vs调试技巧和诀窍系列_您所说的内容：恶意软件的战斗技巧和窍门

vs调试技巧和诀窍系列

Earlier this week we asked you to share your favorite malware fighting tricks. Now we’re back to highlight some of the tips and tricks you shared.

本周早些时候，我们要求您分享自己喜欢的恶意软件对抗技巧。现在，我们将重点介绍您分享的一些提示和技巧。

Our Ask the Readers series gives our awesome and technologically literate readers a chance to show off their know-how. Today we’re rounding up some of the tips and tricks from Wednesday’s Ask the Reader post What Are Your Best Malware Fighting Tricks and highlighting them here.

我们的“问读者”系列为我们的超凡和技术精通的读者提供了展示其专业知识的机会。今天，我们将从周三的“问读者”一文中收集一些技巧和窍门，并在此处重点介绍这些技巧和窍门。

沙箱浏览和文件共享活动 (Sandbox Your Browsing and File Sharing Activity)

Multiple readers used software sandboxing as a tool for isolating harmful malware. Most used free Windows application Sandboxie and some used virtual machine applications like VMware and VirtualBox. Sandboxing your internet connected applications, especially web browsers and file sharing applications, create an extra layer between your operating system and malicious code.

多个读者使用软件沙箱作为隔离有害恶意软件的工具。最常用的免费Windows应用程序Sandboxie和一些常用的虚拟机应用程序(如VMware和VirtualBox) 。对与Internet连接的应用程序(尤其是Web浏览器和文件共享应用程序)进行沙盒处理，会在操作系统和恶意代码之间创建一个额外的层。

避免以root用户身份浏览 (Avoid Browsing as a Root User)

While this tip applies across operating systems it’s most critical for Windows users. Most people (if not 99% of them) use Windows every day as an Administrator/root user. If malware finds its way onto the machine it’s simple for it to take over since the account it’s active on has full access to the machine. Second only to sandboxing your applications in popularity was restricting the user account and browsing only on limited access accounts instead of as an administrator.

尽管此技巧适用于各种操作系统，但对于Windows用户而言最为关键。大多数人(如果不是99％的人)每天都以管理员/ root用户身份使用Windows。如果恶意软件找到了进入计算机的方式，则很容易将其接管，因为处于活动状态的帐户对计算机具有完全访问权限。仅在限制应用程序帐户访问量和仅在有限访问权限的帐户而不是管理员身份下浏览的情况下，您的应用程序在沙箱中仅次于沙箱。

终止进程以使扫描仪能够删除它们 (Killing Processes to Enable Scanners to Remove Them)

Malware infestations can be particularly pesky and their processes are tenacious. The most popular applications among HTG readers for slaying malware processes so that other applications could eradicate them were Rkill and TDSSKiller.

恶意软件的侵扰尤其令人讨厌，其过程也很顽强。在HTG阅读器中，用于杀死恶意软件进程的最流行的应用程序是Rkill和TDSSKiller ，这些应用程序可以消除它们。

Reader Hammy84 said:

读者Hammy84说：

Start with a combination of rkill.com (the exe) to kill any running malicious processes, then up to date full scan with Malwarebytes Anti-Malware, followed by a full scan with Spybot S&D. Always good to do this in safe mode too to get a thorough search completed.

首先使用rkill.com(exe)组合杀死所有正在运行的恶意进程，然后使用Malwarebytes Anti-Malware进行最新的全面扫描，然后使用Spybot S＆D进行全面扫描。在安全模式下始终这样做也总是一件好事，以完成彻底的搜索。

Using safe mode is definitely a good tip whenever possible, as a lot of spyware doesn’t load in safe mode.

只要有可能，使用安全模式绝对是一个不错的技巧，因为许多间谍软件不会在安全模式下加载。

良好的恶意软件防御是多管齐下的策略 (Good Malware Defense is a Multi-Prong Strategy)

Very few readers suggested anything short of a multi-prong defense against malware. One of the most popular combinations by far was Microsoft Security Essentials running every day + frequent scans with CCleaner (to clean out the non-malware crap you don’t want to waste your time scanning and dealing with) as well as scans with Malwarebyte’s Anti-Malware. For fighting off messy infections that were already full-blown, Combofix is one of the more popular deep-scan tools.

很少有读者提出任何针对恶意软件的多管齐下的防御措施。到目前为止，最受欢迎的组合之一是Microsoft Security Essentials每天运行+使用CCleaner进行频繁扫描(以清除您不想浪费时间进行扫描和处理的非恶意软件废品)以及使用Malwarebyte's Anti的扫描-恶意软件。为了抵御已经很成熟的混乱感染， Combofix是最受欢迎的深度扫描工具之一。

As an example of the multi-prong approach, reader Duckbrain wrote:

作为多管齐下方法的一个示例，读者Duckbrain写道：

I was dealing with a particularly difficult one for a friend last night. Tried MalwareBytes, Safe Mode and cleaning all startup objects, and even ClamAV on Ubuntu. I finally got it by clicking and pressing keys until it froze and force-closed it. Then I used CCleaner to find the executable in the startup objects and deleted it by hand. Finally, I installed Microsoft Security Essentials to protect from attacks in the future.

昨晚我正和一个朋友面对一个特别困难的人。尝试了MalwareBytes，安全模式并清除了所有启动对象，甚至在Ubuntu上清除了ClamAV。我终于通过单击并按下键直到冻结并强行关闭它来得到它。然后，我使用CCleaner在启动对象中找到可执行文件，并手动将其删除。最后，我安装了Microsoft Security Essentials，以防止将来受到攻击。

Don’t forget to make sure you’ve got an up-to-date anti-virus software installed once you get everything clean. We recommend Microsoft Security Essentials.

一旦一切都干净了，别忘了确保已安装了最新的防病毒软件。我们建议使用Microsoft Security Essentials。

For more tips and tricks, hit up the original post to see how your fellow readers deal with malware and what programs they roll out in the attack. Have a question you want to put before the How-To Geek audience? Shoot us an email at [email protected] with “Ask the Readers” in the subject line and we’ll see what we can do.

有关更多提示和技巧，请访问原始文章，以了解您的其他读者如何处理恶意软件以及他们在攻击中推出了哪些程序。您想向How-To Geek观众提出一个问题吗？向我们发送电子邮件，网址为[email protected] ，主题行中有“询问读者”，我们将看到可以做什么。

翻译自: https://www.howtogeek.com/howto/45059/what-you-said-malware-fighting-tips-and-tricks/