How to remove spyware using HijackThis如何刪除間諜軟件使用HijackThis
Posted on June 23, 2008 at 5:05 am張貼於2008年6月23日在上午05時05分
Are you getting unusual system slowdown ? Have you tried scanning your computer with an antivirus and cleaned up your hard disk but still no effect? Is your browser too crowded with silly add-ons that your favorite niece mercilessly installed on your home computer?您是否獲得不尋常的系統放緩 ?您是否嘗試過掃描您的計算機防病毒和清理您的硬盤,但仍然沒有效果呢?是您的瀏覽器過於擠迫,與傻的加載項您最喜愛的侄女,無情地安裝在您的家用電腦呢?
Stop pulling you hair.停止拉你的頭髮。 Your computer could be infested by malware, adware or just plain annoying but hard to remove software that your antivirus or personal firewall software failed to detect. Nowadays it is easy to be infected with these sort of software because they come in with legitimate software installers like a hardware device driver or a media player.您的計算機就可能受到感染,由惡意軟件,廣告軟件或只是平原,但惱人的努力,以消除軟件 ,您的防病毒或個人防火牆軟件無法被偵測到。今時今日,這是容易被感染這類軟件,因為他們來在與合法的軟件安裝一樣硬件設備的驅動程序或媒體播放器。
Canon printers for example come in with a “bonus” software like Easy-WebPrint that supposedly lets you print web pages using your browser. I can do that with just a plain print button on the browser, thank you very much Canon. If you think Canon is bad for trying to give you this stuff, HP is even worse - the HP utility software run even when you are not printing, scanning or browsing anything!佳能印表機,例如來,在與“紅利”軟件一樣,容易webprint認為,假定可讓您打印網頁,請使用瀏覽器,我可以這樣做,只是一種樸素的打印按鈕,就瀏覽器,非常感謝你佳能。如果你認為佳能是壞試圖給你這種東西,惠普是更壞-惠普實用軟件來說,即使您沒有印刷,掃描或瀏覽什麼!
Apple also loves to bundle their Itunes software with modules you don’t need like the蘋果公司還喜歡捆綁其iTunes軟件模塊您不需要像 Apple mobile device service 蘋果電腦的移動設備服務 , can’t they wait until I am able to buy an iPhone before they enable this software in my computer? These unuseful crapware hogs memory and CPU utilization thereby slowing the overall system performance. ,他們不能等到我能買到一擁有前,他們使這個軟件在我的電腦嗎?這些unuseful crapware豬記憶體和CPU利用率,從而減緩了整體系統性能。
Usually, if we want to kill a process we go to the Windows Task Manager. But we all know that the Task Manager just lets you stop processes and not remove them - they will still comeback and run once you reboot or open a program that calls the process. Uninstalling the software using Add/Remove Programs on the control panel could also be a non-option since most of the time there is no way you can uninstall a component without uninstalling the whole thing - you don’t want to have a printer without a driver right?通常,如果我們想要殺害的過程,我們去到Windows任務管理器,但我們都知道,現在的任務管理器只是可讓您停止的過程,而不是刪除他們-他們仍會東山再起,並運行一旦您重新啟動或打開一個程序,要求這一進程。卸載軟件使用添加/刪除程序對控制面板,也可以一個非選項以來,大部分的時間是沒有出路的,您可以卸載的一個組成部分,沒有卸載整個事情-你不想有一個打印機沒有一個司機的權利?
An answer from the Trend Micro Group came when they gave the freeware called答案從趨勢科技組來到時,他們給所謂的免費 HijackThis 和HijackThis . Download.com gave it a perfect 5 star rating and is tested spyware free. This tool lets you scan the registry and hard drive and lists down everything so you can pick and “fix” what you think is bad. 。 download.com了一個完美的5星評價和測試間諜軟件免費,這工具可讓您掃描註冊表和硬盤驅動器,並列出了下來,一切使您可以挑選和“修正”你認為什麼是壞。
Scanning your computer with HijackThis is simple, open it, click “Do a system scan and save a logfile” and wait until it finishes scanning:掃描您的計算機和HijackThis很簡單,打開它,點擊“做了系統掃描並保存日誌文件” ,並等待它完成掃描:
A sample scan result is shown below:樣本掃描的結果是,如下所示:
At first this could look too complicated but it’s not. The coded groups like R1, R0, O2, O3 at the beginning of each entry is just the group or type of entry. To see the description of each group click the Info… button on the lower right corner:首先,這可以看太複雜,但它不是。編碼團體,例如R1的, R0的,氧氣,臭氧在每年年初進入,只是該集團或類型的項目。看到的描述,每組按一下信息…按鈕,右下角:
This should give an output with the list of groups and the corresponding description:這應給予一個輸出與團體的名單和相應的說明:
R - Registry, StartPage/SearchPage changes r -註冊表,起始頁/ s earchpage變化
R0 - Changed registry value R0的-改變註冊表值
R1 - Created registry value R1的-創建註冊表值
R2 - Created registry key R2的-創建註冊表項
R3 - Created extra registry value where only one should be R3的-創造額外的註冊表值的地方只有一個,應
F - IniFiles, autoloading entries f -i nifiles, a utoloading作品
F0 - Changed inifile value f0 -改變i nifile價值
F1 - Created inifile value F1的-創造價值i nifile
F2 - Changed inifile value, mapped to Registry F2的-改變i nifile價值,映射到註冊表
F3 - Created inifile value, mapped to Registry於F3 -創造i nifile價值,映射到註冊表
N - Netscape/Mozilla StartPage/SearchPage changes -網景/ M ozilla的起始頁/ s earchpage變化
N1 - Change in prefs.js of Netscape 4.x的N1 -改變在p refs.js的N etscape4 .x版本
N2 - Change in prefs.js of Netscape 6氮氣-改變在p refs.js的N etscape6
N3 - Change in prefs.js of Netscape 7 N3的-改變在p refs.js的N etscape7
N4 - Change in prefs.js of Mozilla n4 -改變在p refs.js的M ozilla
[... [ ... so on...]因此,對... ]
Be warned: this tool lets you remove everything including the good software. It doesn’t identify which is good or bad, rather it let’s you find and pinpoint what you think is the offending software and with that information, you can remove it. Do not remove the item if you are not sure.被警告:此工具可讓您消除一切,包括良好的軟件,它並不是確定哪個是好還是壞,而是讓您找到並針對什麼,你認為是違法的軟件和與信息,您可以將它移除。不要刪除該項目如果您不能確定。
After identifying the culprit, check the box beside them and click Fix checked :後查明罪魁禍首,勾選旁邊的他們,並點擊一下修復檢查 :
It will prompt with a warning, so again please be careful , after hitting Yes there is no turning back:它會提示與警告,所以再次請小心 ,此前曾觸及是有沒有回頭:
The next part is the System Settings Change window, this will restart your computer (needed to remove the service and maybe the registry entry). Click Yes to restart the computer.未來的一部分,是系統設置改變窗口,這將重新啟動計算機(需要移除的服務和可能的註冊表項) 。單擊是,重新啟動計算機。
After that, you are done. The annoying software that you “fixed” should be gone. The HijackThis tool is recommended for users that want to take control of the processes on their computer. It can also be an effective analysis tool to determine serious security breaches like a之後,您是這樣做。惱人的軟件你“固定”應了。了HijackThis工具,建議用戶要採取控制的過程在他們的電腦上,它也可以是一種有效的分析工具來確定嚴重的安全違反像 keylogger 鍵盤記錄程序 . 。
Ben Carigtan is a new contributor writer. A Software Engineer with more than 7 years of technical experience, he will be writing articles covering practical advices and tips for computer users. 本carigtan是一個新的投稿作家。軟件工程師以上七年的技術經驗,他將撰寫文章,涵蓋實際的意見和建議電腦用戶。
If you enjoyed this post, make sure you 如果您喜歡這個職位,請務必 subscribe to my RSS feed 訂閱我的RSS饋送 ! !
» Filed Under »提交下 Cool Websites酷網站
Related Posts相關文章
- An introduction to the Windows XP Task Manager: Processes, Programs, and Performance - Part 2介紹了Windows XP的任務經理:進程,程序和性能-第2部分
- An introduction to the Windows XP Task Manager: Processes, Programs, and Performance - Part I介紹了Windows XP的任務經理:進程,程序和表現-第一部分
- How to fix svchost.exe errors and problems with high CPU usage如何解決此問題的Svchost.exe錯誤和問題,與CPU使用率過高
- What is Sonic Update Manager and how to remove it什麼是聲波更新經理,以及如何將它移除
- Want more information on your Windows XP processes?您想了解更多信息對您的Windows XP的過程?
Wow, nicely done on the presentation.哇,好做了簡報。 HiJack this is truly a great program.劫持,這才是真正的偉大綱領。 TrendMicro was smart to buy it up.趨勢是精明的購買。
Doug, Thanks!道格,謝謝! Yep, TrendMicro did a good move on acquiring it. yep ,趨勢做了好棋就收購它。 I remember I used this software to remove a registry that keeps on changing my homepage.我記得我用這個軟件刪除註冊表中不斷改變我的主頁。 Hopefully this will be useful to other users as well.希望這將是有益的其他用戶,以及。