How to remove spyware using HijackThis如何删除间谍软件使用HijackThis
Posted on June 23, 2008 at 5:05 am张贴于2008年6月23日在上午05时05分
Are you getting unusual system slowdown ? Have you tried scanning your computer with an antivirus and cleaned up your hard disk but still no effect? Is your browser too crowded with silly add-ons that your favorite niece mercilessly installed on your home computer?您是否获得不寻常的系统放缓 ?您是否尝试过扫描您的计算机防病毒和清理您的硬盘,但仍然没有效果呢?是您的浏览器过于挤迫,与傻的加载项您最喜爱的侄女,无情地安装在您的家用电脑呢?
Stop pulling you hair.停止拉你的头发。 Your computer could be infested by malware, adware or just plain annoying but hard to remove software that your antivirus or personal firewall software failed to detect. Nowadays it is easy to be infected with these sort of software because they come in with legitimate software installers like a hardware device driver or a media player.您的计算机就可能受到感染,由恶意软件,广告软件或只是平原,但恼人的努力,以消除软件 ,您的防病毒或个人防火墙软件无法被侦测到。今时今日,这是容易被感染这类软件,因为他们来在与合法的软件安装一样硬件设备的驱动程序或媒体播放器。
Canon printers for example come in with a “bonus” software like Easy-WebPrint that supposedly lets you print web pages using your browser. I can do that with just a plain print button on the browser, thank you very much Canon. If you think Canon is bad for trying to give you this stuff, HP is even worse - the HP utility software run even when you are not printing, scanning or browsing anything!佳能印表机,例如来,在与“红利”软件一样,容易webprint认为,假定可让您打印网页,请使用浏览器,我可以这样做,只是一种朴素的打印按钮,就浏览器,非常感谢你佳能。如果你认为佳能是坏试图给你这种东西,惠普是更坏-惠普实用软件来说,即使您没有印刷,扫描或浏览什么!
Apple also loves to bundle their Itunes software with modules you don’t need like the苹果公司还喜欢捆绑其iTunes软件模块您不需要像 Apple mobile device service 苹果电脑的移动设备服务 , can’t they wait until I am able to buy an iPhone before they enable this software in my computer? These unuseful crapware hogs memory and CPU utilization thereby slowing the overall system performance. ,他们不能等到我能买到一拥有前,他们使这个软件在我的电脑吗?这些unuseful crapware猪记忆体和CPU利用率,从而减缓了整体系统性能。
Usually, if we want to kill a process we go to the Windows Task Manager. But we all know that the Task Manager just lets you stop processes and not remove them - they will still comeback and run once you reboot or open a program that calls the process. Uninstalling the software using Add/Remove Programs on the control panel could also be a non-option since most of the time there is no way you can uninstall a component without uninstalling the whole thing - you don’t want to have a printer without a driver right?通常,如果我们想要杀害的过程,我们去到Windows任务管理器,但我们都知道,现在的任务管理器只是可让您停止的过程,而不是删除他们-他们仍会东山再起,并运行一旦您重新启动或打开一个程序,要求这一进程。卸载软件使用添加/删除程序对控制面板,也可以一个非选项以来,大部分的时间是没有出路的,您可以卸载的一个组成部分,没有卸载整个事情-你不想有一个打印机没有一个司机的权利?
An answer from the Trend Micro Group came when they gave the freeware called答案从趋势科技组来到时,他们给所谓的免费 HijackThis 和HijackThis . Download.com gave it a perfect 5 star rating and is tested spyware free. This tool lets you scan the registry and hard drive and lists down everything so you can pick and “fix” what you think is bad. 。 download.com了一个完美的5星评价和测试间谍软件免费,这工具可让您扫描注册表和硬盘驱动器,并列出了下来,一切使您可以挑选和“修正”你认为什么是坏。
Scanning your computer with HijackThis is simple, open it, click “Do a system scan and save a logfile” and wait until it finishes scanning:扫描您的计算机和HijackThis很简单,打开它,点击“做了系统扫描并保存日志文件” ,并等待它完成扫描:
A sample scan result is shown below:样本扫描的结果是,如下所示:
At first this could look too complicated but it’s not. The coded groups like R1, R0, O2, O3 at the beginning of each entry is just the group or type of entry. To see the description of each group click the Info… button on the lower right corner:首先,这可以看太复杂,但它不是。编码团体,例如R1的, R0的,氧气,臭氧在每年年初进入,只是该集团或类型的项目。看到的描述,每组按一下信息…按钮,右下角:
This should give an output with the list of groups and the corresponding description:这应给予一个输出与团体的名单和相应的说明:
R - Registry, StartPage/SearchPage changes r -注册表,起始页/ s earchpage变化
R0 - Changed registry value R0的-改变注册表值
R1 - Created registry value R1的-创建注册表值
R2 - Created registry key R2的-创建注册表项
R3 - Created extra registry value where only one should be R3的-创造额外的注册表值的地方只有一个,应
F - IniFiles, autoloading entries f -i nifiles, a utoloading作品
F0 - Changed inifile value f0 -改变i nifile价值
F1 - Created inifile value F1的-创造价值i nifile
F2 - Changed inifile value, mapped to Registry F2的-改变i nifile价值,映射到注册表
F3 - Created inifile value, mapped to Registry于F3 -创造i nifile价值,映射到注册表
N - Netscape/Mozilla StartPage/SearchPage changes -网景/ M ozilla的起始页/ s earchpage变化
N1 - Change in prefs.js of Netscape 4.x的N1 -改变在p refs.js的N etscape4 .x版本
N2 - Change in prefs.js of Netscape 6氮气-改变在p refs.js的N etscape6
N3 - Change in prefs.js of Netscape 7 N3的-改变在p refs.js的N etscape7
N4 - Change in prefs.js of Mozilla n4 -改变在p refs.js的M ozilla
[... [ ... so on...]因此,对... ]
Be warned: this tool lets you remove everything including the good software. It doesn’t identify which is good or bad, rather it let’s you find and pinpoint what you think is the offending software and with that information, you can remove it. Do not remove the item if you are not sure.被警告:此工具可让您消除一切,包括良好的软件,它并不是确定哪个是好还是坏,而是让您找到并针对什么,你认为是违法的软件和与信息,您可以将它移除。不要删除该项目如果您不能确定。
After identifying the culprit, check the box beside them and click Fix checked :后查明罪魁祸首,勾选旁边的他们,并点击一下修复检查 :
It will prompt with a warning, so again please be careful , after hitting Yes there is no turning back:它会提示与警告,所以再次请小心 ,此前曾触及是有没有回头:
The next part is the System Settings Change window, this will restart your computer (needed to remove the service and maybe the registry entry). Click Yes to restart the computer.未来的一部分,是系统设置改变窗口,这将重新启动计算机(需要移除的服务和可能的注册表项) 。单击是,重新启动计算机。
After that, you are done. The annoying software that you “fixed” should be gone. The HijackThis tool is recommended for users that want to take control of the processes on their computer. It can also be an effective analysis tool to determine serious security breaches like a之后,您是这样做。恼人的软件你“固定”应了。了HijackThis工具,建议用户要采取控制的过程在他们的电脑上,它也可以是一种有效的分析工具来确定严重的安全违反像 keylogger 键盘记录程序 . 。
Ben Carigtan is a new contributor writer. A Software Engineer with more than 7 years of technical experience, he will be writing articles covering practical advices and tips for computer users. 本carigtan是一个新的投稿作家。软件工程师以上七年的技术经验,他将撰写文章,涵盖实际的意见和建议电脑用户。
If you enjoyed this post, make sure you 如果您喜欢这个职位,请务必 subscribe to my RSS feed 订阅我的RSS馈送 ! !
» Filed Under »提交下 Cool Websites酷网站
Related Posts相关文章
- An introduction to the Windows XP Task Manager: Processes, Programs, and Performance - Part 2介绍了Windows XP的任务经理:进程,程序和性能-第2部分
- An introduction to the Windows XP Task Manager: Processes, Programs, and Performance - Part I介绍了Windows XP的任务经理:进程,程序和表现-第一部分
- How to fix svchost.exe errors and problems with high CPU usage如何解决此问题的Svchost.exe错误和问题,与CPU使用率过高
- What is Sonic Update Manager and how to remove it什么是声波更新经理,以及如何将它移除
- Want more information on your Windows XP processes?您想了解更多信息对您的Windows XP的过程?
Wow, nicely done on the presentation.哇,好做了简报。 HiJack this is truly a great program.劫持,这才是真正的伟大纲领。 TrendMicro was smart to buy it up.趋势是精明的购买。
Doug, Thanks!道格,谢谢! Yep, TrendMicro did a good move on acquiring it. yep ,趋势做了好棋就收购它。 I remember I used this software to remove a registry that keeps on changing my homepage.我记得我用这个软件删除注册表中不断改变我的主页。 Hopefully this will be useful to other users as well.希望这将是有益的其他用户,以及。