I've decided it's time to fight back and provide some tools for people to fight malware.

The first step to fighting it on your machine (this article is geared to the more technical crowd) is being able to stop it from loading, replicating, and communicating.

1. Always review your firewall rules.

2 . Process Creation

NtCreateSection

MiFindImageSectionObject

MiLockPfnDatabase

MiInsertImageSectionObject

MiCreateImageFileMap

NtCreateProcessEx

MmCreateProcessAddressSpace

MmCreatePeb

BasePushProcessParameters

BaseCreateStack