منتديات فرسان الثقافة - Powered by vBulletin

banner
النتائج 1 إلى 3 من 3

العرض المتطور

  1. #1
    صيدلانية/مشرفة القسم الطبي
    تاريخ التسجيل
    Feb 2009
    المشاركات
    2,020

    موقع جميل لصيانة الحاسوب...


  2. #2
    صيدلانية/مشرفة القسم الطبي
    تاريخ التسجيل
    Feb 2009
    المشاركات
    2,020

    رد: موقع جميل لصيانة الحاسوب...

    هذه ترجمة سريعة على محرك ياهو لرابط الصفحة...

    Outils gratuits ;
    Nos outils et services gratuits et nos outils en ligne... ; Antivirus ; Antivirus pour 1 fichier ; HotFix virus ; Anti-hoax ; Anti-spywares ; Scan de failles ; Scan de vos retards de mises à jour ; Scan de ports ; Scan anti-publicités ; Rage anti-spam ; Code / décode (base 2 8 10 16 64 utf8 escape unicode IP JS...) ; Trucs à DNS (Whois, IPWhois, IPHosting...) ; Décontamination et boîte à outils pour HijackThis ; Tests et mesures de vitesses ; Proposer un outil ;
    Télécharger ;
    Téléchargez, testez... ; Télécharger : La logithèque classée par produit ; Télécharger : La logithèque classée par éditeur ; Télécharger : La logithèque classée par familles ; Télécharger : L'alternathèque et la Freethèque ; Télécharger : Téléchargements spéciaux ; La Crapthèque : Les logiciels suspects ou crapuleux ; Proposer un téléchargement ;
    Liens ;
    Des sites et des forums dignes d'interêt... ; Sites et forums de sécurité informatique ; Sites et forums Vie Privée ; Matériel informatique - pilotes... ; Services "Abuse" ; Porter plainte ; La langue française ; Sites amis et sites d'amis ; Lastminute.com Vacances moins chères ; Emploi, Job, CV ; Vivre à moitié prix ; Liens divers ; Téléphones d'urgences ; Proposer ou corriger un lien ;
    Chercher ;
    Moteur interne ; Google ; Donations ;
    Ce site ne vit que par vos dons ; Dons avec Paypal ; Autres moyens ; Remerciements ; Proposer quelque chose ;



    Manipulation
    Manipulation
    More:



    EnSavoirPlus






    The Manipulation is a procedure manual, free, which we developed in order to

    to decontaminate a PC under Windows when it undergoes an attack of boot (attacks placing itself in the launching phase of Windows, generally of Hijacker type)


    to install a whole of free preventive tools and corrective measures so that does not reproduce


    to stop repeating without stop the same answers to all the Net surfers in distress on all the forums
    You are encouraged to diffuse this address - the MANIPULATION with http://66.196.80.202/babelfish/trans...Fla_manip.html
    Not to recopy this page which evolves very quickly but to point to it.

    Stages of the Manipulation

    Preliminary precaution with the utility pseudos of safety

    Preliminary precaution with the corruption of components of Windows

    Order SFC
    Preliminary precautions with Internet Explorer and OutLook and Windows Media Player

    Empty the mask of Internet Explorer
    Erase the history of the visited bonds
    Decontaminate ActiveX controls
    Decontaminate the iFrames
    Decontaminate the illicit recovery of the contents of the clipboard
    Preliminary precaution with the traces

    Preliminary precaution with the explorer of Windows

    See the files and files hidden in the explorer of Windows
    Stage 1 - To negotiate the case CWS.SmartKiller

    Stage 2 - To pass the machine to the antivirus

    With your antivirus
    With an antivirus on line (on-line)
    Stage 3 - To install, regulate and use SpyBot Search & Destroy

    SSD_01 - Download SpyBot Search & Destroy
    SSD_02 - Launch SpyBot Search & Destroy
    SSD_03 - Initial loading of SpyBot Search & Destroy
    SSD_04 - TeaTimer - the resident real-time of SpyBot Search & Destroy
    SSD_05 - Choice of the language of SpyBot Search & Destroy
    SSD_06 - Choice of the behavior of SpyBot Search & Destroy
    SSD_07 - Updates of SpyBot Search & Destroy
    SSD_08 - Vaccination of Internet Explorer with SpyBot Search & Destroy
    SSD_09 - SDHelper, the Blocker of SpyBot Search & Destroy
    SSD_10 - Revelation of the tools of SpyBot Search & Destroy
    SSD_11 - Control harmlessness of ActiveX with SpyBot Search & Destroy
    SSD_12 - Control harmlessness of BHOs with SpyBot Search & Destroy
    SSD_13 - Installation of a file hosts with SpyBot Search & Destroy
    SSD_14 - Control integrity of the LSPs Winsock with SpyBot Search & Destroy
    SSD_15 - Adjustments of IE - IE Tweaks with SpyBot Search & Destroy
    SSD_16 - Opt-Out de SpyBot Search & Destroy
    SSD_17 - Selection of all the modules of SpyBot Search & Destroy
    SSD_18 - Preserve some cookies with SpyBot Search & Destroy
    SSD_19 - To launch the scan suppressor with SpyBot Search & Destroy
    SSD_20 - To analyze the scan produces by SpyBot Search & Destroy
    Stage 4 - The case of the gangster gang CoolWebSearch

    Stage 5 - To regulate the problem of the hijackers

    Stage 6 - To regulate the problems of the virtual machine Java of Microsoft

    Stage 7 - To apply the entirety of the patchs of safety

    Stage 8 - Adjustments of confidentiality of Windows with XP-Antispy

    Stage 9 - Adjustments of confidentiality of Windows with Safe XP

    Stage 10 - To supervise the list of starting

    Stage 11 - optional - inhibition of the toolbars, without eradication

    Stage 12 - DLLs of the AppInit_DLLs key


    Stage 13 - To clean the points of restoration

    To include/understand the security issues induced by the points of restoration
    To activate - To decontaminate - To reactivate the points of restoration in Win XP
    To activate - To decontaminate - To reactivate the points of restoration in Win Me
    Epilogue - Firewall; Antivirus and anti-spam

    There remains a concern?

    To produce a log HiJackThis

    Preventions complementary (quasi obligatory)

    Récap with the helpers, victims of HiJacks and attacks of Boot (Attack Boot)



    --------------------------------------------------------------------------------
    Manipulation

    Preliminary precaution with the utility pseudos of safety

    Danger attention: Very many utilities allegedly of safety are Trojan horses embarking of the parasites. Perhaps you installed one in all bona fide of them. Assiste.com invites you to check, on this list of the false utilities of safety, if you do not use one of these very many alleged anti-spywares or anti-adwares or antiviruses which are trojans embarking one or more parasites to install them on your discs.


    Preliminary precaution with the corruption of components of Windows

    If Windows announces you a corrupted component or if you systematically have an error message during the use of a Windows component (and to ensure you and reassure you), launch order SFC, in mode “invites of order”. You must have your CD-ROM Windows introduced into a reader of CD-ROM.

    SFC: Inspector of the files Windows (System Checker Files)
    Check the protected system files (FSP) and replaces the files of incorrect version by the correct versions Microsoft. Require the original CD-ROM of Windows so certain healthy components are not present on your hard drive in an protected area of Windows (file DLL Hides) where are stored the healthy versions.

    The use to be made some here is simply to open a window of invites of order
    To start > All the programs > Additional > Invites of order
    Type sfc /scannow (Respect the space character between sfc and /scannow).
    Press on the “Entered” key and await simply the end of the analysis. A bar of progression informs you of the state of progress of the work.


    Fenestrate invites of order and order to be typed.


    Bar progression of the state of progress of the work. This work can last
    from 5 to 10 minutes and slows down other work considerably.


    SFC requires, sometimes, to find an original of a component on your CD-ROM Windows.


    Preliminary precaution with Internet Explorer and Outlook and Windows Media Player

    You are under Internet Explorer? The best solution consists never again not to use Internet Explorer and to prefer to him, by far, Mozilla Firefox. Install Firefox and have navigation much more convivial, reliable, completely respectful of standards of Internet, more fast, up to date, without dangers of BHOs, without catastrophes of ActiveX, with navigator with source codes public (open source), supported by all actors of Internet, multi platform, opened with plugins of third parties, made safe etc… majority from attacks from boot you are victim and who make that you are here, in “the Manipulation”, at this moment, comes from the use of Internet Explorer.


    At all events, if you used Internet Explorer, empty the temporary masks and files. To decontaminate ActiveX, iFrames, joining…

    Launch Internet Explorer (this can be done except connection) and made:
    IE > Tools > Options > “General” Mitre


    Empty the mask of Internet Explorer.
    Click on “Removing the files” by notching the box “To remove all the contents except connection”


    Erase the history of the visited bonds.
    Click on “erasing the history”


    Decontaminate ActiveX controls.
    Internet Explorer > Tools > Options Internet > Mitre Safety > To decontaminate ActiveX controls - manipulation in images on this page.


    Decontaminate the iFrames.
    Internet Explorer > Tools > Options Internet > Mitre Safety > Internet > To personalize the level > Decontaminate “Launching of the programs and the files in a iFrame” - manipulation in images on this page.


    Decontaminate the illicit recovery of the contents of the clipboard
    Internet Explorer > Outils > Options Internet > Onglet Safety > Internet > Personnaliser the level > Désactivez “To allow the operations of joining via script” (Or select “To ask” what enables you “to trace” those which try to make use of it).


    Is your mail system OutLook (or Outlook Express)? Its operation in infernal couple with Internet Explorer makes your system vulnerable. Useless to try to parameterize it to harden it. Replace it by Thunderbird, the tool of transport of the Mozilla foundation, developed in the same spirit as Firefox. Thunderbird is recent a open-source application, whose programmers of the whole world could peeled the code and to improve from day to day it, contrary to OutLook which is a product owner, old man, not very convivial and made up of a collection of successive layers of corrective measures to its security breaches then corrective measures with corrective measures etc… Lire the article “Thunderbird” of Arobase.org.


    You use Windows Media Player, installed manu-militari by Microsoft in all Windows, like system of reading of files media? It is about the one of the supers spies of Microsoft intended for completion to encircle you (profiling, numerical management of rights (DRM) used in system of alignment, etc…) and which allows, via faults and with formats ASF, the remote code execution. Start with him to prohibit any access to the Net by blocking it in your fire wall (see further if you do not have a fire wall yet). Then, replace it by an alternative like WinAmp or the free product and in French VideoLAN (VLC media player) or MPC - Media Player Classic also in public licence.


    Preliminary precaution with the traces

    Before passing to the analysis of your system, its decontamination then its hardening, start by cleaning it of all the files useless, temporary, succeptibles traces of activities to be exploited by profileurs etc… who trail a little everywhere and some contain, precisely, of the parasites. For a complete and automatic cleaning, including if you use other navigators that Internet Explorer, install and use now a cleaner general practitioner, CCleaner (CrapCleaner). In particular, this last is likely to opportunely destroy temporary files containing of the viruses and other parasites.


    To empty the mask of your DNS:
    To start > To carry out > ipconfig /flushdns



    Preliminary precaution with the explorer of Windows

    You will have to seek files and files in your repertories. By defect, a sedentary provision of Windows masks a good part of the files and files when you use Windows Explorer (the explorer of Windows). Not to be likely to pass beside a required object:

    Explorer of Windows

    See the files and files hidden in the explorer of Windows:

    To start > All programs > Additional > Exploring > Tools > Options of the files > Posting
    In hidden Files and files, to select “To post the hidden files and files”.
    To mask the extensions of the files whose type is known SHOULD NOT BE STAGE COACH
    To mask the files protected from the operating system SHOULD NOT BE STAGE COACH
    Click on “Applying to all the files” and pass in addition to the message of warning statement of Windows.
    Click on Appliquer "
    Ok
    To close the window

    This adjustment must be preserved definitively.


    Stage 1 - To negotiate the case CWS.Smartkiller

    To make sure that there is not a parasite, known under the name of CWS.Smartkiller, which blocks the use of many safety programs and blocks the access to several sites of safety. It is an alternative (CoolWWWSearch.SmartKiller (v1 and v2) - January 2004) of the family of CoolWebSearch parasites which closes several anti-spywares and anti-Trojan automatically each time you open them and who closes even the windows of your navigator when you go on the sites of these anti-spywares and anti-trojans. If you are in this case:

    Download and carry out initially miniremoval_coolwebsearch_smartkiller (http://www.safer-networking.org/files/delcwssk.zip) of Patrick Kolla (the author of SpyBot Search and Destroy, also aimed to him by this parasite). If the official site is inaccessible, a copy is available here.
    Cut: 51.2 KB (52 461 bytes)
    MANDELEVIUM - c7ad54938c7c0b19492628e7cead01e5
    SHA1 - 7e99a586ed7d41b26c75a5cc993c8b67ff7f738f
    It is a whole little program zippé (the .zip is called delcwssk.zip and the utility to be carried out, once decompressed, is called “miniremoval_coolwebsearch_smartkiller.exe” (Patrick Kolla! why make simple when one can make complicated!!!). Direct execution - there is no phase of installation.

    If “miniremoval_coolwebsearch_smartkiller.exe” tells you “CoolWWWSearch.SmartKiller (v1/v2) has not been found one your system” it is that all is well, if not, it destroys it.




    Stage 2 - To pass the machine to the antivirus and the antione

    To make sure that there is not/more known viruses.

    If you have an antivirus installed (antivirus free or antivirus commercial)
    Proceed to the update of its base of signatures
    Scannez and disinfect.
    Start again the computer


    If you do not have an antivirus installed,
    you can, with the choice:


    to use an antivirus on line (free)

    You can use, for more safety, a navigator different of Internet Explorer (install and use Mozilla Firefox) with Java installed (you will use, at this time there, the antivirus on line of Trend which is written in JAVA, if not you will have unfortunately to use Internet Explorer with activated ActiveX Controls.

    To carry out one or more antivirus on line.

    Start again the computer


    to use a free antivirus: you can install Antivir and parameterize it as follows: http://speedweb1.free.fr/frames2.php?page=tuto5


    To make sure that there is not/more nonviral parasites (trojans etc…) known.
    In all the cases, use anti-spyware Ewido.
    If you have anti-trojans installed (anti-trojans free or anti-trojans commercial)
    Proceed to the update of its base of signatures
    Scannez and disinfect.
    Start again the computer


    If you do not have the antione not installed,


    you can use anti-trojans on line (free)

    You can use, for more safety, a navigator different of Internet Explorer (install and use Mozilla Firefox) with Java installed (you will use, at this time there, the antione in line of PC Flank - Trojans Test, if not you will have unfortunately to use Internet Explorer with activated ActiveX Controls.

    To carry out one or more anti-trojans on line.

    Start again the computer


    you must to install and to use Ewido anti-spyware (a commercial tool which is completely functional during 30 days) and to analyze all your system with.


    Stage 3 - To install, regulate and use SpyBot Search & Destroy
    In this stage, we will start to seek the parasites and to eliminate them (curative phase). We could implement several utilities specialized to seek and eliminate several forms from parasites. Let us remain simple and sparing in this standard manipulation by implementing a utility “all in” free which, if it as does not go far as the others in each field, approaches them all (or almost).
    Consequently occasion, this utility allows a preventive protection, phase which almost all the commercial utilities are unaware of, so that the corrected problem does not reproduce any more.

    If you make a point of using the best tools, there exist very pointed commercial utilities in each field and the tool major, by far best, which approaches them all, PestPatrol, which you can acquire on line and use immediately.


    If one remains in the free one, this stage is vast and comprises the use of SpyBot Search & Destroy with digression towards each alternative, also free and more powerful, with each function approached by SpyBot. Are thus implemented, in this stage:


    SypBot Search and Destroy
    SpywareBlaster
    SpywareGuard
    LSPs Fix
    To follow the directions for use of SypBot Search and Destroy on this page.

    You can now leave SpyBot Search & Destroy

    Stage 4 - The case of the gangster gang CoolWebSearch
    To deal personally with the case CoolWebSearch. It is about a vast family of hijackers (usurping) which has jointly to exploit the ByteCodeVerifier security breach of the virtual machine Java from Microsoft. Some affiliated in CoolWebSearch use another security breach, JS.Exception.Exploit, against which Microsoft published a patch. We will recommend to you, a little low, to change virtual machine Java for more stability and of reliability. It is not used for nothing to correct the problem here if the cause of the problem is not éradiquée.

    CoolWebSearch, general case


    Download CWShredder which does not require an installation
    Close all your authorities of Internet Explorer
    Close all your authorities Windows Explorer
    Close all your authorities of Notepad
    Close all your authorities of MediaPlayer
    Launch the execution of CWShredder
    Start by making an update while clicking on the button “Check for update”
    Click on the button “Fix” and to await 1 to 2 minutes.

    Click on the button “Exit”


    CoolWebSearch, particular case: Realyellowpage (CWS.Realyellowpage)
    If your Internet Explorer starts on the sites CoolWebSearch real-yellow-page.com, drxcount.biz, list2004.com or linklist.cc (but there can be the other unknown ones to date) to carry out the procedure of eradication of Realyellowpage (CWS.Realyellowpage).


    Stage 5 - To regulate the problem of the hijackers
    The “Hijack” is a usurpation (of your adjustment of the page of starting of your navigator, of your adjustments of your navigator, blockings and/or redirections encrusted in your file host etc…). It is necessary to deal with the hijackers which modify the adjustments and make so that to the launching of your navigator you are directed towards a site of their choice instead of your choice. All was known as on the hijackers and the antiones thus to see these pages:

    Hijackers to know of what speaks about it
    Anti-hijackers to correct and to secure themselves some

    If you use Internet Explorer and that this one prevents you from going on certain sites of safety, it is possible that modifications were made to the zones confidences and the zones of restriction of Internet Explorer. Use DelDomains.

    Stage 6 - To regulate the problem of the virtual machine Java of Microsoft
    To replace the virtual machine Java of Microsoft by that of the originator of Java, Sun. That one, at least, respects by the force of the things, the Java standard.

    Since Service Pack 1a (SP1a) for Internet Explorer and Windows, published on February 3, 2003, Microsoft withdrew its Virtual Machine Java (Java Virtual Machine - JVM) and does not support it more (more maintenance nor of update) and recommends to use that of SUN. Moreover the lawsuit lost by Microsoft does not leave him an alternative. If you installed “Service Pack 1a - SP1a” you do not have any more a virtual machine Java from Microsoft. It is necessary to install the JVM (Java Virtual Machine) of SUN and:

    either to destroy that of Microsoft which is buguée and not conforms to the standard

    that is to say to preserve that of Microsoft but to force Internet Explorer to use that of SUN (why? because Microsoft with implemented exotic functions, out of all standards, that certain Webmasters are, unfortunately, hastened to use).

    Apply handling explained to this page
    JVM of Sun against JVM from Microsoft
    You will find there information following

    To install the JVM of SUN

    Désinstaller the JVM from Microsoft

    Option to use the 2 JVM alternatively

    Parameters allowing supervise the implementation of Java


    Stage 7 - To apply the entirety of the patchs of safety
    To go on the site of Microsoft, Windows Update, and to apply all patchs and corrective measures (at least, all “critical updates” and all the “service packs”). You must go there with Internet Explorer and activated ActiveX controls.

    Attention - if your machine is currently compromised (infected), do not install-not the SP2. Wait to have decontaminated your machine before doing it.


    Microsoft Windows Update
    Microsoft BSA

    As soon as you finished with Microsoft, decontaminate ActiveX in the parameters of safety of Internet Explorer (and iFrames also).


    Stage 8 - Adjustments of confidentiality of Windows with XP-Antispy
    While returning from Windows Update, to make sure of certain adjustments of confidentiality of Windows.

    Carry out the XP-Antispy utility
    Take the advice given on the page of this utility. Strictly follow the bonds given on this page (there exist counterfeits of XP-Antispy embarking of the parasites of which backdoors)


    Stage 9 - Adjustments of confidentiality of Windows with Safe XP
    To complete the work of XP-Antispy with a utility of comparable nature, supplementing work.

    Safe XP
    Take the advice given on the page of this utility.


    Stage 10 - To supervise the list of starting
    TeaTimer de SpyBot (see beginning of stage 3) makes it possible to supervise your list of starting. If you chose not to install the module TeaTimer de SpyBot, install RegistryProt then, a microscopic utility which will alert you as soon as anything is tried in one of the unspecified sites of this list, and they are numerous. TeaTimer de SpyBot is more powerful than RegistryProt.

    RegistryProt
    Install, it is to it all.


    Stage 11 - Inhibition of the toolbars, without eradication (optional stage)
    For the users of Internet Explorer version 6 and following under Windows 98 /se/me/NT4/2000/XP/Server 2003 which want to avoid the problem of hijack (diversion) of the page of starting of their navigator and/or to prevent that more or less alleged toolbars and additional research are posted, apply the procedure to decontaminate the bands (bars) of tools and the objects of assistance to the navigation of third parties described in the Base of Microsoft knowledge - 298931 (http://support.microsoft.com/default...d=kb;fr;298931).

    Close all the authorities of Internet Explorer, click on Démarrer, point on Paramètres, then click on Control panel.

    Double-click on Options Internet.

    Click on the Avancé mitre.

    In Navigation, decontaminate the check box Activer the extensions third party the navigator (a restarting requires).

    Start again Internet Explorer.

    These stages modify the data of the value of chain “Enable Browser Extensions” in “No” in the key of Register:
    HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ Hand

    We include/understand well: this handling decontaminates only the toolbars and the objects of assistance to navigation installed beforehand by others that Microsoft. This eradic handling step these malevolent objects. They persist on your machine. This handling does not avoid the installation of new ill will which will be simply decontaminated but which continues to be able to settle.

    Stage 12 - Dlls of the AppInit_DLLs key
    Key very seldom compromised but nightmarish if it is it. See, possibly, AppInit_DLLs and procedure of cleaning.

    Stage 13 - To clean the points of restoration

    If, with resulting of the Manipulation, your computer, decontaminated and hardened, seems to function corectement, it is time to clean the points of restoration. Under the systems which have which it (XP Pro, XP Home and Me),


    decontaminate the points of restoration of the system in order to eliminate the copies from parasites placed in zones inaccessible to the antiviruses, anti-trojans etc…


    Reactivate to them the points of restoration in order to create a new point of restoration not contaminated.


    In connection with the points of restoration

    To include/understand the security issues induced by the points of restoration
    http://assiste.com/p/comment/activer..._desactivation


    To activate - To decontaminate - To reactivate the points of restoration in Windows XP (Home and Pro)
    http://assiste.com/p/comment/activer...tion.php#winxp


    To activate - To decontaminate - To reactivate the points of restoration in Windows Me (Windows Millenium Edition)
    http://assiste.com/p/comment/activer...tion.php#winme


    END OF THE MANIPULATION

    --------------------------------------------------------------------------------


    Epilogue - Firewall, Antivirus and anti-spam
    Here, with what precedes you will feel more in confidence, with the proviso of having
    a firewall (a truth, not the toy of Windows XP - it is free goods like Personal Firewall (of Kerio))
    an antivirus (a truth, real-time, not an on-line trick - it is the free ones)
    a anti-spam to filter your mails - it is goods, free, like SpamPal.


    There remains a concern?
    If there remains a concern which this manipulation general practitioner did not regulate, I suggest you:

    To produce a log HiJackThis
    To put your question in the HiJackThis forum while starting by recopying the log produced by HiJackThis there.


    Complementary preventions (quasi obligatory)
    Please apply the following recommendations, complementary to the phases of the Manipulation which already introduced preventive layers:


    As far as possible, especially in environment of company or professional, pass to Mozilla.

    Carry out XP-Antispy

    Carry out Safe-XP
    Carry out Zeb Protect


    Thank you to have read me up to now
    Cordially
    Pierre
    Assiste.com

    Help me


    --------------------------------------------------------------------------------

    Récap with the helpers, victims of HiJacks and attacks of Boot (Attack Boot)

    Opinion with the grass helpers:
    To help the others only if you know what you speak and have good reflexes.

    It falls under the direction that to reinstall Internet Explorer is not used strictly for nothing.

    It goes without saying, but that goes better while it saying, that the first things to be looked at, in a log HiJackThis, are:

    The version of Windows used

    The level of update of this version - without patch up to date, useless to help somebody, it is like pissing in a violin. In 2 hours it is of return on the forums with the same problem (and others).

    The version of Internet Explorer used

    The level of update of this version - even notices that above

    The version of HiJackThis used - if it is not the any last, to ask immediately that which you help to remake a log with the up to date last version of HJT

    To immediately check, in the first part of the log HiJackThis, that an antivirus and a firewall are installed if not useless to continue a cleaning lost in advance.

    To propose the reformating is an insult and a proof of incompetence. It is the reverse of an assistance.

    The majority of this handling must be made whereas that which you help is in privileges of administrator, in mode without failure and decontaminated points of restoration. Do not forget these basic instructions.
    An answer of the kind “Google is your friend” (under heard “Démerdes and seeks”) pourait-being santionnée of an exclusion of the forums. Of course, that which calls “the Help!” must initially be its clean “helper” but, once arrived here, it is of our duty of assistance to answer him. It arrived here because it sought. The tiredness of the helpers always to repeat the same things does not authorize transport.
    To avoid answers to carries parts, stupid and empty, which risks that one types you on the fingers, of the kind “To pass an antivirus”, “To put anti-popup”, “Restore your page of starting with the options of Internet Explorer”, “Tests with HiJackThis” etc…


    Manipulation

    Manipulation - curative procedure and preventive anti-ill will
    http://assiste.com/manip.html


    Prohibited utilities

    False utilities of safety and suspect sites
    If you find one of these utilities in the newspaper (log) of a visitor, ask him to it désinstaller and to start again its log.


    Advanced tricks

    HijackThis: To create a short cut for launching HiJackThis and add the switch /ihatewhitelists to the end. The newspaper is much wider.


    To seek if a field is hostile - Group R0 and R1 of a log HJT and everywhere else


    List fields of CoolWebSearch
    http://www.spywareinfo.com/~merijn/junk/cws_domains.txt


    Deterioration or hidden creation of Hosts - O1 Group of a log HJT

    The 4 types of O1 lines are form:


    O1 - Hosts: 216.177.73.139 ieautosearch (any request to go on the site ieautosearch is redirected towards the machise 216.177.73.139 which lodges the usurping site w__.igetnet.com/). Tens of lines of the kind can appear.


    O1 - Hosts: 127.0.0.1 www.spywareinfo.com (any request to go on the www.spywareinfo.com site - a site of computer security) is blocked: the ill will is protected and prevents you from finding the solution). Tens of lines of the kind can appear.


    O1 - Hosts is located At C:\Windows\Help\hosts slips by (it is a false file hosts - it must be destroyed and the “fixed” line)


    O1 - Hosts: 1123694712 auto.search.msn.com (address IP are masked in a decimal coding. Use the débug mode of CWShredder to convert it). Explanations on the page Decodes IP base10 towards IPV4.


    To seek the legitimacy of a BHO or a bar of tools (by its CLSID) - Group O2 and O3 of a log HJT

    TonyK' S BHO & Toolbar List

    http://www.computercops.biz/CLSID.html

    http://www.allsecpros.com/toolbarlist.txt

    http://www.cjwdavis.co.uk/SpywareBlaster/bholist.txt


    To seek legitimacy, the uselessness or the hostility of a process - O4 Group of a log HJT

    [start] AnswersThatWork.com List Task < - +++

    [Start] Extracted the Liutilities database < - +++

    [start] AZpcHelp

    [start] Microsoft DLLs dataBase

    [start] Greatis

    [start] John Mayer

    [start] Microsoft Knowledge dataBase - the KB

    [start] PacMan Startup List < - +++

    [start] PestPatrol spins information < - +++

    [start] PestPatrol quick

    [start] S. Prevost

    [start] Windows Startup

    [Start] Mirror of PacMan List

    [Start] Absolute Startup


    LSPs legitimate or malevolent - O10 group of a log HJT

    http://www.castlecops.com/LSPs.html

    How to restore the LSPs Winsocks
    http://assiste.com/p/comment/restaurer_winsock_lsp.php


    Limp with tools (WHOIS, NsLookUp, TraceRoute, Variables of environment, Ping, Test of Proxy) - O17 Group of a log HJT

    http://www.all-nettools.com/toolbox


    Hostile style sheets - O19 Group of a log HJT
    These lines, for example, are hostile

    O19 - To use style sheet: c:\WINDOWS\Java\my.css

    O19 - To use style sheet: c:\windows\my.css

    O19 - To use style sheet: C:\WINDOWS\Web\oslogo.bmp


    Tools of analysis and eradication


    HiJackThis [with tutorial]
    Hijackthis
    CWShredder
    Cwshredder
    SpywareBlaster
    Spywareblaster

    SpywareGuard

    SpyBot Search & Destroy [with tutorial]

    AD-aware [with tutorial]

    PestPatrol [with tutorial]

    Commercial antiviruses

    Free antiviruses

    Anti-spywares

    Anti-trojans commercial

    Anti-trojans free

    Mozilla

    miniremoval_coolwebsearch_smartkiller

    LSPs Fix

    Viewer process By ShadowWar. In the search of DLLs hidden in the new forms of hijack standard CWS - Small How to by the author with http://www.teamcti.com/pview/prcview.htm helps

    Start.Chm fix By ShadowWar. Primarily against the last alternative start.chm of CWS

    Registrar Lite

    StartDreck Log of the processes, the keys “run” and the services

    Win98Fix Various small tools against the attack AboutBlank de CoolWebSearch


    Tool against a file impossible to remove

    The Kill Box

    Launch The KillBox and, in the zone of text, to seize the complete way of access to the file to be destroyed.
    Click on “Delete”.
    If that does not function, uses the function “Delete one reboot” then rebooter and lets it be carried out with the restarting.
    You can have to enter the properties of the file, mitre “safety” (see Windows XP and Mitre “Safety”, to add you like user and to allot “total control to you”.



    Tools against alternatives “LMBO: /” and “sp.html”

    Butt: Buster or Butt: Buster
    Butt: Buster (by RubbeR DuckY) is the answer to be given against alternative LMBO: /of Butt: Blank. Butt: Buster is not used against the other alternatives as hijack, only against the alternative of the form

    LMBO: //<random>.dll/<random>.html#<random>
    and, with a little chance, against the form known under the name of sp.html
    LMBO: //<random>.dll/sp.html

    <random> meaning, since the question was put several times, “name random changing all the time and generated with stolen” - in other words, anything.


    Directions for use of Butt: Buster
    Download About: Buster

    Dézippez it and put a short cut on your desk.

    Close all the Internet Explorer authorities, all the windows and all the programs.

    Empty all the masks of your navigators (with SpyBot Search & Destroy for example).

    Made a log HiJackThis and fix all DLLs of the O4 group which have random names like le/les BHOs of comparable nature. All DLLs and all BHOs known (legitimate or not), are quoted on the Web - if you launch a research on a name of DLL or BHO and do not obtain a result, it is a hostility to be fixed. Fix the lines R0 and R1 hijackées is not useful for the moment present but you can do it.

    Start again in mode without failure (Imperatively in mode without failure).

    Double click on Butt: Buster.

    Ok

    Start

    Ok

    A scan is carried out (to wait a few seconds).

    Safeguard the log of this scan in an unspecified .txt file in order to find it if you are brought to consult a helper on a forum.

    Remade a second scan, to see.

    If you obtain a message “Removing Error”, it is a file impossible to destroy. Then consider “Tool against a file impossible to remove” just above.

    Start again in normal mode.

    Lancez HiJackThis post your log in this forum.


    Different Hsremove.exe tool against alternatives LMBO: /and sp.html (for Windows 2000 and XP)

    Different SpHjfix.exe tool against alternative LMBO: /and sp.html. In English. The 2 sites editors of this utility are in German but it is completely useless to read them to use this tool. It is of http://www.trojaner-info.de and http://www.rokop-security.de.


    Error of execution of certain utilities - Runtime Visual BASIC

    Several of the utilities above are written in Visual BASIC. You must have the interpreter Visual BASIC (the “Runtime”).
    http://www.microsoft.com/downloads/
    To download and install.


    File missing MSCOMCTL.OCX

    Missing files


    Tools of assistance to the helpers

    HiJackThis Hot Keys


    Tutoriaux

    How to start in mode without failure

    Points of restoration

    How to decontaminate the points of restoration under Windows XP

    How to decontaminate the points of restoration under Windows Me

    What a BHO

    Trojan horses

    Hosts

    Désinstaller a control ActiveX and anti-ActiveX

    To decontaminate the iFrames

    ActiveX controls

    The list of starting

    CoolWebSearch and its hijackers


    Tools on line

    Antivirus on line

    Tests of penetration

    Anti-spywares and anti-trojans on line

    Tools of decoding


    تحية طيبة... منقووووووووووول

  3. #3
    صيدلانية/مشرفة القسم الطبي
    تاريخ التسجيل
    Feb 2009
    المشاركات
    2,020

    رد: موقع جميل لصيانة الحاسوب...

    ولكن حذروني انه يخترق الجهاز ويعبث بملفاتك...
    ارجو التأكد والتثبت
    وشكرا

المواضيع المتشابهه

  1. موقع ثقافي فرنسي جميل
    بواسطة محمد عيد خربوطلي في المنتدى ركن اللغة الفرنسية .
    مشاركات: 3
    آخر مشاركة: 11-17-2015, 05:59 PM
  2. تجول في موقع د.جميل القدسي دويك
    بواسطة ميسم الحكيم في المنتدى فرسان الطب البديل.
    مشاركات: 1
    آخر مشاركة: 12-07-2011, 05:08 PM
  3. موقع جميل
    بواسطة راما في المنتدى فرسان الفلاشات والصوتيات
    مشاركات: 0
    آخر مشاركة: 10-20-2010, 06:48 AM
  4. موقع يحل لك جميع مشاكل الحاسوب!!
    بواسطة فراس الحكيم في المنتدى فرسان تطوير المواقع.
    مشاركات: 1
    آخر مشاركة: 04-20-2009, 05:09 PM
  5. موقع جميل للمبتدئين و الأطفال
    بواسطة بنان دركل في المنتدى دراسات في أدب الأطفال
    مشاركات: 3
    آخر مشاركة: 05-21-2007, 08:58 AM

ضوابط المشاركة

  • لا تستطيع إضافة مواضيع جديدة
  • لا تستطيع الرد على المواضيع
  • لا تستطيع إرفاق ملفات
  • لا تستطيع تعديل مشاركاتك
  •