For WinXP the most dependable defenses are:-
1. Do not work as Administrator; For day-to-day work routinely use a
Least-privileged User Account (LUA).
Applying the Principle of Least Privilege to User Accounts on WindowsXP
http://technet.microsoft.com/en-us/library/bb456992.aspx
2. Secure (Harden) your operating system.
http://www.5starsupport.com/tutorial/hardening-windows.htm
3. Don't expose services to public networks.
Windows XP Service Pack 3 Service Configurations
http://www.blackviper.com/WinXP/servicecfg.htm
4. Keep your operating(OS)system (and all software on it) updated/patched.
How to configure and use Automatic Updates in Windows XP
http://support.microsoft.com/kb/306525
http://www.update.microsoft.com/windowsupdate/v6/default.aspx?ln=en-us
4a.Got SP3 yet?
Why Service Packs are Better Than Patches.
http://www.microsoft.com/technet/archive/community/columns/security/essays/srvpatch.mspx?mfr=true
5. Reconsider the usage of IE and OE.
Utilizing another browser application and e-mail provider can add to the
overall security of the OS.
Consider: Opera,FireFox or Seamonkey and PegasusMail,Thunderbird,or WLM.
5a.Secure (Harden) Internet Explorer.
Internet Explorer7 Desktop Security Guide.
http://www.microsoft.com/downloads/...DA-6021-468E-A8CF-AF4AFE4C84B2&displaylang=en
6. Review your installed 3rd party software applications/utilities; Remove
clutter, *including* all Anti-WhatEver ware and 3rd party software
personal firewall application (PFW) - the one which claims:
*"It can stop/control malicious outbound traffic"*.
7. If on dial-up Internet connection, activate the build-in firewall.
Windows XP: How to turn on your firewall.
http://www.microsoft.com/protect/computer/firewall/xp.mspx
Uncheck *all* Programs and Services under the Exception tab.
7a.Configure Windows by using:
Seconfig XP 1.1
http://seconfig.sytes.net/
7b.If on high-speed Internet connection use a Router and
implement Countermeasures against DNSChanger.
http://extremesecurity.blogspot.com/2008/06/use-default-password-get-hijacked.html
7c.And (just in case) Wired Equivalent Privacy (WEP) has been superseded by
Wi-Fi Protected Access (WPA).
8. Utilize one (1) each 'real-time' anti-virus and anti-spy
application.
Consider: Avira AntiVir® PersonalEdition Classic - Free
and Windows Defender.
9. Employ back-up application(s).
Windows XP Backup Made Easy
http://www.microsoft.com/windowsxp/using/setup/learnmore/bott_03july14.mspx
Consider: Acronis, Casper or Norton Ghost and ERUNT.
9a.Utilize vital operating system monitor utilities/applications but you
need to know the nature or meaning of what those programs are
disclosing.
Consider: Process Explorer, AutoRuns, TCPView, WALLWATCHER, Wireshark,
Port Reporter Regmon/Filemon, rootkit detection tools like Rootkit
Revealer, Gmer Rootkit or Hook Analyzer etc.. There are more but beware
computer forensics is a quite difficult and complex field.
10.Routinely practice Safe-Hex.
http://www.claymania.com/safe-hex.html
The least preferred defenses are:-
Myriads of popular anti-whatever (*real-time*) applications and staying
ignorant.
Good luck
Avoiding Rootkit Infection.
"The rules to avoid rootkit infection are for the most part the same as
avoiding any malware infection however there are some special
considerations:
Because rootkits meddle with the operating system itself they *require*
full Administrator rights to install. Hence infection can be avoided by
running Windows from an account with *lesser* privileges" (LUA in XP and
UAC in Vista).
I've got a Linksys router which I've set it secure so neighbors can't use
it.
Excellent! Read and implement #7b above and ensure your router is compliant
with the latest firmware upgrade!
I've got Windows Defender installed & set to update & scan each day.
It's a good application.
Windows Defender - Free
http://www.microsoft.com/athome/security/spyware/software/default.mspx
WD monitors the start-registry and hooks registers/files to prevent spyware
and worms to install to the OS.
Interesting reading:
http://www.pcworld.com/article/id,136195/article.html
"...Windows Defender did excel in behavior-based protection, which detects
changes to key areas of the system without having to know anything about
the actual threat."
Of course it's a joke as I've run Lavasoft's Ad-Aware immediately following
& it found Spyware that Defender didn't. I run Ad-Aware about once a week
Ad-Aware lost its lustre. Try these apps instead (you'll be glad you did):
SuperAntispyware - Free
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
--and--
Malwarebytes© Corporation - Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
I had AVG 8.x installed and it seemed like a good Free Antivirus/Spyware
program, had it set to update & scan daily.
AVG has become bloated and cumbersome to use.
Good alternative:
Avira AntiVir® Personal - FREE Antivirus
http://www.free-av.com/
(The free version won't scan your emails.)
Why You Don't Need Your Anti-Virus Program to Scan Your E-Mail
http://thundercloud.net/infoave/tutorials/email-scanning/index.htm
Ensure your e-mail program is configured to display e-mail messages in
'Plain Text' only.
You may wish to consider removing the 'AntiVir Nagscreen'
http://www.elitekiller.com/files/disable_antivir_nag.htm
The ZA I have is just a 15 day trial.
Uninstall this useless application!
I used to use ZA back before XP as a Firewall on my Win 98SE PCs.
3rd party firewalls were a kind of essential on Win98 but not on WinXP!
What's your recommendations, besides uninstalling ZA, as far as Folders to
scan, etc.?
Good luck