TeMerc Internet Countermeasures
Adware, malware, spyware and hijacker information
|Home||About Our Forums||Enter Forums||About My Site||Newbie Reading||How'd I Get Infected?||Rules Of Protection||Infection Symptoms||Infection Help|
|Security Musts||AV-Firewall Protection||Countermeasures Apps||XP Acct. Protection||Security Scans||Browser Scans||Email & Ecurity||OE 6 Security||Vendor Forums|
|Forums I Visit||Excellent Websites||Win XP Links||Hero's In The Fight||Zero's||Tips\Misc. Info||Techionary||Tutorial Links||Email Us|
Buy Security Software Via TeMerc Internet Countermeasures
Malware Advisor Blog
XP Account Protection As Per The Following Security AppsThe following is what we currently know about the overall protection which is offered on each user account set up on WIN XP machines, with the following security programs. Please note this will change from time to time as we get more info regarding more apps.
IE protection is global....restricted sites protection is not.
Set up globally but it's startup is not...open the program> options> save settings (all need to be checked green)
Active X kill bits are global, the cookie protection is per user. Recently updated, Details here.
Spybot Search & Destroy v1.4
Now scans entire system, all users, except for cookies, and Temporary Internet Files.
Immunize protection and bad download blocker are not global....need to enable the protection on each user. Recently updated, Details here.
WinPatrol 2007 v12.2.2007 Oct
Global protection. Recently updated.
Now installs to protect all user accounts
IESPY AD still available for other Windows OS's.
MVPS Hosts File
Installing virus protection is global
<--not sure about user specific settings (such as what all protection
fields are enabled/disabled)
Firewall install is also global.
Disabling system restore is global.
What we have found in the
logs that usually need cleaning from each user with: (missing some
because all HJT fields not documented as yet)
***WARNING-DO NOT ATTEMPT TO REMOVE ITEMS WITH HJT UNLESS YOU ARE TRAINED TO DO SO, THE WRONG STEP CAN RENDER YOUR MACHINE DISABLED***
R0, R1, R2, R3-Internet Explorer Start/Search pages URLs
04- HKLM, HKCU -Auto loading programs from Registry
08- Extra items in IE right
013- IE Default Prefix hijack
014-'Reset Web Settings' hijack
These are found to have a global affect...affects all users.
04- Global startup
016- DPF(Downloaded Program Files)
It is also important to clean temporary files up from each individual user.
c:\docs and settings\user\*local settings\temp, and temp internet file.
* = hidden file..so they will have to show hidden files and folders
|HijackThis Categories Lists:||021-ShellServiceObjectDelayLoad|