Imiyalo eminingi ephathelene nokususwa kwe-Adware, i-Malware nezinye izinhlelo zokusebenza ezingafuneki kusuka kwikhompyutha ziqukethe into ekudinga ukuhlola ukusebenza kwezinqubo zeWindows zokuba khona kwalabo abasolisayo phakathi kokusebenzisa amathuluzi okukhipha i-malware okuzenzakalelayo. Kodwa-ke, akulula kakhulu ukukwenza kumsebenzisi ngaphandle kokuhlangenwe nakho okujulile ohlelweni lokusebenza - uhlu lwezinhlelo eziphethwe emenenja yomsebenzi kungamtshela kancane.
Isixuku se-CrowdStrike Isikhungo sesevisi yamahhala, esenzelwe ngokuqondile le njongo, okuzoxoxwa kulokhu kubuyekezwa, kungasiza ukuhlola nokuhlaziya izinqubo zokusebenza (izinhlelo) ze-Windows 10, 8 ne-Windows 7 ne-XP. Bheka futhi: Ungasusa kanjani ukukhangisa (AdWare) kusiphequluli.
Ukusebenzisa i-CrowdInspect ukuhlaziya ukusebenza kwezinqubo ze-Windows
IsixukuInspect ayidingi ukufakwa kukhompyutheni futhi ingobo yomlando we-.zip enefayela elilodwa eliphumelelayo le-crowdinspect.exe, eliqala ekudaleni elinye ifayela lezinhlelo ze-Windows 64-bit. Lolu hlelo luzodinga i-intanethi exhunyiwe.
Uma uqala ukuqala, uzodinga ukwamukela imigomo yesivumelwano selayisense ngenki ye-Accept, futhi ku-iwindi elilandelayo, uma kunesidingo, ulungise ukuhlanganiswa ne-VirusTotal insizakalo ye-scan inthanethi (futhi uma kudingeka, khubaza ukulayisha kwamafayela angaziwa kule nsizakalo, "Layisha amafayela angaziwa").
Emva kokuchofoza okuthi "Ok" isikhathi esifushane, i-Falcon ye-CrowdStrike ikhokha iwindi yokuvikela i-adware izovula, bese iwindi le-CrowdInspect eliyinhloko lunezinqubo zezinhlelo ezisebenza ku-Windows nolwazi oluwusizo ngabo.
Ukuqala, ulwazi kumakholomu abalulekile ku-CrowdInspect
- Inqubo Igama - igama lenqubo. Ungase futhi ubonise izindlela ezigcwele kumafayela aphethwe ngokuchofoza inkinobho ethi "Full Path" kwimenyu enkulu yohlelo.
- Inject - ukuhlola inqubo yokujola ikhodi (kwezinye izimo, ingabonisa imiphumela emihle ye-antivirus). Uma kusongelwa ukusola, uphawu lokumemeza kabili nesithonjana esibomvu kukhishwa.
- VT noma i-HA - umphumela wokuhlola ifayela lezinqubo ku-VirusTotal (iphesenti ihambisana nephesenti yama-antivirus abheka ifayela eliyingozi). Inguqulo yakamuva ibonisa ikholomu ye-HA, futhi ukuhlaziywa kwenziwa nge-Hybrid Analysis isevisi ye-inthanethi (okungenzeka iphumelele kakhulu kune-VirusTotal).
- Mhr - umphumela wokuqinisekiswa kwi-Team Cymru Malware Hash Repository (i-database ye-checksums ye-malware eyaziwa). Ibonisa isithonjana esibomvu nomaka wokumemeza kabili uma kunesimo senqubo ku-database.
- I-WOT - uma inqubo yenza uxhumano namasayithi namaseva ku-Inthanethi, umphumela wokuhlola la maseva kwi-Web Of Trust idumela yesevisi
Amakholomu asele aqukethe ulwazi mayelana nokuxhumeka kwe-intanethi okwakhiwe ngenqubo: uhlobo loxhumano, isimo, izinombolo ze-port, ikheli le-IP yendawo, ikheli le-IP elide, ne-DNS ukumelwa kwaleli kheli.
Qaphela: ungabona ukuthi ithebhu eyodwa yesiphequluli iboniswa njengeqoqo lezinqubo eziyishumi noma ngaphezulu ku-CrowdInspect. Isizathu salokhu ukuthi umugqa ohlukile uboniswa uxhumano ngalunye olusungulwe inqubo eyodwa (futhi iwebhusayithi evamile evuliwe kusiphequluli yenza ukuxhumeke kumaseva amaningi kwi-Intanethi ngesikhathi esisodwa). Ungakhubaza lolu hlobo lokubonisa ngokukhubaza inkinobho ye-TCP ne-UDP kwimenyu yemenyu ephezulu.
Ezinye izinto zemenyu nezilawuli:
- Phila / Umlando - ishintsha imodi yokubonisa (ngesikhathi sangempela noma uhlu lapho isikhathi sokuqala senqubo ngayinye siboniswa).
- Misa okwesikhashana - faka ukuqoqwa kolwazi ngesikhathi sokumisa isikhashana.
- Bulala Inqubo - qedela inqubo ekhethiwe.
- Vala I-Tcp - uqede uxhumano lwe-TCP / IP lwenqubo.
- Izakhiwo - vula ifasitela ejwayelekile ye-Windows enezindawo zephrojekithi ephumelelayo.
- VT Imiphumela - vula ifasitela ngemiphumela yokuskena ku-VirusIngqikithi kanye nesixhumanisi somphumela wokuskena kusayithi.
- Kopisha Konke - kopisha lonke ulwazi oluthunyelwe mayelana nezinqubo ezisebenzayo ebhodini lokunamathisela.
- Futhi ngenqubo ngayinye ekuchofozeni kwesokudla kwegundane, imenyu yomongo ngezenzo eziyisisekelo iyatholakala.
Ngiyavuma ukuthi abasebenzisi abanolwazi abanamathuba amaningi kuze kube manje bacabanga ukuthi: "ithuluzi elikhulu", futhi abaqalayo abazange baqonde ngempela ukuthi yiyiphi ukusetshenziswa nokuthi ingasetshenziswa kanjani. Yingakho okwesikhashana futhi kulula ngangokunokwenzeka kwabaqalayo:
- Uma usola ukuthi kukhona okubi okwenzeka kukhompyutha yakho, futhi i-antivirus kanye nezinsiza ezifana ne-AdwCleaner sezivele zihlole ikhompyutha yakho (bheka Amathuluzi wokususa ama-malware), ungabheka kuBantu abaHlolayo bese ubona ukuthi kunezinhlelo ezingemuva ezisemuva ezigijima emafasiteleni.
- Izinqubo ezisolisayo kufanele zicutshungulwe ngezimpawu ezibomvu ngephesenti eliphezulu ku-colon VT futhi (noma) uphawu olubomvu kukholomu ye-MHR. Ngeke uhlangane nezimpawu ezibomvu ku-Inject, kodwa uma ubona, futhi unake.
- Okufanele ukwenze uma inqubo isolisayo: ubone imiphumela yayo ku-VirusIsibalo ngokuchofoza inkinobho ye-VT Results, bese uchofoza isixhumanisi nemiphumela ye-antivirus file ukuskena. Ungazama ukucinga igama lefayela kwi-Intanethi - izinsongo ezivame ukuxoxwa kumaforamu nakamasayithi okusekela.
- Uma umphumela uphetha ngokuthi ifayela liyingozi, zama ukususa ekuqaliseni, ususe uhlelo lolu hlelo olusebenzayo futhi usebenzise ezinye izindlela ukuze ususe usongo.
Qaphela: khumbula ukuthi kusukela ekubukeni kwama-antivirus amaningi, izinhlelo ezihlukahlukene zokulanda "amathuluzi" namathuluzi afanayo athandwa ezweni lakithi kungenzeka kube isofthiwe engathandeki, okuzoboniswa kwi-VT kanye / noma i-MHR ikholomu ye-Crowd Inspect utility. Nokho, lokhu akusho ukuthi kuyingozi - icala ngalinye kufanele libhekwe lapha.
Isixuku Sihlola singalandwa mahhala kusuka kuwebhusayithi esemthethweni //www.crowdstrike.com/resources/community-tools/crowdinspect-tool/ (ngemuva kokuchofoza inkinobho yokulanda, udinga ukwamukela imigomo yelayisense ekhasini elilandelayo ngokuchofoza Yamukela ukuqala ukulanda). Iwusizo futhi: I-antivirus engcono mahhala ye-Windows 10, 8 ne-Windows 7.
