Scan Repair Tool:
QUOTE: Hijackthis
Foreign download: http://www.merijn.org/files/hijackthis.zip
If you are prompted that the MSVBVM60.DLL file does not exist after running HijackThis on Windows 98/ME, download this VB package, which contains the required files:
Http://download.microsoft.com/do. .. N-US/vbrun60sp5.exe
QUOTE: System Repair Engineer
Note:
System Repair Engineer (SREng) is a brand new, powerful, and scalable free tool for adjusting and repairing your System. With the help of this tool, you can detect your system faults and easily fix them. The predecessor of this tool is the RegFix registry key value Repair Tool. Due to the limitations of the RegFix registry key value Repair Tool and the complexity of the current system environment, I redesigned a new software, that is, System Repair Engineer (SREng ).
Download:
SREng.exe
Http://www.kztechs.com/sreng/sreng2.zip
QUOTE: SysInfoCollect. EXE
Note: The System Information Collect Tool is a small Tool used to Collect System Information. The collected information can be used to check the system. Check whether abnormal processes or services are running, whether important file associations are correct, and whether the Startup Group contains abnormal content. SysInfoCollect is the abbreviation of System Information Collect Tool. The purpose of the software development is to detect system processes, Registry Startup groups, services, BHO, and file associations through simple operations.
Running Environment: Microsoft Windows 98 or above
Link: http://www.kztechs.com/sysinfocollect/SysInfoCollect.zip
Process viewing tool:
QUOTE: process explorer 9.25
English version:
Win9x/Me http://www.sysinternals.com/Files/ProcessExplorer9x.zip
32-bit NT/2 K/XP/Server 2003 http://www.sysinternals.com/Files/ProcessExplorerNt.zip
64-bit XP/Server 2003 http://www.sysinternals.com/Files/ProcessExplorerAmd64.zip
English version 9.25 download page: http://www.crsky.com/soft/1074.html
QUOTE: Process Manager v1.62
Description: Process Manager is a powerful system task management tool. It can be used to monitor and abort suspicious processes, analyze all forms programs in detail, and modify, control, and abort the status of any controls. It is a security tool and a Software Component tool for programming!
Download: http://share.down.softnews.cn/down/57635.rar
QUOTE: detached process manager 2.5.1217
Note: This software is used to view system processes, modules, and window information and perform operations on them. For example, it is used to close processes, set priorities, hide windows, and make buttons available, rename, get the text box content (including some password boxes), manage the Registry Startup items, view the class names of different objects, and delete services.
Download: http://chenccc.nease.net/ProcessManage.exe
Download Page: http://www.newhua.com.cn/soft/25720.htm
Startup Item viewing tool:
QUOTE: Autoruns V8.31
Note: Sysinternals allows you to view and delete self-starting items in the Registry and Win. ini files. If you suspect that a trojan or virus exists or the system is too slow to start, use this tool to check the auto-start items.
During the first running, the displayed font looks uncomfortable. Go to the "options"> "font" menu and set the font to "" 9. Then, it will be okay.
Link: http://www.sysinternals.com/Files/Autoruns.zip
V8.11 Chinese Version Download Page: http://www.skycn.com/soft/17567.html
QUOTE: Startuplist 1.52.1
Note: A common overseas startup Item scanning tool generates a txt report.
Foreign download: http://www.bleepingcomputer.com/files/Merijn/startuplist.zip
Download Page: http://soft.2118.com.cn/soft/32784.htm
Powerful deletion tool:
QUOTE: killbox v2.0.0.175 Chinese Version
Note: tools and software that are very popular in foreign anti-virus forums are the best combination with HijackThis. In essence, they are a powerful tool for deleting arbitrary files, regardless of whether the file is EXE or DLL or other files, whether the file is running or called by the system, KillBox can delete the file in a few steps.
Specific Use: http://www.47522999.com/news/data/2005/0618/article_34.htm
Download: http://down24.codefans.com/tools/ha-killbox.rar
Dedicated repair tools:
QUOTE: Winsockfix
Note: The Winsock Repair Tool is developed by Option ^ Explicit Software. You can fix Layered Service Provider (LSP) and restore hosts to the default status.
Download Page: http://www.spychecker.com/download/download_winsockxpfix.html
QUOTE: Lspfix
Note: The Winsock2 Repair Tool fixes Layered Service Provider (LSP ).
Download: http://www.cexx.org/lspfix.exe
Download Page: http://www.cexx.org/lspfix.htm
QUOTE: KLLSPRST
Note: The Winsock2 Repair Tool produced by Kaspersky fixes Layered Service Provider (LSP ).
Download: ftp://ftp.avp.ru/utils/LSP_restore/KLLSPRST.ZIP
File use check and unlock tools:
QUOTE: Unlocker 1.7.7
Introduction: When you rename or delete a file/folder, the Windows pop-up dialog box prompts you "Cannot delete xxx: it is being used by other users/programs !", What should I do? With Unlocker, you can easily, conveniently, and effectively solve this small but annoying problem! Unlocker is a free right-click extension tool. After installation, it can be integrated into the right-click operation. When a user finds that a file or directory cannot be deleted, right-click "Unlocker", and the program will immediately show which programs occupy the directory or file, then, you only need to press "Unlock" in the pop-up window to unhide your file.
Unlocker is different from other unlocking software in that it does not forcibly close the programs that occupy files, but rather unlocks the files and programs in a way that disconnects them, therefore, user data may not be lost due to forced shutdown like other unlocking programs.
The Unlocker installation is very simple. After downloading, you only need to double-click the file to install it. During the installation process, the program will allow the user to choose to integrate Unlocker directly into the right-click menu or "transfer... project, allowing users to call it more elastically.
Link: http://ccollomb.free.fr/unlocker/unlocker1.7.7.exe
Dedicated rootkit tools:
QUOTE: RootkitRevealer 1.56
Note: RootkitRevealer v1.01 is used to check whether Rootkit is running in the system. By analyzing the differences between the Registry and system API files, it can detect all rootkits released by www.rootkit.com, including AFX, Vanquish, and HackerDefender. It contains two versions: GUI and command line. The command line version can be used with the PsExec to execute remote scanning.
Link http://www.sysinternals.com/Files/RootkitRevealer.zip
Download Page: http://www.sysinternals.com/utilities/rootkitrevealer.html
QUOTE: BlackLight Beta 2.2.1007
Note: F-Secure's Rootkit is a free kill scanning tool.
Download: http://www.europe.f-secure.com/exclude/blacklight/blbeta.exe
QUOTE: Unhackme version 2.5
Note: Greatis is a tool for killing rootkit and Trojans. It is a shared version.
Download: http://www.greatis.com/unhackme.zip