【推荐】推荐一篇文章,很有看头,可惜是英文的,有原文链接
原文链接:
http://www.hijackthis-forum.de/showthread.php?t=1760welcome to HijackThis.de Support Board
Do you need some help and no helper is online?
You don't know what to do with this viruses on your computer and there is no one you can ask?
Well, just for you I have written this First-Help-Tutorial. Reading this, you will learn how to help yourself. We will come back soon and see that you already have done your best.
First of all, you should visit this page: English-Help. Have you already been here? Ok. So you know more about Hijack This. But you don't know anything about how to get rid of your problem, right? Well, you can read this: Security Tips. Are you afraid that your problem is so great that you will have to format your system? On this Board we try to do our best that no one must format a system. Sometimes it's not possible to avoid formatting. But in the most cases we succeed in giving help.
So let's find out, what we can do for you, dear Guest.
Please visit Know how - HijackThis to learn more about our Board, our Team and about the way we want you to post your logfiles.
Please post your HijackThis-Logfile to your own new thread on the English-Board. Now, come here and browse your HijackThis Logfile from your computer into the window of the Analysis. Well, now you will see some different symbols:
- - -
If you have red and yellow symbols in your HijackThis Logfile, you may already begin with the first steps, until someone of us comes back to help you.
STEP 1
Make sure you set windows to see the hidden files and folders.
Note: Using Windows XP or ME:
Having cleaned up your system you must do this: turn off System Restore. Right-click My Computer. Click Properties. Click the System Restore tab. Check Turn off System Restore. Click Apply, and then click OK. Reboot. Turn System Restore Back On. Right-click My Computer. Click Properties. Click the System Restore tab. UN-Check *Turn off System Restore*. Click Apply, and then click OK.
The first thing you can do, as you have got some malware on your system, is: turn your system back to an earlier System Restore Point. It can help you to get rid off all the malware without doing anything else.
STEP 2
Please let us begin to clean up your system.
Create some new directories (folders) - Windows Tutorial)
C:\download
C:\bases
C:\badthings
STEP 3
Load down this security software for free to C:\download:
zipgenius (if you have no zip-tool)
Disk Cleaner
eScan
Spybot Search and Destroy (install and update it)
Ad-Aware SE and the Add-ons (VX2 Cleaner) (install and update it)
SpywareBlaster to protect your Browsers (install and update it)
Autostart Viewer
Winpooch
CWShredder (install and update it)
DElLATER.ZIP install it to your desktop!
STEP 4
Run now first the DElLATER.exe on your system.
Don't wonder. Nothing happens. You must only click "ok". That's all. That's ok.
DelLater is the ideal program to use when you can't delete a file, no matter how hard you try.
STEP 5
Close down all programs, all windows including the Internet Explorer.
Run CWShredder Put a Checkmark to Move CWS Files found .. ->Fix!
STEP 6
Run the Disk Cleaner
Have a look to the screenshot. Set a checkmark to every item you want to clean:
Temporary Internet Files and Temporary System Files, Cache, History and Prefetch (WindowsXP) must be cleaned up.
Clean up as much folders as you can clean.
Note: Every time you have finished your work on the Internet, please clean up your system with one of the Cleaning-Tools you can find here: Free Helper Tools
Don't shut your system down without having cleaned up the traces of the Internet. This will help you to avoid problems.
STEP 7
(MUST!)Turn to safe mode
STEP 8
a) Run Ad-Aware SE - Tutorial
All red Items must be green ones. Please use the VX2 Cleaner.
Take a Full System Scan. Let the program delete everything it finds.
It's finished? Well, then......
b) Run Spybot Search and Destroy - Tutorial
Put a checkmark into all boxes.
Let the program delete everything it finds. Get the immunication for your system.
Turn your system back to Normal Mode.
STEP 9
(Either STEP 9 or STEP 10 -> you don't need to do both STEPs, because the eScan works with the same signatures as KAV does)
Run the eScan. As you open this link you will learn all about how to work with the famous eScan and how to get rid off the malware found on your system without that you need to buy this program.
STEP 10
(Either STEP 10 or STEP 9 -> you don't need to do both STEPs, because the eScan works with the same signatures as KAV does)
As you have got some worms and trojans on your system, you may want to load down a free Trial version of www.kaspersky.com (KAV). Update the program online.
NOTE: you may not run two AV-Programs with On-Access-Scanners at the same time. Please disable your own AV-Program using KAV. Otherwise your system could crash.
Now turn off your computer and remove the network cable/phone line from your machine. Reboot your computer into Safe Mode Scan your system with Kaspersky in Safe Mode. Let the program delete everything it finds. Save the logfile or copy all information about everything what has been deleted by KAV and paste it to you thread.
STEP 11
Having done all of this, you have done a lot. And now you have lost a lot of your problems, don't you? Please don't leave us. Scan your system online for free: Free Online-Scans
You will find Online-Scans for all kinds of malware. Please use minimally three different Online Scans, because they all work with different signatures. May be one Online Scan finds something else than the other one. That's normal, that's ok. Take FullSystemScans and allow the Online-Scans to delete all malware they find. Save the logfiles.
May I give you the advice to scan your system at first with:
* http://housecall.trendmicro.com or housecall.trendmicro for NOT-IE
* Panda ActiveScan
* http://bitdefender.com/scan/licence.php
As you want to know which threats are still left on your system, please control it with the
Kaspersky Online Scanner
Please reboot your system everytime when one scan is finished. You will have to allow ActiveX and set your IE settings to Standard for scanning online. The Panda Scan needs about 2 hours to do his work. Post all the results to your thread. You may want to take the "edit" or "ändern" Button to edit your postings.
Don't forget to configure the IE with these Settings when the Online Scans are finished.
Do you want to scan only one file for free?
o virusscan.jotti.dhs.org
o Virustotal
o www.kaspersky.com
o www.virus112.nu
o IKARUS Free Online-Scanner
o Dr.Web® anti-virus-scan
o clamav online specimen scanner
Report all the results into your thread on Board.
Also if you belong to those ones who have got problems whith Pop-Ups and Promotion what means that you have some kinds of malware on your system, mostly ad- or spyware, you may want to have a look to this Thread because you will find there many different programs helping you to get rid off many Pests:
- Free Ad- and Spyware Protection Tools
Don't forget the Online-Scans against Ad- and Spyware:
- Free Online-Scans for Ad- and Spyware
Are you looking for a Remover for some kind of a very dangerous malware? You will find a list of different Removers here:
- Malware Removal-Tools.
Please click onto the links to get more information.
Can't you find these strange programs and processes of your system anywhere? Only if you are not able to find back these files anywhere else, because it is really new malware, please use:
Upload malicious software
.
Do you need a Scout on our Board? Find it here:
- Remover, AV, Ad-/Spyware.
STEP 12
Please visit Microsoft's windowsupdate site to load down the newest version of the service pack (Windows XP SP2): www.windowsupdate.com-SP2, please run the intern firewall of SP2. You can also visitwww.windowsupdate.com. Note: it's very important that Windows and the Internet Explorer are updated with all patches and with all Updates. Take once more a look here:Security Tips. Did you know that there are programs to make the Internet Explorer more safe? Did you know about alternative Browsers which avoid all these troubles you have? Please have a look to the Free Helper Tools where you can find alternative Browsers, secure Messenger Programs and even a secure MP3 Player. You can already begin to load down all these things which you must have to surf safely on the WorldWideWeb.
Do you want to know more about these strange files on your system? You can find some information here:
- ProcessLibrary
- I am not a geek
- Processes in Windows NT/2000/XP
- Google
Did you found out that you need an AntiVirus but you have no one? There are AntiVirus Programs for free, with On-Access-Scanners. You need one of these programs running in the background as you are working online. They can protect your work. But you need to configure these programs. Take the settings to delete malware. Don't forget to clean up the content of the Quarantine-Folders as Malware has been removed into these folders. Find all information about AntiVirus Programs, Freeware and Trial Versions here:
- Anti-Malware (free)
Do you know that you need a well configured Firewall running on your system?
You can get all information about Firewalls here:
- Firewalls & Information.
Please don't forget: You are the one who must protect his system. Programs can help you. But as you don't know anything about the risks on the Internet, your programs are not able to protect you. Please read:
Why did I get infected in the first place.
So how did I get infected in the first place?.
Well, by the moment I'm not able to do more for you.
