recommended here are available in: Anti Exploit Resources

• You should begin by seeking to harden your setup. Upgrade the Windows default firewall with a firewall like Outpost Free v1.0, and use a H.I.P.S. or Host Intrusion Protection System like PREVX or Threatfire . These are usually able to protect against the sophisticated malware missed by anti virus and anti spyware software. A note of caution on HIPS: They are far superior as an anti malware than Antivirus and anti spyware as they can block any executable from, well... Executing. However they do require some user intelligence, in making decisions on events taking place within the system which in some cases can prove somewhat difficult for less technically apt users... However H.I.P.S. are among the preferable defenses for those who really like to be "In Control" and want to lock down their system against intrusions of any kind... Also they are usually designed to work with your Firewall, Antivirus & Anti spyware software so they all complement each other. The short learning curve required to use them effectively is well worth the effort.
  

• Also Important is to use protection such as the "Current Best" Anti Virus, and Anti Spyware. You can ascertain this by doing the appropriate product research yearly. We currently recommend NOD 32 v.3.0 and AVG Antivirus Free as the best choice. Always suspect those who say to disable or remove such security for any reasons.
  

• Do not purchase the "Continued or extended" update period to your anti virus products. Instead purchase the entire product upgrade, and uninstall the previous version and then install their latest one. This guarantees you have the latest scanning engine, and not only access to the latest database only. New engines offer new features, and functionality not found in earlier generation. Thus increasing effective defenses instead of extending the life of already obsolete ones.

• If your anti virus or anti spyware software fails you, which happens rather often, we, and other professional technical support firms provide well... "professional " remote cleaning services. It is better to pay for a service such as this than loosing all or some of your data, and productivity which can cost just as much. One caveat however, when using such a service, confirm the company "and" the "expert" is well qualified, and located within the United States, Canada or Britain as many "Foreign Interests" lurk for unfeathered remote access to your personal, and business data as gaining full remote access is incredibly valuable to them and for obvious reasons. Using local isn't fool proof but at least there are legal (Criminal, and civil) remedies available in the advent of bad behavior in the part of the service provider. Also be very concerned when companies offer to gain access to your computer, and "Clean" things for free. No self respecting business would offer such a service for free...
  

• The next logical step to protect yourselves should be to inspect your operating system, and other installed software for insecure versions, and for missing security updates. Keep in mind Microsoft products are not the only weak links in your setup. So the windows system update feature is not the only tool you should depend upon, Scan for other applications as well. You must do this regularly due to the ever changing state of software. Our favorite tools are the Secunia software Inspector and the filehippo.com Update checker. These tools are free, simple and very useful.

• Never trust email attachments just because they came from someone you know. Scan all file attachments for viruses. When in doubt scan them at virustotal.com as well. Data file extensions are usually safe however you should instantly suspect attachments with file names that end in .exe .bat .vbs .jvs .src .com (or any other program extensions) when in doubt contact the sender to confirm he/she actually sent the file in question.
  

• Keep all your important document inside Time Lapsed Encrypted Containers. Use strong encryption and make sure the container is set to close itself when not in use. Set the timer to 15 Min. Containers can be over 25 gigs in most decent products, and once shut, even if a creep cracks your firewall and browse around they cant read the data. We currently recomend softwinter Sentry 2020
  

• Use a password manager that allows you to use multiple login name and passwords, together with secured form filling. We recommend Roboform . Never use the same login name and password for every site you log on. Always use strong passwords something that looks like this: sZT7uRpDO42 (56bit strength) as a rule, and automate the task whenever possible to reduce errors. Also if you keep passwords in a file make sure it's encrypted and not just password protected. Never use common names and words as passwords. They are far too easy to crack. Do not keep your passwords on sticky notes stuck to your monitor.

• Use Firefox for your web browser and keep it up to date. Also Install a few add ons to kill scripts as most cross server exploit are installed on your system using scripts interpreted by your web browser. The NoScript Add on is a Free premium security tool that will allow you to dynamically select which scripts can, and cant run in your web browser in individual web sites.

• Always Scan URL links to web sites you do not recognise before you click them to inspect them for exploits. Check them against a database of known hack sites whenever possible. Be most specially careful when doing Yahoo or Google searches, since many of the returned results look safe but are in fact sites designed with a hack for the sole purpose of infecting unprotected visitors. Also clicking on adds in search engine returns is often the infection vector. Many cyber criminal pay unsuspecting web site owners to host ads leading to sites infected with exploits. Several Free Browser based link scanners are available to do this. McAfee SiteAdvisor & Linkscanner Pro work as an effective early warning system against many of those and we strongly recommend using them. Browser Defender is also currently under development and looks promising.

• Install a good anti key logger or some type of Scrambler, as it will help prevent hackers getting your passwords using sophisticated keyloggers. Crooks love to install tools that monitor your keyboard and allows them to view exactly what you are yourself viewing on your own monitor while they remain undetected. We currently recommend KeyScrambler Personal it is Free, a simple yet powerful Key logger scrambler protection that works with your web browser and help prevent tools that intercepts keystrokes from working properly.

• Install a good sandbox software, Sandboxie is our first choice It is not free but it's a simple nag-screen shareware, as in wait 4 seconds before it loads to save $25.00. (Please do register it if you can) Run your web browsing sessions from within the sandbox, as this will allow you to undo any, and all changes taking place within the sandbox at will. Most viruses opening in a sandbox cant infect other parts of your system as they are contained within the sandbox and are dead on next reboot... Also most cross server scripting type of infection, should also be ineffective, and fail to work. Just delete the sandbox and recreate a new one every day... Each time you load your browser all changes made to it by hacks are replaced by a clean fresh session. It takes only a few minutes each day but it will save hours in recovery time, and dramatically reduce your risks of infections.
  

• On all Internet downloads you should always seek and use the provided file MD5 & SHA1 Ash codes to verify if the file was tampered by someone other than the actual creator of the file whenever they are available, and before trying to run the program. Never assume the file is clean because of branding. or rely blindly on your own anti virus software since none can detect 100% of all viruses. When in doubt scan the file at virustotal.com It's not perfect but it is far more reliable than any single anti virus software available on the market for single file scans. Better be safe than sorry!
  

• Disconnect or turn off your microphone when not actually in use. There are some who have reported finding tools that monitor sound input on sound cards in order to listen to private conversations during meetings in offices, and even at home. Unfortunately I am unaware of security software designed to scan, detect and block these. The only available defense is simply to disconnect the microphone or turn it off. Also keep in mind that many devices such as web cams, and VOIP phones do not require your sound card to operate the microphone integrated within the device as they often have a built in sound driver as well. As a result they can also be tapped, and used to listen to all, and any conversation taking place within the room where the computer is located. If in doubt you look for unexplained data streams, and investigate all unexplained connection to your pc. Disabling those devices own drivers at software level from the device manager control panel or physically disconnecting them when not in use may be the simplest way to control this potential problem.

• Backup Regularly. But when you backup encrypt it, and password protect it. Often the easiest way to experience a breach of security is simply for someone to steal a CD or tape packed with unencrypted backups. What could be more convenient than to have someone backup the entire content of a company's private data, and keep it nice and available on the desk clearly Advertised as "Backup". I have seen this in so many offices it's hilarious! Often with the password on a yellow sticky stuck to the disk or written on the CD itself!
  

1. Type CMD in Windows "Run Box" (click on "Start" then "Run")
2. Type "netstat -b 5 > netscope.txt and press enter key.
3. After a few minutes, press Ctrl+C
4. Type netscope.txt on the command line to open the log file in Notepad
   

This netscope.txt file will have a record of everything that has made an Internet connection in the last couple of minutes; you can then check your task manager to find out where it is and take care of it.

or you can also use the Free yet powerful, and increadibly simple but effective TCP-View End point viewer from Systeminternals.com

TCPView is a Windows program that will show you detailed listings of all TCP and UDP endpoints on your system, including the local and remote addresses and state of TCP connections. On Windows Server 2008, Vista, NT, 2000 and XP TCPView also reports the name of the process that owns the endpoint. TCPView provides a more informative and conveniently presented subset of the Netstat program that ships with Windows. The TCPView download includes Tcpvcon, a command-line version with the same functionality.

Get it here: TCPView

All the tools mentioned above actually play nice with each other and with your existing security tools. So you can use them without worry...

1. You should also read our other security articles (Some overlap exists but it's good read)
1. Secured Web Browsing
2. Anti Exploit Resources

Warning

DISCLAIMER: It is assumed that users are familiar with the operating system they are using, and comfortable with making the suggested changes. I will not be held responsible if changes you make cause a system failure.