Subscribe to New Ads!

    Receive weekly ads in your inbox!

Page 1 of 3 123 LastLast
Results 1 to 25 of 52

Thread: .:Windows Security, Maintenance and Optimizing Guide :.

  1. #1
    Xtreme Addict
    Join Date
    Jul 2006
    Between Sky and Earth

    Lightbulb .:Windows Security, Maintenance and Optimizing Applications:.

    Windows Security, Maintenance and Optimizing Guide based on applications - in 9 Easy Steps + More! (by AXS (XSAlliN))

    [1] - Antivirus & Firewall

    After a fresh Install and all the necessary Updates the next step is an Antivirus and a Firewall:NOD32 + Outpost Firewall PRO is a good combination from the commercial class, let's not forget Kaspersky Anti-Virus but you can also find free alternatives that are pretty good like: Avira AntiVir PersonalEdition Classic & AVG Free Edition as antivirus and Comodo Firewall & Agnitum Outpost Firewall Free as firewall.


    [2] - Anti Spyware,Adware, & Trojans

    That's good for the main security, now let's move on to the next step, AntiSpyware,Adware, & Trojans security, from the comercial class one of the best is Spy Sweeper, but it's good to have more then one protection since there are no conflicts at this category so let's move on to the free applications like Ad-Aware SE Personal, Spybot - Search & Destroy, AVG Anti-Spyware (Free Scaner/Remover - Trial Active Shield)
    Spyware Blaster /Spyware Guard both made by Javacool - One passive, one active.

    Other good tools which got good enough by 2008 to worth mentioning:

    Malwarebytes (recommended by SparkyJJO) - It has am active support forum so this tool is properly verified, tested and updated by it's owner.

    SUPERAntiSpyware - The name might look tricky, at first I fought is was a rogue, so I verified it and it turned up to be legit, tested it and prove to be quite efficient.

    HijackThis - and advanced detection tool made by a guy named Merijn, which now belongs to TrendSecure. I didn't post before, yet I knew about it cause it could be dangerous if used by a beginner. On the other hand, even a beginner could copy the advanced report and paste it on a forum for analysis by advanced users. Was recommended by SnakeEyez before and now it has my recommendation, cause it could be useful for finding unknown threats - but use it with caution cause this is not a simple Scan and Fix tool.

    WARNING! the internet it's full of fake software even from the commercial class, you should check rogue anti-spyware for more information about this fake products and other PC Security related stuff

    In the end I'd like to add an Excellent advice, posted by Lorna Hutcheson:

    Tools are simply that...just tools. As you work with malware, its important to have many ways to confirm your results. Its just as important NOT to totally rely on your tools to provide you with the answers. You HAVE to understand the tools your using. Don't become so dependent on one way of verifying something. I run many tools at the same time when I work with malware. Each has a different purpose as well as strengths and weaknesses. It's important to know them and not just rely on a single method. In essence you want to look at malware from many different angles and never forget that your tools are only so good and may not provide you with the right answer. Nothing can replace your analysis skills and your ability to understand what your seeing.


    [3] - Anti-Rootkits

    You need a specific definition to detect this whit an Antivirus or Antispyware application, some rootkits can be detected whit a process explorer (Like those at Nr.5 - from this Guide) - here is a good tool similar to those:


    IceSword is an effective tool against "rootkits," virus-type programs that can evade detection by ordinary antivirus products.

    IceSword has a Windows Explorer-like interface but displays hidden processes and resources that Windows Explorer would never show. It isn't a "click-here-to-delete-rootkits" product but a sophisticated discovery tool that can protect against sinister rootkits if used before they infect a machine.
    Try this link for Anti-Rootkit Software - Detection, Removal & Protection, plus more, like the latest News on Rootkits, a Rootkit List and other stuff good to know about this threat.

    A root kit is a set of tools used by an intruder after cracking a computer system. These tools can help the attacker maintain his or her access to the system and use it for malicious purposes. Root kits exist for a variety of operating systems such as Linux, Solaris, and versions of Microsoft Windows.
    NOTE: As you can see in the definition above, rootkits can be found on a variety of operating systems, I personally found more on some clients servers (Linux based), but friends found those in Windows OS - I recommend you scan both "PC and Server" just to be sure.


    [4] - Windows Services

    Assuming that you changed IE 6.0 with a secure Browser like Firefox or Opera we should move to the next step: Windows Services, I found a good link at TechSpot with all the services explained plus other informations, it's good to now what to disable this could increase your system performance.

    Do NOT use "msconfig" to disable services, type "services.msc" in the Run box instead!

    The reason is because with msconfig and Hardware Profiles, you can disable services that may be vital to boot your system. With the management console (services.msc) you cannot. Also, msconfig, while unchecking the box, is disabling the service.

    The "Disable All" button also scares me. It should not even be there as no reason exists to justify disabling "everything." (a good advice originaly by BlackViper)


    [5] - Startup Files & Process Explorer

    After installing all your everyday applications you should check the "Startup List" so you know what starts whit you Windows OS, by stooping some of them that you don't need or don't use only occasionally could speedup windows boot and general performance, I personally recommend using "Quick Launch Bar" for quick access to some applications, NOT System Try - use S.T. only for active application like AV and Firewall, you could use the next application for this purpose (to see what starts whit Windows):


    This utility, which has the most comprehensive knowledge of auto-starting locations of any startup monitor, shows you what programs are configured to run during system bootup or login, and shows you the entries in the order Windows processes them. These programs include ones in your startup folder, Run, RunOnce, and other Registry keys. You can configure Autoruns to show other locations, including Explorer shell extensions, toolbars, browser helper objects, Winlogon notifications, auto-start services, and much more. Autoruns goes way beyond the MSConfig utility bundled with Windows Me and XP.

    Autoruns' Hide Signed Microsoft Entries option helps you to zoom in on third-party auto-starting images that have been added to your system and it has support for looking at the auto-starting images configured for other accounts configured on a system. Also included in the download package is a command-line equivalent that can output in CSV format, Autorunsc
    Another useful tool is Unlocker, this could help you "DELETE" files that can't be deleted whit in the normal way. (I'm not talking about Windows Files - stay out of that place )

    Ever had such an annoying message given by Windows?

    It has many other flavors:

    Cannot delete file: Access is denied
    There has been a sharing violation.
    The source or destination file may be in use.
    The file is in use by another program or user.
    Make sure the disk is not full or write-protected and that the file is not currently in use.

    Unlocker is the solution!

    1. Simply right click the folder or file and select Unlocker
    For a quick shutdown the solution is simple just install User Profile Hive Cleanup Service. If that doesn't work, simply remove manually all the applications from your system try.

    Now it's time to look at your WinTasks Process Library, sometimes here you can find some uninvited guests, here are some applications that could help you with this (Atutoruns is good even for this):

    Process Explorer

    The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.

    The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.

    Process Explorer works on Windows 9x/Me, Windows NT 4.0, Windows 2000, Windows XP, Server 2003, and 64-bit versions of Windows for x64 processors, and Windows Vista.


    Ez-Pc-Fix is very helpful when trying to remove viruses, spyware and other troublesome advertising programs and malware from your computer because it shows you what's being started on your system and where it's getting started from (and it let's you remove them).

    [6] - Registry Tweaks

    Next in line are the Registry tweaks but it's real boring to make all the changes from "regedit" since there are some applications that could help out with this request:

    xp-AntiSpy ( quick windows settings tweaker for XP or Vista )

    The xp-AntiSpy is a little utility that lets you disable some built-in update and authentication 'features' in WindowsXP.
    For example, there's a service running in the background which is called 'Automatic Updates'. I don't know what this service transfers from my machine to other machines on the internet, especially the MS ones. So I play it safe and disable such functions. If you like, you can even disable these functions manually, by going through the System and checking or unchecking some checkboxes. This will take you approximately half an hour. But why wast time when a little neat utility can do the same in 1 minute?
    xpy (quick windows settings tweaker)

    Small tool which disables the default threats of a Windows XP installation. Besides disabling Windows and some of its components to communicate with Microsoft servers, xpy improves privacy settings and your system’s security.

    • Disable Windows “calling home”
    • Disable questionable services
    • Disarm Internet Explorer
    • Disarm Windows Media Player
    • Remove Windows Messenger
    • Improve privacy and security
    • Improve performance

    Though xpy is smaller than 60 kilobytes, it can close serious threats (i.e. DCOM) on long distance, where large service-packs can only protect you until a new security hole has been found.

    This radical, new tool is the one of the best and most powerful Windows XP tweakers ever, supporting totally unseen tweaks, which is unique to the program.


    · Ultra-fast boot (rearrange boot files)
    · Boot folder defragmentation
    · Prefetch folder cleaning
    · DNS cache optimization
    · File allocation size tweak
    SG TCP Optimizer (Network/Internet connection Tweaker)

    Description: The TCP Optimizer is a free, easy Windows program that provides an intuitive interface for tuning and optimizing your Internet connection. There is no installation required, just download and run.

    The program can aid both the novice and the advanced user in tweaking related TCP/IP parameters in the Windows Registry, making it easy to tune your system to the type of Internet connection used. The tool uses advanced algorithms, and the bandwidth*delay product to find the best TCP Window for your specific connection speed. It provides for easy tunning of all related TCP/IP parameters, such as MTU, RWIN, and even advanced ones like QoS and ToS/Diffserv prioritization. The program works with all current versions of Windows, and includes additional tools, such as testing average latency over multiple hosts, and finding the largest possible packet size (MTU).
    Windows Half-open limit fix (patch) (Works even with Vista 64 bit SP1 and you don't have to disable digital driver signing)

    Default Value: 10 connections

    Program Half-open limit fix intend for changing maximum number of concurrent half-open outbound TCP connections (connection attempts) in system file tcpip.sys.

    This limit is entered by company Microsoft trying to make slower virus spreading from infect computer and cut down opportunities of participation of a computer in DoS attacks.

    First this limit was entered in SP2 for Windows XP and present at all new versions of Windows. Limit consists that the computer is not authorized to have more than 10 concurrent half-open outbound connections. At achievement of a limit new attempts of connections are put in turn.

    Thus, speed of connection to other computers is actually limited.

    This limit is especially critical for P2P programs (µTorrent, BitComet, eMule, P2PTV etc.) users. When the P2P program works, pages in a browser can be loaded extremely slowly. The delay before the beginning of opening can make some tens seconds irrespective of speed of your connection.

    Half-open limit fix cleans this limit, that is increases the maximal limit of half-open connections. For the overwhelming majority of users there will be sufficient a limit equal 100.

    For cleaning you could use CCleaner (Cleaner, Software uninstaller and Startup Manager):



    The myth about Registry Cleaning was busted and yeah, it's true you won't see a big improvement after using those cleaners but they're good for general cleaning (like recently used files which or temporary stored in different folders even registry values).

    WARNING: It's good to add that some Registry Cleaners or dangerous, since they try to clean what they shouldn't and that could make you OS unstable. With XP most of them were harmless but with Vista even those could be dangerous.

    "WinXSX" is one of the causes behind this danger. That directory is a massive library of .dll files which they constantly update whith every new application installed (that why it grows in size) for compatibility purpose. Some registry cleaners aren't capable of understating that and they delete the registry value of old or recently installed .dll files. That could lead to applications incompatibility or SO instability.


    [7] - HDD Maintenance

    All deleted files leave some traces behind, which in time feel like a burden for you HDD. Fortunately tools like Eraser can clean those junk files. Even cover traces of your sensitive data, files that you deleted and don't want to be recovered. In case you sale you HDD, or change your work place and feel like leaving a clean desk - for example.

    Eraser is an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Works with Windows 95, 98, ME, NT, 2000, XP, Windows 2003 Server and DOS.
    Eraser is Free software and its source code is released under GNU General Public License.

    The patterns used for overwriting are based on Peter Gutmann's paper "Secure Deletion of Data from Magnetic and Solid-State Memory" and they are selected to effectively remove magnetic remnants from the hard drive.

    Other methods include the one defined in the National Industrial Security Program Operating Manual of the US Department of Defense (DoD 5220.22) and overwriting with pseudo random data. You can also define your own overwriting methods.
    Copying/Deleting/Installing/Downloading - basically all intensive actions that interact with your HDD lead to one thing: Fragmented files - You all have some favorite tool for defragmenting your HDD, even the one included in Windows. Most of them or classic tools, or should I say "Old tools" with a modern interface. I personally am against this tools that require a lot of time to do their work and all that time they stress your HDD to maximum. I even consider them dangerous, but since I have no prof I'll let you decide what's best for your HDD.

    I found this "Defragmenting Tools Roundup" which might help you understand the benefits of defragmenting, it might even help you choose the right tool for your needs. I personally found Eraser combined with JkDefrag to be the best solution. I use Eraser to Erase Unused Space which clears all the junk from previously deleted files, fallowed by JkDefrag which covers the disk defragmentation and optimization needs. After this treatment, your HDD will act just like a new, freshly formatted HDD.

    The next tools are great for HDD statistics, like: Health (based on SMART), partition size, etc. I also recommend using the main tools from your HDD manufacture, like: Data Lifeguard Tools from "Western Digital".

    Now the good stuff, at first I'd like to recommend WinDirStat wich is a disk usage statistics viewer and cleanup tool for Microsoft Windows (all current variants). - found this great tool accidentally, originally was recommended by nn_step for another user, plus it's free.

    Another great tool could be HDD Tune, a Hard Disk utility which has the following functions:

    * Benchmark: measures the performance
    * Info: shows detailed information
    * Health: checks the health status by using SMART
    * Error Scan: scans the surface for errors
    * Temperature display
    It's good for his purpose and it's also free.


    [8] - Backup Tools

    Now that all is clean and fresh you should make a BackUp so you could prevent future problems, you could use Paragon Drive Backup , Acronis True Image or Cobian Backup (this one is Free).


    [9] - Boot Management Tools

    Let's not forget some vital tools for critical times (like not being able to install the OS because of blue screens and other problems that might occur in this stage), an all in one package whit lots of great stuf for management,Testing, Diagnosis and more - you don't need no OS for this just create a Boot CD/DVD/USB set your system (BIOS) to Boot from this devices and you're On, so here they are:

    Ultimate Boot CD

    Ultimate Boot CD

    The basic version contains updated versions of all tools found in previous releases and even adds a few more. This version does not contain the Linux boot environment INSERT.

    Hard Disk Installation

    MaxBlast (Maxtor)
    DiscWizard (Seagate)
    Disk Manager (Seagate)
    Disk Manager (Samsung)

    Hard Disk Diagnosis

    Drive Fitness Test (IBM/Hitachi)
    PowerMax (Maxtor/Quantum)
    SCSIMax (Maxtor)
    DLG Diagnostic (Western Digital)
    Data Lifeguard (Western Digital)
    SeaTools Desktop (Seagate)
    Diagnostic Tool (Fujitsu)
    SHDIAG (Samsung)
    HUTIL (Samsung)
    GWSCAN (Gateway)
    GWSCAN (Gateway)
    Salvation HDD Scan and Repair
    ExcelStor's ESTest

    Hard Disk Device Management

    Feature Tool (IBM/Hitachi)
    AMSET (Maxtor)
    MAXLLF (Maxtor)
    UATA100 (Seagate)
    Ultra ATA Manager (Western Digital)
    ATA Password Tool
    ExcelStor's SATA Tool

    Hard Disk Wiping

    AutoClave (Discontinued)
    Active@ KillDisk Free Edition
    Darik's Boot and Nuke
    PC INSPECTOR e-maxx

    Hard Disk Cloning

    HDClone (Free Edition)
    PC INSPECTOR clone maxx

    Hard Disk Sector Editor

    Disk Editor
    PTS DiskEditor

    Partition Tools

    Ranish Partition Manager
    XFDISK (Extended FDISK)
    SPFDISK (Special FDISK)
    Partition Resizer
    Partition Saving
    Free FDISK
    Active@ Partition Recovery

    Boot Managers

    Smart BootManager
    Super Grub Disk

    File Tools

    DOS Navigator
    File Maven
    Necromancer's DOS Navigator
    Eraser for DOS

    NTFS Tools

    Offline NT Password & Registry Editor
    Active NTFS Reader for DOS
    Boot Partition
    NTFS4DOS n/a

    System Burn-In Test


    CPU Test

    CPU Burn-in
    Mersenne Prime Test

    Memory Test

    Windows Memory Diagnostic n/a
    DocMem RAM Diagnostic
    DocMem RAM Diagnostic

    Peripherals Test

    Parallel port detection and test utilities
    ATAPI CDROM Identification
    CHZ Monitor-Test

    CPU Information

    Intel Processor Frequency ID Utility

    System Information

    AIDA16 (Discontinued)
    PC-Config 9.33

    Benchmark Applications

    System Speed Test
    3D Benchmark VGA
    CPU Benchmark
    CD Index

    BIOS Utilities


    DOS Boot Disks

    FreeDOS Boot Disk
    OpenDOS Boot Disk
    NwDsk: NetWare Boot Disk
    MSRRC: Bart's Network Boot Disk on FreeDOS

    Antivirus Tools

    F-Prot Antivirus for DOS (Personal use only)
    McAfee Antivirus Scanner
    Avast! V7.7 for DOS
    AVG Free Edition

    Network Tools

    Note: First you need to create a configuration floppy disk based on freesco/freesco.zip on the CD
    Arachne WWW Browser
    QNX Demo Browser (network and modem version)

    DOS Boot Disks

    LZ-DOS Boot Disk
    FreeDOS Boot Disk
    OpenDOS Boot Disk
    MS-DOS Boot Disk
    NwDsk: NetWare Boot Disk
    MSRRC: Bart's Network Disk Clone

    Linux Boot Disks

    Tom's Boot Disk
    Or you could try something more complete in some ways and more famous for it's stuff: Hiren's BootCD it has most of the things from the one above plus more.


    Security Analyzer/Advisor - I'm sure there are a lot of guides and tools for this porpuse so I'll give you two of them - the most advanced in my opinion Belarc Advisor - Free Personal PC Audit and Microsoft Baseline Security Analyzer.

    Hope you could have a better experience in Windows whit this personal Basic/Advanced guide, 8 Steps (+ the additional Security Analyzer/Adviser) for a better security, Performance and a Cleaner and more stable System
    Last edited by XSAlliN; 01-18-2009 at 03:46 AM.

  2. #2
    Xtreme Addict
    Join Date
    Jul 2006
    Between Sky and Earth
    Some Advices Before Instaling Windows:

    Bios Upgrade - In general this is a good thing, usually adds support for some new hardware or fixes some errors caused by Bios, but there are times when a Bios Upgrade could be fatal not just for the OS but also for your hardware parts, this problem is usually rare caused by wrong install of Bios or a Bad Bios released on the internet even official one (happened some time ago whit a BIOS from MSI), so if your system works fine don't update your BIOS just because there's a new version on the main site, wait some time (even a month or more) before you tri it - News about a Bad Bios gets out from the first day.

    Another thing, don't Update your Bios whit Update Applications made for this porpuse from Win (even from the main site), you can Update your Bios from Win but download the BIOS on desktop and install it from there (usually you have some tools for that on the main site) , I guess I don't have to warn you to stay away from Bios Configuration if you're not an advanced user.

    Another way to Update Windows - I personally don't like to bother whit Windows Updates so before a clean install I integrate all the updates to Win CD , all this thanx to RyanVM's Windows XP Post-SP2 Update Pack because this is the cleanest way to install Win, but if you don't feel like reinstalling Windows you could use an alternative like AutoPatcher XP.
    Last edited by XSAlliN; 10-31-2006 at 09:41 AM.

  3. #3
    Registered User
    Join Date
    Mar 2006
    It was good. I liked, showed me a few apps that I didn't know for tweaks and stuff. It's awesome! Thanks!

  4. #4
    Registered User
    Join Date
    Jul 2006
    thanx man...this is helpfull...for some..

  5. #5
    Da Goose
    Join Date
    Oct 2005
    Great job XSAlliN; some interesting things in here. Wished I understood more of them...

    i7-860 Farm with nVidia GPU's

  6. #6
    I am Xtreme
    Join Date
    Apr 2005
    Upstate, NY
    I vote sticky, nice job man
    Core i3-550 Clarkdale @ 4.2GHz, 1.36v (Corsair A50 HS/F) LinX Stable
    MSI H55-GD65 Motherboard
    G.Skill 4GBRL DDR3-1600 @ 1755, CL9, 1.55v
    Sapphire Radeon 5750 1GB
    Samsung F4 320GB - WD Green 1TB
    Xigmatek Utgard Case - Corsair VX550

  7. #7
    Xtreme Addict
    Join Date
    Jul 2006
    Between Sky and Earth
    Thanx, I'll Upgrade it in time

  8. #8
    I am Xtreme
    Join Date
    Apr 2005
    Upstate, NY
    Sounds good, cant wait for updates
    Core i3-550 Clarkdale @ 4.2GHz, 1.36v (Corsair A50 HS/F) LinX Stable
    MSI H55-GD65 Motherboard
    G.Skill 4GBRL DDR3-1600 @ 1755, CL9, 1.55v
    Sapphire Radeon 5750 1GB
    Samsung F4 320GB - WD Green 1TB
    Xigmatek Utgard Case - Corsair VX550

  9. #9
    Royal Administrator
    Join Date
    Jul 2005
    New York City
    NOD32? Ahhhh, I hate NOD32 (Oh, because it uses less resources! Man, who cares if it doesn't eat up a lot of resources? It doesn't detect all viruses good as Kaspersky). Kaspersky FTW.

  10. #10
    Xtreme Addict
    Join Date
    Jul 2006
    Between Sky and Earth
    And here or some news, Virus.gr Antivirus roundup from 15-25 August 2006 by www.virus.gr

    *The test was made on 15-25 August 2006, using Windows XP Professional SP1 on a P4 2800 Mhz, 512MB DDRAM.
    *All programs tested had the latest versions, upgrades and updates and they were tested using their full scanning capabilities e.g. heuristics, full scan etc. The default settings of each program were not used, in order for each program to achieve its maximum detection rate. Because of this, there is a possibility for the tested programs to detect a few false positives.
    *The 147184 virus samples were chosen using VS2000 according to Kaspersky, F-Prot, Nod32, Dr.Web, BitDefender and McAfee antivirus programs. Each virus sample was unique by virus name, meaning that AT LEAST 1 antivirus program detected it as a new virus.
    *ALL virus samples were unpacked and the only samples that were kept were the ones that were packed using external-dos-packers (that means not winzip, winrar, winace etc).
    *The virus samples had the correct file extension using a special program (Renexts) and were unique, according to checksum32 filesize.
    *Most of the virus samples used were not previously replicated at the time the test was made, which means that some of them, although probably only a few, may be false positives. The procedure of testing each and every virus sample is still under process.
    *The programs MKS_VIR , PER and IPArmor were not tested because there was no english demo version available.
    *The programs WinAntivirus , Anti-Hacker Expert , Command , Extendia AVK , GDATA AVK , BOClean , VET and Freedom were not tested because there was no demo version available.
    *Thourough mode was not used in VBA32 due to extremely slow scan process.
    *Advanced heuristics were not used in Tauscan due to extremely slow scan process.
    *VirusBuster uses the exact same engine as Vexira.
    *TheShield uses the exact same engine as VirobotExpert.
    *Avira uses the exact same engine as AntiVir.
    *Fire uses the exact same engine as Solo.
    *MKS_VIR uses the exact same engine as ArcaVir.
    *BullGuard uses the exact same engine as BitDefender free edition.
    *The program InVircible did not include a "typical" scanner-function and could not be tested.
    *The program V-Catch checks only mail accounts and could not be tested.
    *The program PC Tools kept crashing while testing the samples.
    *DOS-Based scanners were not tested.

    The following file types were used.



    The virus samples were divided into these categories, according to the type of the virus :

    *File = BeOS, FreeBSD, Linux, Mac, Palm, OS2, Unix, BinaryImage, BAS viruses, MenuetOS.
    *MS-DOS = MS-DOS viruses.
    *Windows = Win.*.* viruses.
    *Macro = Macro, Multi and Formula viruses.
    *Malware = Adware, DoS, Constructors, Exploit, Flooders, Nukers, Sniffers, SpamTools, Spoofers, Virus Construction Tools, Droppers, PolyEngines.
    *Script = ABAP, BAT, Corel, HTML, Java, Scripts, MSH, VBS, WBS, Worms, PHP, Perl, Ruby viruses.
    *Trojans-Backdoors = Trojan and Backdoor viruses.


    1. Kaspersky version - 99.62%

    2. Active Virus Shield by AOL version - 99.62%

    3. F-Secure 2006 version 6.12.90 - 96.86%

    4. BitDefender Professional version 9 - 96.63%

    5. CyberScrub version 1.0 - 95.98%

    6. eScan version 8.0.671.1 - 95.82%

    7. BitDefender freeware version 8.0.202 - 95.57%

    8. BullGuard version 6.1 - 95.57%

    9. AntiVir Premium version - 95.45%

    10. Nod32 version 2.51.30 - 95.14%

    11. AntiVir Classic version - 94.26%

    12. ViruScape 2006 version 1.02.0935.0137 - 93.87%

    13. McAfee version 10.0.27 - 93.03%

    14. McAfee Enterprise version 8.0.0 - 91.76%

    15. F-Prot version beta - 87.88%

    16. Avast Professional version 4.7.871 - 87.46%

    17. Avast freeware version 4.7.871 - 87.46%

    18. Dr. Web version 4.33.2 - 86.03%

    19. Norman version 5.90.23 - 85.65%

    20. F-Prot version 3.16f - 85.14%

    21. ArcaVir 2006 - 83.44%

    22. Norton Professional 2006 - 83.18%

    23. AVG Professional version 7.1.405 - 82.82%

    24. AVG freeware version 7.1.405 - 82.82%

    25. Panda 2007 version 2.00.01 - 82.23%

    26. Virus Chaser version 5.0a - 81.47%

    27. PC-Cillin 2006 version 14.10.1051 - 80.90%

    28. VBA32 version 3.11.0 - 79.12%

    29. ViRobot Expert version 4.0 - 76.22%

    30. UNA version 1.83 - 75.44%

    31. Rising AV version 18.41.30 - 73.60%

    32. Sophos Sweep version 6.0.2 - 69.48%

    33. Ikarus version 5.19 - 63.22%

    34. Antiy Ghostbusters version 5.1.3 - 61.55%

    35. Digital Patrol version 5.00.12 - 54.29%

    36. Vexira 2006 version 5.002.45 - 52.66%

    37. V3Pro 2004 version - 52.38%

    38. Ewido Premium version - 51.27%

    39. Ewido freeware version - 51.27%

    40. ClamWin version 0.88.4 - 51.23%

    41. E-Trust version - 50.36%

    42. ZoneAlarm with VET Antivirus version 6.5.722.000 - 44.65%

    43. A Squared Anti-Malware version 2.0 - 43.28%

    44. A Squared Free version 2.0 - 43.28%

    45. Zondex Guard version 5.4.2 - 41.73%

    46. Comodo version - 41.02%

    47. Solo 4.0 version 3.1.0 - 40.83%

    48. Protector Plus version 7.2.H03 - 37.04%

    49. Quick Heal version 8.00 - 33.66%

    50. PC Door Guard version - 24.13%

    51. AntiTrojan Shield version - 24.11%

    52. VirIT version 6.1.9 - 21.39%

    53. Trojan Hunter version 4.2.924 - 13.44%

    54. Trojan Remover version 6.5.1 - 8.00%

    55. Tauscan version 1.70.1414 - 7.70%

    56. The Cleaner version 4.2.4319 - 6.03%

    57. Hacker Eliminator version 1.2 - 1.70%

    58. Abacre version 1.4 - 0.00%

    Heuristics-only detection (includes only antivirus software that allowed heuristics NOT to be used during the scan)

    What are heuristics: They analyze the code of each file with generic methods and detect new viruses that have not yet been included in the virus database of the antivirus software.

    Why are heuristics important: Because they help the antivirus software to discover a new unknown virus and thus protect the pc from being infected, even though the specific virus has not yet been included in the virus database of the antivirus software.

    Rank Antivirus - Detected using only heuristics (this is the total of samples that would not be detected by each antivirus if heuristics were not used and not the total of samples that are detected by each antivirus using heuristics!)

    1 Nod32 2.51.30 - 41503
    2 Vba32 3.11.0 - 32911
    3 VirIT 6.1.9 - 16469
    4 AVG 7.1.405 Professional - 13624
    5 AVG 7.1.405 freeware - 13624
    6 Rising AV 18.41.30 - 12214
    7 McAfee 10.0.27 - 10708
    8 Ikarus 5.19 - 7191
    9 F-Prot beta - 6247
    10 Ukrainian National Antivirus 1.83 - 5506
    11 ArcaVir 2006 - 4987
    12 Digital Patrol 5.00.12- 4760
    13 Panda 2007 2.00.01- 4191
    14 Norton 2006 Professional - 4004
    15 Trojan Hunter 4.2.924 - 3766
    16 AntiVir Premium - 3697
    17 AntiVir Classic - 3594
    18 Dr. Web 4.33.2 - 3575
    19 Norman 5.90.23 - 3272
    20 F-Prot 3.16f - 2493
    21 McAfee Enterpise 8.0.0 - 991
    22 Sophos Sweep 6.0.2 - 869
    23 BullGuard 6.1 - 511
    24 BitDefender 8.0.202 freeware - 511
    25 AntiTrojan Shield - 386
    26 BitDefender 9 Professional - 353
    27 ZoneAlarm 6.5.722.000 with VET Antivirus - 124
    28 PC Door Guard - 52
    29 eScan 8.0.671.1 - 45
    30 Comodo - 0
    31 Quick Heal 8.00 - 0



    AV-Test.org Antivirus Roundup (on May 2007)

    AV-Test.org, an independent testing group at the Otto-von-Guericke-University (Magdeburg, Germany), tested 29 anti-malware products with a very large set of files (606,901 to be specific). The goal was to test detection capabilities only, not cleaning. Products were set with their most aggressive detection options, such as using all heuristics and testing inside archives.

    In the test set were:

    * 68,864 backdoors
    * 407,487 Trojan Horses
    * 47,891 bots (zombies)
    * 82,659 worms

    Some of the results:

    * The best product, WebWasher, detected 99.83 percent, but this is a gateway product. The best desktop product, at 99.56 percent, is AVK 2007.
    * The worst product, Computer Associates's eTrust-VET, detected 62.12 percent.
    * The average product detected 86.95 percent, the median 90.97 percent.

    All products were last updated on Friday, May 18th, prior to the test. Only current malware was used, meaning all samples were seen in the last 12 months. Only Win32 malware, not 16-bit Windows or DOS, was used, and all malware had to be functional, as opposed to corrupted or benign samples.


    Here's another Site good for AV Comparison: http://www.av-comparatives.org/


    Windows Personal Firewall Analysis


    Each firewall was tested twice against 26 leak tests - once with its default, out-of-the-box settings, and once with its highest security settings. Each firewall was then awarded an overall score derived from its pass/fail result against each test. The higher the score, the better the firewall performed against the range of leak tests. For every test the firewall passed on its default settings it gained 125 points. For those tests that the firewall failed on its default settings but passed on its highest security settings it gained 100 points. The number of tests per firewall settings is 77. Thus the maximum score is 77 * 125 = 9625 points. The tested firewalls were installed on Windows XP SP2, Internet Explorer 6.0 was set as the default browser and was running during the tests.

    ================================================== ========

    Interpretation of results

    The clear winners of our tests are Comodo Firewall Pro and Jetico Personal Firewall beta. Whilst Comodo is the best on its highest security settings, Jetico has the best default settings configuration. On the highest security settings, Comodo passed all leak-tests, Jetico failed against Breakout and pcAudit. These results are excellent! What is more, both firewalls are still in development and we can expect that they will pass all tests in their future versions. Congratulations!

    ================================================== ========

    Another important result of our tests is firewall scoring against FPR. FPR stands for Fake Protection Revealer. This leak-test was implemented to reveal cheating on leak-tests. Outpost Firewall PRO 4.0 (971.584.079) was convicted of such cheating. It passes all leak-tests except FPR because of the implementation of user mode hooks (ring3) for security purposes. Our article Design of ideal personal firewall clearly says that ring3 hooks can not be used for security critical features. FPR does nothing but unhooks ring3 hooks which is always possible and thus bypasses such protection. This means that Outpost Firewall PRO cheats to be very strong against leak-tests but in fact it is very weak against real malware. The vendor of Outpost claims that Outpost is strong against the malware on this field but the reality is quite different. Another firewall that implements fake protection using user mode hooks only to bypass some leak-tests is Privatefirewall Other firewalls that use ring3 hooks improperly are Sunbelt Kerio Personal Firewall 4.3.268 and Look 'n' Stop 2.05p2. However, their hooks did not affect their test results that much. And unlike Outpost, their hooks were not implemented to mislead the end-users.

    Fifteen of the tested firewalls were marked with Very poor or None anti-leak protection. This result is quite worrying because it shows that even today, when the malware programs are very sophisticated, still a lot of vendors simply do not care about the outbound connection control seriously.

    The link with Full details on this subject.

    Last edited by XSAlliN; 06-06-2007 at 12:30 PM.

  11. #11
    Royal Administrator
    Join Date
    Jul 2005
    New York City
    NOD32 updates their database signatures up to 3 days. Also, every antivirus scanner has own heuristic detection rules. Kaspersky had built-in heuristic analyzer for one year (2003-2004). Then they got rid of it and added Proactive Defense, which is similar to heuristic analyzer.

  12. #12
    Xtreme Addict
    Join Date
    Jul 2006
    Between Sky and Earth
    Proactive Defense - I'v seen a similar specification on Pantene Pro V but I don't want to wash my PC, and it has no hair so it's ussles (joking)

    I'f you don't agree whit that Antivirus roundup complain at www.virus.gr , that's the most recent TOP on the internet, I'v used both products and had problems whit none (except the bigger needs of KAV - on my PC at work whit 128 DDR it was impossible to use it), when it comes to detection based on signature updates I agree KAV is one the best, but when it comes to heuristics NOD32 is better - I guess that's why Kaspersky updates the virus signatures so often.

    PS.This is not a versus topic, if you like other products better that's fine whit me, I'v used most of the applications above and found them good at what they are suppose to do.
    Last edited by XSAlliN; 10-31-2006 at 12:43 AM.

  13. #13
    Registered User
    Join Date
    Oct 2006
    really nice post, just wanted to say thanks, this will be a great reference tool for me

  14. #14
    Xtreme Cruncher
    Join Date
    Dec 2002
    NW Ohio
    Good post Xsallin!!
    Donate to XtremeSystems!

    Workstation: Intel Core i7 4770, Asus Maximus VI Gene, 32GB Corsair Dominator Platinum DDR3-1866, eVGA SC GTX Titan, 256GB Crucial M4, Corsair HX850, Corsair H100i. Corsair Carbide 350D
    Fileserver: 2x AMD Opteron 2425HE, Supermicro H8DME-2, 24GB DDR2-667, Supermicro 846TQ 24bay Chassis, Redundant 920w, 256 Crucial M4 boot, 20TB Storage
    Notebook Asus Zenbook UX32VD-DH71, Intel Core i7 3517u, 10GB DDR3-1600, 256GB Crucial M4, Geforce GT 620M

  15. #15
    Xtreme Addict
    Join Date
    Jul 2006
    Between Sky and Earth
    1 October 2006 - added one more step: [8] - Boot Management Tools
    Last edited by XSAlliN; 10-01-2006 at 04:34 AM.

  16. #16
    Registered User
    Join Date
    Oct 2006
    thanks for the post I will print and keep it for reference

  17. #17
    Xtreme Addict
    Join Date
    Jul 2006
    Between Sky and Earth
    5 October 2006 - added Security Analyzer/Advisor, I won't add this as a 10'th step because it's more for info on your System Security, like windows Updates and other stuff, it's not recommended to apply all those security advices, it's more easy to remove your "NW Cable" if you feel the need of that kind of security but some of them or good to Know and use on your own PC

    L.E. - 6 Octomber 2006 - removed "version nomber" from the end because of future Updates for a cleaner guide, added Agnitum Outpost Firewall Free
    Last edited by XSAlliN; 12-22-2006 at 01:58 AM.

  18. #18
    Xtreme Addict
    Join Date
    Jul 2006
    Between Sky and Earth
    Changed ewido anti-spyware to AVG Anti-Spyware because ewido anti-spyware 4.0 will now continue under the new product name AVG Anti-Spyware 7.5. AVG Anti-Spyware 7.5 contains the same ewido technology, but with some further enhanced features:

    Highly improved cleaning
    Lower resource usage
    Additional languages supported

    All current licenses for ewido anti-spyware 4.0 will continue to be valid, and users can change over to the new AVG Anti-Spyware 7.5 for free.
    Last edited by XSAlliN; 11-01-2006 at 06:24 AM.

  19. #19
    I am Xtreme
    Join Date
    Dec 2002
    hey - this is a sweet guide, i thought i knew alot about keeping windows clean, but i have definetly picked up some cool tricks here - thanks!

  20. #20
    Xtreme Cruncher
    Join Date
    Oct 2006
    1000 Elysian Park Ave
    Sweetness, i just upgraded my cousins PC with a new HDD. Time to give it a tune-up before he gets on his way.
    i3-8100 | GTX 970
    Ryzen 5 1600 | RX 580
    Assume nothing; Question everything

  21. #21
    Xtreme Member
    Join Date
    Jan 2006
    I'd just like to give an OUTSTANDING plug to Acronis True Image v9.0!!

    It's a great utility to clone a hdd. I like to clone my hdd after a good install with all my programs loaded. After I clone to a second hdd, I unplug the original and make sure the cloned disk boots up fine.

    You can either leave the cloned disk or original disk installed and just unplug the other one for a back-up. I clone every month or so to keep updating new programs, etc.....
    ASUS P5B-Deluxe
    C2D E6600 @ 3.525g
    G.Skill 2x1gb PC6400 HZ's
    2x Seagate 400gb SATAII HDD's
    PNY 7900GS @ 450/1320mhz
    Lite-On SATA and IDE DVD-RW
    OCZ GameXTreme 600w PSU
    D-Tek FuZion "bowed"
    LAING D5
    Thermochill PA120.2
    2x Scythe SFF-21F's

  22. #22
    Xtreme Addict
    Join Date
    Jul 2006
    Between Sky and Earth
    22 December 2006 - Updated the Guide, added one more step [3] - Anti-Rootkits - found this treats (root-kits) at some clients and fought of sharing this whit you.

  23. #23
    Registered User
    Join Date
    Apr 2006
    Boston, Mass.

    not too bad

    Some pretty good links. A lot more stuff than I would put on my own machine, or on one of the ones at work, but good utilities for performing specific tasks.

    One thing I would add to this list is the use of a HOSTS file. I downloaded one from http://www.mvps.org/winhelp2002/hosts.htm and then edited out 80% of it and kept the crucial URLs.

    This completely blocks access to websites you don't trust or don't like. It also blocks ad servers. The main problem with viruses and trojans is that as soon as they're installed, they call their friends. Hundreds of them. If your HOSTS file shows their friends' URLs as being located on your computer (use the loopback address), it will come up with 'Page Can Not Be Displayed' and there's no additional harm done.

    Firewalls have limits, and anti-spyware and anti-virus software only helps some of the time (and usually does not remove what you want to remove fully and permanently). Symantec, I'm looking in your direction. You've got to layer your protection. The HOSTS file acts as both the first and last lines of defense. It will help you not to get infected in the first place, or it will help you to absorb damage if you manage to screw things up. I use this strategy on the Windows machines at the office and we haven't had a virus since I started 10 months ago.
    We've all heard that a million monkeys banging on a million typewriters will eventually reproduce the entire works of Shakespeare. Now, thanks to the Internet, we know this is not true. -- Robert Wilensky

  24. #24
    Xtreme Addict
    Join Date
    Jul 2006
    Between Sky and Earth
    Spyware Blaster - dose the same thing (even in Firefox) - some things are necessary others just in case...

    LE: REMOVED AOL ACTIVE VIRUS SHIELD - didn't try it before, now that I did, I can say that I agree whit this AV, may seem promising because of his engine (based on Kaspersky) plus it's free, but actually it's not what it seems....

    My first problem whit this AV was the "Activation Code" - 3 mails (yahoo, Gmail & Hotmail) and no response, second was the "EULA", after reading it more carefully found some things that shocked me - I knew it was catch whit this AV (it seemed to good tot be true), did some searching and found others that got to same conclusion, when I first posted this AV didn't knew about the PC part, I fought only my mail would get to suffer if it actually begins to spam it whit ADS - now that I know about the PC part...I DON'T RECOMMEND IT ANYMORE!

    PS.Last time I try or recommend a AOL product and I like to apologies for that, should have known better - now that was bad way to spend my first day of XMAS!
    Last edited by XSAlliN; 12-26-2006 at 12:12 PM.

  25. #25
    Registered User
    Join Date
    Jun 2006
    thanks,this is really good guide

Page 1 of 3 123 LastLast



Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts