security guide proof reading request

hi all

I'v put many hours and much effort in to the writing of this guide and I think its more or less ready to go save the odd bit of tweaking and i was wondering if a few of the expert here would be good enough to spair a bit of there time proof read my work for me and give me some feed back dont be afraid to say that iv got somthing wrong or x bit is un nessery just be sure to say why

thanks

If you are reading this then you are one of the unlucky ones that is having trouble with Parasites, Viruses, Trojans, Spyware, Hijackers, Browser Helper Objects or other forms of un-welcome Malware this situation usually occurs when either your system lacks basic security, your security settings are too low or you aren't being responsible enough about what you download what ever the case coming here is a good first step because you are making your self responsible for the security of your computer, not Norton not Microsoft not Zone Labs You !!

I hope by the time you have read through and carried out the information contained in this help file you will be a littlie wiser and your system will be a lot safer

The first stage in this process is cleaning instructions on how to do this are given below. Once we've finally gotten your system clean you'll want to keep it that way right ?? of course you do !!

This is stage 2 in which we will lock down your system and install and configure all the software you are going to need to keep your system safe because when Microsoft ships there system they are trying to make it "easy" for you to surf the web, NOT SAFE !!!

The First thing we need to do however is to download all the diagnostic and cleaning tools we may need and get your system clean then updated them with their latest definitions

Note: Where possible iv tried to list free solutions because I don't believe that people should have to spend thousands for good security this said however keep in mind you get what you pay for so its still worth investing in paid software

Anti-Spyware: Ad-Aware, Spybot-S&D
Anti Virus : AVG, AntiVir, Avast
Anti Trojan: A² (Beta), Ewido Security Suite (2000/XP Only), TrojanHunter (Payware)

Specialist: Hijack This, Start Up List

Now although TrojanHunter isn't free it is regarded as quite a good newb friendly Anti Trojan only catch is that it must be updated manually see the update instructions Here

You should also read This page as it contain additional information and links to other resources and programs not covered in this guide that can further help you identify & fix your problem

Ok now we have downloaded all the tools you are likely to need restart your computer in safe mode and run a scan

You should also

1. Delete all *.tmp files on your drive as some of them may contain malicious code for your Malware

2. Run a search on your hard drive for any files ending with *.hta or *.js If you find any open them in notepad and look to see if they contain the URLs that you have been hijacked to if so delete them

3. Delete any system restore points you have unless you know unequivocally that they are clean because Viruses Trojans and other forms of Malware are renowned for hijacking your restore points to prevent you from removing them

4. Make sure that there aren't any start up entries for your malware if so disable it

Failure to carry out any of these steps can cause re-installations of the very Malware you are trying to get rid of

To open msconfig click start run and type msconfig

To help you Identify processes that may be suspicious or just unnecessary look them up Here

To reveal Window hidden files and folders

Windows Me/2000/XP:

Double-click [My Computer]
Select [Tools] menu, click [Folder Options]
Select the [View] tab.
In the [Advanced Settings] list, under [Hidden files and folders], select [Show hidden files and folders].
Click [OK]

Windows 98:

Double-click [My Computer].
Select [View] menu, click [Folder Options].
Select the [View] tab.
In the [Advanced Settings] list, under [Hidden files], select [Show all files].
Click [OK]

Windows NT 4.0:

Double-click [My Computer].
On the [View] menu, click [Options].
On the [View] tab, select [Show all files].
Click [OK]

If your problem is that your browser has been hijacked and the above hasn't solved your problem you may have an Active X or Browser Helper Object problem to see if its an Active X hijack open the Downloaded Program Files folder and see if there are any Active X files inside if so delete them

To check for Browser Helper Objects click start run and type regedit then click search and type in Browser Helper Objects and have a look and see if anything is listed if there are we will fix these later with Hijack This you may also want to look in the plug-ins folder in the Internet Explore directory to see if anything has been placed there that shouldn't be there if so delete it

If your problem is that your Control Panel / Internet Options has been Disabled here is how to fix it

Do a file search for a file named "control.ini" and open it in Notepad If inetcpl.cpl=yes is present under the [don't load] section delete it save the change and exit Notepad the Control Panel / Internet Options should now be Re-enable if not try Re-booting

To do this under 2000 and XP however you will need to do a little registry editing click on the start menu and select run then type regedit and browse to HKEY_CURRENT_USER\Control Panel\don't load\ and if present delete inetcpl.cpl the Control Panel / Internet Options should now be Re-enable if not try Re-booting

If you are still unable to remove your Hijacker/Malware. Then you may need a few other specialist cleaning tool

Cool Web Shredder

A small utility for removing CoolWebSearch (aka CoolWWWSearch, YouFindAll, White-Pages.ws and a dozen other names)

NOTE: Since October 19, 2004. CWShredder was sold to InterMute and is owned and maintained by by them

Kill2Me
A removal tool specifically for the Look2Me parasite. This tool removes versions 115, 116, 117 118, 120, 121 and 122 (the most recent ones) on all Windows versions.

If files get left behind because they are in use and you are unable to remove them then try

Dr. Delete or DelLater

These are small utilities for removing files that are in-use by scheduling them to be deleted at the next start-up.

If one of your anti-spyware programs won't run, and keeps closing its self then it's likely you have a version of Coolweb Search that’s disabling it as there has been a variant of the Coolweb going round recently that can auto closes several anti-spyware apps when you try to open them.

If this is happening to you then its easy to put a stop to it just download CoolWWWSmart.Search Killer Once you've run this tool it should allow your disabled program to function normally

If in the unlikely event that above hasn't solved your problem then it could be that you have a new variant in this case you may be asked to run a process manipulation program here are a few recommended ones

Dependency Walker, Advanced Process Manipulation (APM), Process Explorer, KillBox

If you have tried all of the above and you are still either unable or unskilled enough to remove your Hijacker/Malware then you should post your HijackThis/Startup List log

If you want instant help with your HijackThis log file analysis while you wait for someone to review your log please see This web page

Alternatively if you want to analyse your log yourself you can try looking up the various processes, tasks and entries at the following locations

Answers That Work Task List, BHO's and Toolbars, Startup List, Layered Service Providers (LSP's), WinTasks Process Library, Startup Applications List, O18, O20, 21 and 22 Entries

Some things to keep in mind when Posting Hijack This or Start Up List logs

1) Paste in your Hijack This or Start Up List log after describing the problem that you are having.

2) When you post your Hijack This or Start Up List log post the whole log do not remove anything from it. That specifically includes the top of the log that lists version information.

3) Please do not post a new topic titled "Hijack This log" or "Start up list log" or anything similar. Please give your post a title relevant to your problem if you have been hijacked by xupiter.com, put that in the title If you get redirected to lop.com when you try to load a site that doesn't' exist, put lop.com in the title etc.

4) If you turn out to have a new hijacker or spyware, it is likely that people will need a copy of the files involved so that they can have them added to detection databases. In this case someone will probably remember to ask for them, and give an address to submit those files to. However it's possible that someone may tell you to delete them without realizing that people want those files. If you seem to have something new, ask to be certain before deleting the files responsible. Sometimes people may already have the files in which case it is ok to delete them.

Some Things To Look For When Analysing Your Hijack This Log

First put a check mark next to every search and start page setting it lists which you haven’t put there yourself do the same for any hosts file entries. If it lists anything as O5, O6, or O7*, fix those as well. However please ask for advice at the forums before using Hijack This to change anything else.

Second Hijack This will list any Browser Helper Objects installed on your computer. Check the BHO's listed against the list of all known BHO's maintained Here If you find one listed as some sort of Spyware, Malware or Hijacker put a check mark next to it and have Hijack this fix those as well.

The second stage in this process is securing your system now that we have gotten your machine cleaned you'll want to keep it that way right ?? of course you do !! instructions and how to do this are given below however cleaning and securing your compute is only half the battle

Maintaining your new found security on the other hand this is the hard part and requires a fundamental change in the way you think about cyber space fortunately it needn't be difficult just follow the following recommendations and exercise a little common sense and hopefully you will never have malware problems again

Now in order to maintain good system security there are several things that you should do

The First most important thing you should do is to make sure you have all the correct security software the minimum you should have to maintain a healthy system is a good Firewall, Anti-Virus, Anti-Trojan and Anti-Spyware here are a few recommended ones

Firewall: Zone Alarm, Outpost, Sygate

These are programs that inspect all the traffic flowing in and out of your computer while online allowing you to decide which programs you wish to allow or disallow access to the net think of a firewall as a bouncer for your computer keeping all the undesirable riff raff out off your system and making sure that all the programs that are on your system behave them selves

Anti-Virus: AVG, AntiVir, Avast

These are programs that look for and destroy Viruses a Virus is a destructive bits of code that can do allsorts of nasty things to your computers from giving it a cold and making things crash to giving it a heart attack and killing your hard drive resulting in system restore

Anti-Trojan: A² (Beta), Ewido Security Suite

These are programs that look for and destroy Trojans a Trojan is similar to viruses in the fact that they can do allsorts of nasty things to your computer but unlike a virus a Trojan wont kill your system but rather install a hidden back which means that anyone can access your system and everything on it including things which you would like to keep secret like your bank account details worse still not only can they steal data off your compute but they can also download and install things on your compute as well even worse than that anyone utilising this hidden door also has the capacity to use your compute for illegal activities and guess who's going to get in trouble for that ?? The poor victim YOU !!!

Anti-Spyware: Ad-Aware, Spybot-S&D

These are programs that look for and destroy Malware similar to but less severe than a Trojan or a Virus Malware is any program or bit of code that

A. Doesn't fall under the heading of Virus or Trojan

B. Surreptitiously does nasty and/or undesirable things to your system with out your permission ranging from the benign and annoying such as displaying popup windows with ads when you surf the net to the severe and serious such as hijacking your browser to porn sights hijacking your net connection so that when you connect to the net you aren't connecting to your ISP but to some premium rate number or perhaps keylogging tracking or just general spying/stealing of personal data such as passwords or privet emails etc

In addition to the above you may also want to consider the following , Spyware-Blaster, Spyware-Stopper (Shareware) and SpyBlocker (Shareware)

These are programs that doesn't scan for and clean Malware but rather it-prevents it from ever being installed what these do in effect is to add a list of banned programs/sights to your system so when ever one of these banned programs or sights trys to sneak on to your system or display in your browser they are automatically refused

Real-time protection against Malware: Spyware-Guard, Prevx Home

Similar to the above these programs function much like a virus or Trojan scanner sitting in the back ground silently watching for anything that is trying to sneak on to your system and when detected they stop it

Single file encryption software: Axcrypt, PGP

Whole disk encryption software: DriveCrypt (payware)

Although encryption software isn't necessary for everyone it is of secondary importance and highly recommended if you have any sensitive file that you want to keep away from prying eyes however be aware that encryption software is only as strong as the password you select

Though of you that are considering encryption software as a means to protecting though valuable files you may also like to consider Whole Disk encryption this is a form of encryption that protects entier hard drive rarther than just single files completely preventing access to your system without the proper access credentials

The Second most important thing you should do is to always keep as current as possible with all the latest bug/security fixes not only for Windows but for all your programs this is especially important when it come programs like your Anti-Virus, Anti-Trojan and Anti-Spyware

The Third most important thing is to secure your system by locking down all of Windows BIGGEST security holes these includes Internet Explorer, Outlook Express, Windows Media Player and File And Printer Sharing among others

A good way to eliminate a lot of these problems is to simply get rid of Microsoft’s inferior technology all together and use one of the many safer Freeware/Open source alternatives, by doing so you will not only be saving your self from all the current security vulnerabilities created by these programs but all the future one as well

However choose wisely get some advice from professional security experts at boards like this one because there are programs that are known to be a little on the questionable side

One such group are shells programs that are based on the code/engine of another programs for instance Slimbrowser, Avant Browser, Maxthon or AOL Browser these are programs based on the Internet Explorer engine

Now although shells them selves aren't inherently dangerous where the problems come in is when the shell program is based on the code/engine of another program that is known to be buggy and insecure such as Internet Explorer what this means is that in all likely hood your shell program will inherit all the same vulnerabilities and exploits as the program it was based off

Which is why Id also strongly recommend against the use of such programs what I would stress here how ever is that no matter what you chose no program is perfect and its going to have bugs and vulnerabilities the best thing you can do is to seek expert help then make up your own mind based on your needs and the advice you are given then once you have made your choice again seek expert help on how best to configure it for maximum safety and security

below are few recommended replacements

Browser: Firefox, Opera

Email Client: Thunderbird

Media Players: Winamp, JetAudio, Quicktime alternative, Real alternative,

If on the other hand you are just interested in looking at what Freeware/Open source alternatives are The Source Forge or Openwares

One other method of cleansing your system of a lot of Windows superfluous code and features is

XP/98lite (payware)

I have personally used 98 Lite for a couple of years now and can definitely vouch for its effectiveness not only for securing, speeding up & stabilising my system but it also comes in handy when upgrades go wrong and Microsoft doesn't offer an uninstaller

If you are looking for further proof of why you should rid your system of Microsoft’s inferior technology and why you the end user should remove these features and programs I would see this classic example of Microsoft’s incompetence

The Forth most important thing you should do is to use password protect because this prevents unauthorized access to your system and stops people/malware tampering with your operating system and/or programs settings

The problem here however is quite often if you have a lot of passwords you’ll often get them mixed up or forget them altogether and this puts people off using password protection however it doesn't have to be like this there are programs known as password vaults these are programs that will store all your passwords in a protected archive allowing you to safely log in to any of your password protected accounts with a single click of the mouse

below are a couple of such programs

Robo Form, Account Logon

Be aware however that password protection is only as strong as the password you select choose a good passwords which isn't easy to brake, it should be over 10 characters, with numbers, letters, Symbols, upper and lower case letters and it shouldn't be a word that appears in the dictionary

The Fifth most important thing you should do is to back up your data this way if your hard drive ever get corrupted you wont loose everything get an imaging program these are special programs that can make an exact duplicate of your hard drive and burn it to a CD or some other form of removable media so that way if the worst should happen all you need do is just restore your back up this avoids or at least reduces the often costly lost of data as long as you remember update your back up regularly

One such imaging program is true image weather you are a novice or an expert this program is for you its extremely user friendly and comes highly recommended I can vouch for it I've used it for years and I cant tell you how many time its saved me from having to do a lengthy system restore

It is advised however that you wipe your system and do system restore then patch and update everything before you make your first back up this way you will know that you are making a clean back up

It is also advised that before you update this back up that you first restore to it again this is so that you know that your updated back up is clean

By doing this you will always know that no matter how badly your computer gets messed up either by Virus, Trojan, Hijacking or some other form of malware you always have a quick easy way to fix the problem

Below is a few other recommended imaging programs

Acronis True Image (Payware)

The Sixth most important thing you should do is watch what you download !! Many Freeware and P2P programs like Grokster, Imesh and Kazaa come with an enormous amounts of spyware that will eat resources, slow your system or clash with other software, possibly causing your Software, Browser or even Windows itself to crash below are a few pages that maintain a list of clean and infected clients

Spyware-Free/Spyware-Infested P2P/Filesharing Apps
Spyware-Free/Spyware-Infested P2P/Filesharing Apps
Spyware-Free Download Managers/Assistants

You may also want to check out the Rogue/Suspect Anti-Spyware Products & Web Sites list

The Seventh most important things you can do is to is to be informed subscribe to security news letters to keep up to date with all the latest threats read and learn as much as you can because knowledge is power the more knowledge you have the safer you will be below is a few links to resources that will help you do just that

http://www.tom-cat.com/security.html
http://www.dslreports.com/faq/security
http://www.spywarewarrior.com/uiuc/main-nf.htm
http://www.claymania.com/safe-hex.html
http://www.uksecurityonline.com/husdg/

Ok so recommendations over its time to get to work and start locking things down

First its recommended that you Disable file and printer sharing if you don't need it as it will enhance security and give attackers 1 less way into your system Complete instructions for Windows 98 and Windows NT can be found Here Instructions for Windows XP and Windows 2000 can be found Here

Next we need to lock down 3 of windows other big security holes Internet Explorer, Outlook Express & Windows Media Player in order to make these safe from attack by Viruses Trojans drive by install and other such vulnerabilities we are going to have to reconfigure there security settings Instructions for this can be found Below

we will start with Internet Explorer first now there seems to be a lots of differing opinions about what the best set up for IE should be and I am in the process of writing up a set of instructions that will allow IE to remain functional while increasing its security in the mean time till I’m finished here are a few links to information on the subject

http://www.lavasoftsupport.com/index.php?showtopic=14537
http://www.dslreports.com/forum/remark,133...ity,1~mode=flat
http://www.spywarewarrior.com/uiuc/btw/ie/ie-opts.htm

You can also further secure Internet Explorer down by installing the following

BugOff can be found Here

another similar application is Qwik-Fix

Qwik-Fix can be found Here

IE-SPYAD: Restricted Sites List For Internet Explorer Found Here

ActiveX Spyware Block List One Can Be Found Here

In addition to theses you may also want to consider the use of a host file

What is a host file ? & What’s it do ?

Read Here or Here to find out more

Next we need to lock down Outlook Express

NOTE: Outlook Express it part of Internet Explorer so the settings for one can affect the other.

Open Outlook Express Select Tools/Options

Select The Read Tab

Check Read all messages in plaintext

Select the Security Tab

Place a dot in Restricted Zone
Check Warn Me When Other Applications Try To Send Mail As Me
Check Do Not Allow Attachments To Be Saved Or Opened That Could Potentially Be A Virus

Select The Maintenance Tab

Check Purge deleted messages when leaving IMAP folders
Check Empty Messages From The Deleted Items Folder On Exit

Next close the options window and Select View/Layout

Uncheck "Show preview pane"

Note: This last one is a HUGE security issue and It's really important that it be disabled because viewing an email in the preview pane is effectively the same as opening it which mean if its infected with a virus viewing it in the preview pane will execute the virus it contains

For further insight on securing Outlook Express see This

Finaly Windows Media Player

Open Media Player Click Tools/Options

Select The Privacy Tab

Uncheck Everything

Select The Security Tab

Uncheck Run Script Command When Present
Check Do Not Run Script Commands And Rich Media Streams If Player Is Running Inside A Web Page

Select The Player Tab

Check Once A Month
Uncheck Download Codecs Automatically

After following these instructions you my also want to apply this patch by Java Cool

Windows Media Player Scripting Fix

Ok now that we have locked down Internet Explorer, Outlook Express, Windows Media Player and File & Printer Sharing its time to cover a few OS Specific problems

First you should apply these 2 patches from the creators of BOCLEAN

HTA Stop 2003

However Win 2000 And XP users should see this warning before applying this patch

DSO Stop2

For toughs of you that are still using Win95/98/ME you should apply these 2 excellent patches from DiamondCS

Anti-Polymorphism Patch

Saved Passwords Lock Patch

Next if you are still running Win 98 Se you should also apply this excellent UNOFFICIAL Windows98 Second Edition Service Pack

Toughs of you that are using WinXP should grab a copy of XP Antispy

Note: However please be aware that if you are using Ewido Security Suite you do not need this as Ewido Security Suite already includes XP-Antispy

XP Antispy

Toughs of you that are running older systems like 98/ME/2000 should grab a copy of Safe XP insted this app is very similar to XP Antispy but unlike XP Antispy Safe XP is designed to also work on older systems like 98/ME/2000

Safe XP

Ok now you have secured your system you we need to test your defences effectiveness below are a few sights that provide security validation services to allow you to do just that

http://cybercoyote.org/security/tests.shtml
http://www.firewallleaktester.com/
http://www.spywarewarrior.com/uiuc/info17.htm

If you have any Questions, Comments or Suggestions reguarding this thread then please feel free to post them Here

And finally I'd like to say a huge thank you to everyone who has helped me write this I couldn't have done it with out you id also like to say a huge thanks Andy Reynaerts who has been of grate assistance to me

Thank you all your help is greatly appreciated

 

hi

No one wanna give this the quick once over for me to verifiy that iv got it right and not made any mistakes or perhaps missed somthing ??

 

I'm lost. Why would the mods have to deliberate about anything? If he's connected to another site is something wrong with that? Is it supposed to be Wilders Forums and nothing else for members? Help me out as I am lost as to what you could have possibly meant?

I like what you have put together. I am going to go over it some more. There are spelling and grammatical errors that need to be fixed, but the content is quite good!

 

hi, Bethrezen i think you have done a great job. here are some of the things i feel can be improved -

at the start you have written -

Anti-Spyware: Ad-Aware, Spybot-S&D
Anti Virus : AVG, AntiVir, Avast
Anti Trojan: A² (Beta), Ewido Security Suite (2000/XP Only), TrojanHunter (Payware)

then you write -

Ok now we have downloaded all the tools you are likely to need restart your computer in safe mode and run a scan

you dont make it clear if they should download all the above, or some of the above. i'm mainly thinking of the AVs.

also, there's some spelling mistakes and grammatical mistakes too. - "there", instead of "their". missing full stops and commas etc.

here's a good hosts file tool. it's called HostsMan 1.2. the download page is below.
http://www.abelhadigital.com/

you should also make it clear that spybot will lock the hosts file, so it will need to be unlocked before you can make changes to it.

i can improve on the grammar and spelling. although, it probably wont be perfect, my grammer isn't the best and also, i might be able to improve the article by presenting it in a different way, and adding a few things to it. that's if you will let me rewrite it; it's up to you.

if you let me redo it, it wont matter if you don't want to keep it, or just want to take parts of it, as i'll be happy to keep it for myself

 

hi all

thanks for your replys

yes I moderate the spyblocker forum as a pass time I also help out with various other bits and pieces and is requiered writing guides and the like

Humm good point ill be sure to add a note

I am aware of this but being dyslexic its hard for me to do anything about it because I just don't see the errors and my spell checker doesn't have the ability to do a grammar & punctuation check this said if someone would be willing to go over it and point out my errors I'll quite happily correct them

i see what you mean me thinks a rewording is in order for that section

humm might also be worth adding one or 2 other host management tools to hostess and host manager good call that reminds me sould also have a look at grc.com they got a few good lil things that should also be added

could you point out where you think this lil note should go ?

sure why cant hurt post your suggested revisions/rewrites etc and we can take it from there

try this copy the section from the guide that you are rewriting colour it blue then put your suggested rewrite under it so I can compare the differences in presentation easily with out needing to scroll back and forth

 

hi

just a few quick revision to a few of the points made

the blue bits are the new revisions what do ya think ?

If your problem is that your browser has been hijacked and the above hasn't solved your problem you may have an Active X or Browser Helper Object problem to see if its an Active X hijack open the Downloaded Program Files folder and see if there are any Active X files inside if so delete them

however be aware before you clean this folder out that legitimate Active X controls reside here also and deleting them could cause problems if there needed by some program so if you are unsure what they are part of and if there safe to delete either look them up or go to one of the forums listed later in this guide and seek professional help

The First thing we need to do however is to download all the diagnostic and cleaning tools we may need and get your system clean then updated them with their latest definitions

The minimum you should have is an Anti-Spyware: Anti Virus : & Anti Trojan: scanner below are a few recommended ones you should download at least 1 from each section in addition to this you should also download hijack this as it will be required by the professionals later on to verify that your computer is clean

What is a host file ? & What’s it do ?

Quote: . . .

Read Here or Here to find out more

if after you have read toughs articles about the host file you decide that you would like to use one then it is advised that you download a host file manager below are a few recommended ones

Hostess, HOSTS Manager, HostsMan

 

hi

thanks for your replys will make a few changes as soon as i got a lil free time

Blackspear

some good info in them links will be sure to read them through and add the links as apropreat

Spanner

couple of good suggestions also

 

Now this is excellent! The longest security guide for computer newbies has been published.

Here's a suggestion from me:

For very good protection against trojans try TDS-3
First released in 1997, TDS (Trojan Defence Suite) is one of the longest established anti-trojan programs in existence and today is widely considered to be the most powerful and comprehensive anti-trojan program by the Internet security community. TDS-3 has a team of anti-trojan professionals including Wayne Langlois, Gavin Coe and Jason Annice. You can even talk to them at the forum!

http://tds.diamondcs.com.au/index.php?page=download
The evaluation version of TDS is time-limited to 30 days and missing some features.
If you find the demo useful or wish to use TDS beyond 30 days, please register - it's fast, easy, and very affordable.
--------------------------------------------------------------------------
The ultimate protection for Windows, ProcessGuard

LATEST AWARDS
- Highest award from FileCart - the Award Of Excellence, and staff rating of 5/5
- Highest possible award from FirewallLeakTester.com - Best Choice, after meeting a strong list of criteria.
- Analysed and certified to be 100% Clean by Softpedia.
http://www.diamondcs.com.au/processguard/img/award1.gif http://www.diamondcs.com.au/processguard/img/award2.gif http://www.diamondcs.com.au/processguard/img/award3.gif

SUMMARY
ProcessGuard is a powerful new cutting-edge program that greatly increases
the security of your computer by preventing processes from being able to attack
each other. It is considered by experts to be a must-have program for all users
of Windows, and is the only program available that can actually prevent the
installation and infection of all known rootkit stealth trojans.

Now THAT'S a powerful defence in itself! But there's much more ...
​

Each capability of ProcessGuard is powerful in its own right. For example, a program which simply blocked rootkit trojans from installing would be very valuable in its own right, yet this is just one feature of ProcessGuard! Here is just a brief list of some of the main uses of ProcessGuard:

http://www.diamondcs.com.au/processguard/img/check.gif Securing processes from being attacked (terminated, suspended, modified)
http://www.diamondcs.com.au/processguard/img/check.gif Controlling which programs are/aren't allow to run
http://www.diamondcs.com.au/processguard/img/check.gif Blocking rootkit trojans and other malicious drivers from installing
http://www.diamondcs.com.au/processguard/img/check.gif Protecting physical memory from malicious modification
http://www.diamondcs.com.au/processguard/img/check.gif Blocking hooks and code injections
http://www.diamondcs.com.au/processguard/img/check.gif Determining which programs are being executed on your system
http://www.diamondcs.com.au/processguard/img/check.gif Determining which programs are attacking others on your system
http://www.diamondcs.com.au/processguard/img/check.gif Analysing the inter-process behaviors of programs
http://www.diamondcs.com.au/processguard/img/check.gif Keeping a log of all programs that execute (important for post-infection analysis)

You can find out more information on ProcessGuard by visiting this site: http://www.diamondcs.com.au/processguard/index.php?page=download

 

hi nadirah

excelent suggestions id forgotten about thoughs 2 just a shame process guard dont work on 98 eles id get a copy my self

as for tds good program but from what i here its quite complex and is only recommended for advanced users this said thay do provide good suport

 

here's a rewrite for you...

However, be aware, before you clean this folder out, legitimate ActiveX controls reside there too. Deleting them could cause problems if they're needed by a program. So, if you are unsure what they are apart of and whether they're safe to delete, either look them up, or go to one of the forums listed later in this guide and seek professional help.

 

hi

just a few quick edit incorperating a few of the changes you have suggested

The First thing we need to do however is to download install and set up a firewall if you don't have one already. Then we need to download and install all the diagnostic and cleaning tools we may need to get your system clean. Once done we then need to updated our scanners are with their latest definitions.

The minimum you should have is a Firewall: an Anti Virus: Anti Trojan: & Anti-Spyware: scanner below are a few recommended ones

you should download and install at least 1 from each section what you should not do however is to run 2 instance of the same type of program so for instance dont run 2 Anti Viruses or 2 firewalls at once as doin so can cause clashes resulting in improper operation.

In addition to this you should also download Hijack This as it will be required by the professionals later on to verify that your computer is clean

Note: Where possible iv tried to list free solutions because I don't believe that people should have to spend thousands for good security this said you pay for so its still worth investing in paid software

Firewall: Zone Alarm, Outpost, Sygate, Look 'n' Stop (payware)

Anti-Spyware: Ad-Aware, Spybot-S&D
Anti Virus : AVG, AntiVir, Avast
Anti Trojan: A² (Beta), Ewido Security Suite (2000/XP Only), TrojanHunter (Payware), Trojan Defence Suite (Payware)

Specialist: Hijack This, Start Up List

Now although TrojanHunter isn't free it is regarded as quite a good newb friendly Anti Trojan only catch is that it must be updated manually see the update instructions Here

Again TDS isn’t free and must be manually updated however if you are looking for the most comprehensive Trojan protection around then TDS is for you see Here for update instructions

You should also read This page as it contain additional information and links to other resources and programs not covered in this guide that can further help you identify & fix your problem

Ok now we have downloaded all the tools you are likely to need restart your computer in safe mode and run a scan

Note: Run only ONE scanner at a time as doing other wise could cause improper operation resulting in a failed removal of your Malware


If your problem is that your browser has been hijacked and the above hasn't solved your problem you may have an Active X or Browser Helper Object problem. To see if its an Active X hijack open the Downloaded Program Files folder and see if there are any Active X files inside. If so you may need to delete them how ever, be aware before you delete anything in here that, legitimate ActiveX controls reside here too.

Deleting them could cause problems if they're needed by a program so you should check each one to see what its a part of right click on them and select properties and see if any of them relate to your malware if so select uninstall if you are given that option if not just delete it.

If after clicking properties you are still unsure what the're apart of and whether they're safe to delete, either look them up, or go to one of the forums listed later in this guide and seek professional help.

what ya think

 

sorry but this statement is outdated and simply not true anymore.

 

If you do say so yourself

 

Yes that's your opinion, I'm not sure if the statement has been updated in any way by DiamondCS.

 

not opinion, it's a fact!

 

Ok, now I understand...

 

Nadirah,

What's your opinion in this whole story? You are quoting proxyproxy144. And I am sure some others as well.

 

Hi All

well iv finally put my guide up it can be found here

http://spyblocker-software.com/IPB/index.php?act=ST&f=8&t=1644

for everyone that had been helping me with this id like to say a huge thank you your help has been invaluable.

This said I'm still tweaking and changing things so keep your suggestion comments rewrites etc. coming

If you have any further suggestions questions comments re-writes etc. then you can post them here or at the SpyBlocker Board here http://spyblocker-software.com/IPB/index.php?act=ST&f=8&t=1644

 

I did not quote anybody. Why do you say that I'm quoting proxyproxy144 and some others as well. I made that post entirely from my own thinking. Who's proxyproxy144?

 

Ha Ha, you kidding right?

 

dont ya think this is just a lil off topic

i mean this sort of chit chat isnt realy very constructive

 

hi all

I was wondering if anyone else has had some time to give my guide the once over ? and make any suggestions I know there is a lot of info there and that its a lot to take in and consequently replies where going to be slow but as I haven't had any replies recently I though id ask

To see the most up to date version of my guide look here: http://spyblocker-software.com/IPB/index.php?act=ST&f=8&t=1644 because the one at the top of this thread is out dated