Ke ho'ākāka 'ana i nāʻikepili' ikepili no ke kōkuaʻana e hoʻopau iā Spyware a me nā Hijackers Pūnaewele
ʻO HijackThis he mea hoʻohana maʻamau mai Trend Micro. ʻO ia i hoʻomaka muaʻia e Merijn Bellekom, he haumāna i Netherlands. ʻO nā polokalamu Spyware polokalamu e like me Adaware a Spybot S & D ke hana maikaʻi no kaʻike a me ka weheʻana i nā polokalamu spyware, akā,ʻoi aku ka noʻonoʻoʻana o kekahi mau polokalamu spyware a me nā hijackers pūnaewele no kēia mau pūnaewele anti-spyware.
Ua kākauʻia kēia mea e pili ana i ka wehe a wehe i nā hijacks pūnaewele, a iʻole ka polokalamu kamepiula e lawe i kāu pūnaewele pūnaewele, e hoʻololi i kāuʻaoʻao home a me ka search engine a me nā meaʻino. ʻIe like me nā polokalamu anti-spywareʻoihana, HijackThisʻaʻole hoʻohana i nā inoa a iʻole i nā pahuhopu i nā papahana kūikawā a iʻole ka URL eʻike a hoʻopaʻa. Ma mua, HijackThis nānā no nā hana hoʻopunipuni a me nāʻano i hoʻohanaʻia e nā polokalamu kamepiula e hoʻopili i kāu pūnaewele a hoʻopau i kāu polokalamu kele pūnaewele.
ʻAʻole nā mea a pau i hōʻikeʻia i loko o ka HijackThis logs he meaʻino aʻaʻole pono e hemo. ʻO kaʻoiaʻiʻo,ʻo ka mea'ē aʻe. Ua aneane hiki i kekahi o nā mea i loko o kāu mau HijackThis papa inoa he polokalamu pono a laweʻana i kēlā mau mea i ka hopena i ka hopena o kāu pūnaewele a iʻole ia e hiki ke hikiʻole ke hiki. Ke hoʻohana nei i ka HijackThis heʻano like e like me ka hoʻoponoponoʻana i ka Registry Registry iāʻoe iho. ʻAʻole ia heʻepekema hōʻeha, akā,ʻaʻole ponoʻoe e hana ia mea me kaʻole o kahi alakaʻi alakaʻi akamai ināʻaʻoleʻoe eʻike pono i kāu hana.
I ka manawa e hoʻokomo aiʻoe i ka HijackThis a holo iā ia e hana i kahi loina log, he nui nā hālāwai a me nā wahi kahi e hiki ai ke kau a hoʻouna i kāuʻikepili lohi. ʻO nāʻike iʻike i ka mea e nānā aku ai, hiki iāʻoe ke kōkua i ka hōʻoiaʻana i nāʻike loiloi a'ōlelo iāʻoe i nā mea e wehe ai a me nā mea e haʻalele wale.
No ka hoʻoihoʻana i ka version o HijackThis i kēia manawa, hiki iāʻoe ke kipa i ka kahua kūlana ma Trend Micro.
Eia kekahi hiʻohiʻona o nā HijackThis log log e hiki iāʻoe ke hoʻohana e lele i kaʻike āu e huli nei:
- R0, R1, R2, R3 - Pūnaewele Internet Explorer / Huli i nā palapala pūnaewele
- F0, F1 - Polokalamu hoʻopili
- N1, N2, N3, N4 - Netscape / Mozilla hoʻomaka / Huli i nāʻaoʻao HKH
- O1 - Nānā hou o nā pūnaewele
- O2 - Nā mea kōkua kōkua kōkua
- O3 - Nānā polokalamu Internet Explorer
- O4 - Nā polokalamu hoʻoponopono hou mai ka Registry
- O5 - IE Nānā i kaʻike 'ole i ka Panel Panel
- O6 - IE Nā koho e kāohiʻia e ka Luna Hoʻonaʻauao
- O7 - Access access i hoʻoponoponoʻia e ka Luna Hoʻonaʻauao
- O8 - Nā mea hou i ka papa inoa'ākau'ākau IE
- O9 - Ke pihi hou i ka papa hana hana nui IE, aiʻole nā mea hou i ka papa inoaʻIE 'Tools'
- O10 - Winjack hijacker
- O11 - He hui hou i ka pukaʻIE 'Advanced Options'
- O12 - IE i? I
- O13 - IE DefaultPrefix hijack
- O14 - 'Hoʻonohonoho i nā Pūnaewele Pūnaewele' hijack
- O15 - Pūnaewele i hoʻokuʻuʻoleʻia i kahi Pale Kūkākūkā
- O16 - AEXX AEX (aka ii iia iiaiiia i? Iaaiey i? A)
- O17 - Lop.com hijackers
- O18 - Nānā Hou a me nā hijackers protocol
- O19 - Ke kāʻeiʻokoʻa mea hoʻohana
- O20 - AppInit_DLLs ka mana hana inoa inoa
- O21 - ShellServiceObjectDelayLoad Keʻena kope Authole
- O22 - SharedTaskScheduler Keka inoa pūnaewele
- O23 - NN Services NT
R0, R1, R2, R3 - IE hoʻomaka a huli i nā palapala
Pehea konaʻano:
R0 - HKCU Pūnaeweleʻo Microsoft Internet Explorer Main, Ka hoʻomakaʻana o kahi palapala = http://www.google.com/
R1 - HKLM Pūnaewele Microsoft InternetExplorer Main, Default_Page_URL = http://www.google.com/
R2 - (ʻaʻole hoʻohanaʻia kēiaʻano e HijackThis yet)
R3 - Loaʻa iā URLSearchHook
Pehea e hana ai:
Ināʻikeʻoe i ka URL ma ka hopenaʻo kāu homepage a iʻole ka huli pūnaewele, ua maikaʻi. Ināʻaʻoleʻoe, e nānā a loaʻa iā HijackThis e hoʻopaʻa iā ia. No nā mea R3, hoʻoponopono mau iā lākou keʻole lākou e haʻi i kahi papahana āu iʻike ai, e like me Copernic.
F0, F1, F2, F3 - Nā polokalamu hoʻopiʻi mai nā waihona INI
Pehea konaʻano:
F0 - system.ini: Shell = Explorer.exe Openme.exe
F1 - win.ini: holo = hpfchedched
Pehea e hana ai:
ʻO nā hualoaʻa F0 heʻino mau, no laila e hoʻonohonoho. ʻO nā mea F1 he mau papa kahiko loa ia e mālama pono ana, no laila eʻikeʻoe i kahiʻike hou aʻe ma ka inoa inoa eʻike ai i ka maikaʻi a iʻole kaʻino. Hoʻopuka kahi Pacman o ka hoʻomakaʻana i kahi mea.
N1, N2, N3, N4 - Netscape / Mozilla hoʻomaka & amp; Huli pūnaewele
Pehea konaʻano:
N1 - Netscape 4: user_pref "browser.startup.homepage", "www.google.com"); (C: \ Nā Pūnaehana Pūnaewele Netscape Nā hoʻohana hoʻohana prefs.js nā mea hoʻohana)
N2 - Netscape 6: user_pref ("browser.startup.homepage", "http://www.google.com"); (C: \ Nā palapala a me nā mea hoʻohana i kaʻikepili hoʻohana polokalamu Mozilla Pūnaewele defaulto9t1tfl.slt prefs.js)
N2 - Netscape 6: user_pref ("browser.search.defaultengine", "engine: //C%3A%5CProgram%20Files%5CNetscape%206%5Csearchplugins%5CSBWeb_02.src"); (C: \ Nā palapala a me nā mea hoʻohana i kaʻikepili hoʻohana polokalamu Mozilla Pūnaewele defaulto9t1tfl.slt prefs.js)
Pehea e hana ai:
Loaʻa ka palekana o ka homepage Netscape a me Mozilla. ʻAʻole hikiʻole ke hopuʻia, aia wale nō Lop.com iʻikeʻia e hana i kēia. Ināʻikeʻoe i kahi URL āu eʻikeʻole ai i kou homepage a iʻole huliʻaoʻao, e hoʻokau iā HijackThis.
O1 - Nānā o Hostsfile
Pehea konaʻano:
O1 - Pūʻali: 216.177.73.139 auto.search.msn.com
O1 - Pūnaewele: 216.177.73.139 search.netscape.com
O1 - Nń Puhi: 216.177.73.139 ka luna
O1 - Aia kahi pūnaewele ma C: \ Windows Help \ hosts
Pehea e hana ai:
E hoʻopili hou ana kēia hijack i ka helu ma ka'ākau i ka IP IP ma ka hema. Ināʻaʻole ka IP i ka helu wahi, e hoʻihoʻiʻiaʻoe i kahi paena i kēlā me kēia manawa āu e komo ai i ka helu. Hiki iāʻoe ke hana i kēia HijackThis i kēia mau mea, keʻoleʻoe e kākau pono i kēlā laina i loko o kāu pūnaewele Pūnaewele.
ʻO ka mea hope loa ke kauʻia ma Windows 2000 / XP me kahi maʻi Coolwebsearch. E hoʻopaʻa i kēia mea i kēia manawa, aiʻole e hoʻoponopono hou iā CWShredder.
O2 - Nā mea kōkua kōkua kōkua
Pehea konaʻano:
O2 - BHO: Yahoo! Hoa BHO - {13F537F0-AF09-11d6-9029-0002B31F9E59} - C: \ PROGRAM FILES \ YAHOO! COMPANION \ YCOMP5_0_2_4.DLL
O2 - BHO: (inoaʻole) - {1A214F62-47A7-4CA3-9D00-95A3965A8B4A} - C: \ PROGRAM FILES \ POPUP ELIMINATOR \ AUTODISPLAY401.DLL (kahi e waiho 'ia nei)
O2 - BHO: Hoʻopiliʻia nā Pāʻoihana Pāʻoihana - {85A702BA-EA8F-4B83-AA07-07A5186ACD7E} - C: \ PROGRAM FILES \ MEDIALOADS HAʻOLI ME ME1.DLL
Pehea e hana ai:
Ināʻaʻoleʻoe e hoʻomaopopo pono i ka inoa o kahi mea hoʻohana pūnaewele, hoʻohana i ka BHO a me ka papa hana polokalamuʻo TonyK e loaʻa iā ia ma ka papa ID (CLSID, ka helu ma waena o nā pale pale) aʻike i ka maikaʻi a iʻole kaʻino. Ma ka BHO List, 'ʻo X', 'o ia hoʻi, ka' 'spyware' a me 'L' mea palekana.
I3 o I3
Pehea konaʻano:
O3 - Toolbar: & Yahoo! Hoa - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C: \ PROGRAM FILES \ YAHOO! \ COMPANION \ YCOMP5_0_2_4.DLL
O3 - Toolbar: Popup Eliminator - {86BCA93E-457B-4054-AFB0-E428DA1563E1} - C: \ PROGRAM FILES \ POPUP ELIMINATOR \ PETOOLBAR401.DLL (kahi hapa i hala)
O3 - Toolbar: rzillcgthjx - {5996aaf3-5c08-44a9-ac12-1843fd03df0a} - C: \ WINDOWS API'ĀINA DATA \ CKSTPRLLNQUL.DLL
Pehea e hana ai:
Ināʻaʻoleʻoe e hoʻomaopopo pono i ka inoa o kahi mea hoʻohana, hoʻohana i ka BHO & Toolbar List o TonyKoa no ka huliʻana iā ia ma ka ID class (CLSID, ka helu ma waena o nā pale pale) aʻike i ka maikaʻi a iʻole kaʻino. Ma ka papa inoa mea hoʻohana, 'X', 'o ia hoʻi,' o ka spyware a me 'L' keʻano palekana. Ināʻaʻole ia ma ka papa inoa a me ka inoa e like paha me ka pūnaewele maʻamau a aia ka'ōnaewele i loko o ka waihona 'Application Data' (e like me ka mea hope loa i nā hiʻohiʻona i luna), aia paha Lop.com, aʻo kāu'ōlelo e pono iā HijackThis fix ia.
'O4 - Nā polokalamu hoʻopihapiho mai ka Registry a i ka papa Hana hoʻomaka
Pehea konaʻano:
O4 - HKLM \ .. \ Run: [ScanRegistry] C: \ WINDOWS \ scanregw.exe / autorun
O4 - HKLM \ .. \ Run: [SystemTray] SysTray.Exe
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Pūnaehana Pūnaewele Pūnaewele Hui Pūnaewele Symantec Shared \ ccApp.exe"
O4 - Hoʻomaka: Microsoft Office.lnk = C: \ Pūnaehana Pūnaeweleʻo Microsoft Office Office OSA9.EXE
O4 - Global Startup: winlogon.exe
Pehea e hana ai:
E hoʻohana i ka papa hana hoʻomaka o PacMan e huli ai i kahi komo aʻike i ka maikaʻi a iʻole kaʻino.
Inā hōʻike ka mea i kahi papahana e noho ana i kahi hui hoʻomaka (e like me ka helu hope ma luna aʻe nei), hiki i ka HijackThis hiki ke hoʻopaʻa i kēia mea inā he hoʻomanaʻo kēia polokalamu. E hoʻohana i ka Manawaena Pūnaewele Windows (TASKMGR.EXE) e hoʻopau i ke kaʻina hana ma mua o ka kauʻana.
O5 - IE Nā koho eʻikeʻoleʻia ma ka Papa Mana Mana
Pehea konaʻano:
O5 - control.ini: inetcpl.cpl = no
Pehea e hana ai:
Ināʻaʻoleʻoe a me kāu luna hoʻomalu pūnaewele e hūnā pono i ka hiʻona mai ka Papa Mana Pūnaewele, e hoʻokau iā HijackThis.
O6 - IE Nā koho e kāohiʻia e ka Luna Hoʻonaʻauao
Pehea konaʻano:
O6 - HKCU Pūnaewele Polokalamu "Microsoft Internet Restrictions i kēia manawa
Pehea e hana ai:
Ināʻoleʻoe i ka koho Sbot D Spybot 'Lock homepage from changes' active, a iʻole i hoʻokomoʻia e kāu luna pūnaewele, hoʻokau iā HijackThis.
O7 - Access access i hoʻoponoponoʻia e ka Luna Hoʻonaʻauao
Pehea konaʻano:
O7 - HKCU Pūnaeweleʻo Microsoft Windows CurrentVersion Policies System, DisableRegedit = 1
Pehea e hana ai:
Loaʻa iā HijackThis i kēia mau mea, keʻole kāu hoʻonohonoho pūnaewele e kau i kēia palena.
O8 - Nā mea hou i ka papa inoa'ākau'ākau IE
Pehea konaʻano:
O8 - Nānā ma ka papahana o ka papahana: & Google Search - res: // C: \ WINDOWSI KUMUʻIA KE KUMU HULA \ GOOGLETOOLBAR_EN_1.1.68-DELEON.DLL / cmsearch.html
O8 - He'enepili helu papahana hou: Yahoo! Huli - file: /// C: \ Nā polokalamu polokalamu \ Yahoo! \ Common / ycsrch.htm
O8 - He'enepili hoʻonohonoho o ka papahana: Zoom & In - C: \ WINDOWS \ WEB \ zoomin.htm
O8 - He'enehi papahana hoʻolālā hou: Hoʻokomo a & e - C: \ WINDOWS \ WEB \ zoomout.htm
Pehea e hana ai:
Ināʻaʻoleʻoe e hōʻoia i ka inoa o ka mea ma kaʻaoʻao'ākau-'ākau i IE, hoʻololiʻo HijackThis.
O9 - Ke pihi hou ma luna o ka papahana hana IE nui, a iʻole nā hua'ē aʻe i ka IE & # 39; Tools & # 39; menu
Pehea konaʻano:
O9 - Kaomi hou: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O9 - Kaomi hou: AIM (HKLM)
Pehea e hana ai:
Ināʻaʻoleʻoe e hōʻoia i ka inoa o ke pihi a iʻole ka papa inoa koho, e hoʻokō iā HijackThis.
O10 - nā mea hōʻalo pumehana
Pehea konaʻano:
O10 - Loaʻa i kaʻike pūnaewele ma New.Net
O10 - Kelepona'eneke pūnaewele no kaʻoihana LSP 'c: \ progra ~ 1 \ common ~ 2 \' toolbar \ cnmib.dll 'i nalowale
O10 - Kōnae iʻikeʻoleʻia ma Winsock LSP: c: \ nā polokalamu polokalamu hou hou kaʻike \ vmain.dll
Pehea e hana ai:
E aho e hoʻoponopono i kēia mau LSPFix mai Cexx.org, aiʻole Spybot S & D mai Kolla.de.
E hoʻomaopopo i nā 'meaʻikeʻole' i ka waihona LSP i hoʻokumuʻia e HijackThis, no nā pilikia palekana.
O11 - He hui hou i ka IE & # 39; Advanced Options & # 39; pukaaniani
Pehea konaʻano:
O11 - Nā koho: [CommonName] CommonName
Pehea e hana ai:
ʻO ka mea hijacker wale nō e like me ka manawa i hoʻohui i kāna mau koho koho i ka pukaʻIE Advanced Options he CommonName. No laila hiki iāʻoe ke hana i kēia HijackThis i kēia mea.
O12 - IE i? I
Pehea konaʻano:
O12 - Puni no .spop: C: \ Nā polokalamu polokalamu \ Pūnaewele polokalamu Internet NPDocBox.dll
O12 - Nalu no .DF: C: \ Nā Polokalamu Pūnaewele \ Internet Explorer PLUGINS \ nppdf32.dll
Pehea e hana ai:
ʻO ka hapanui o ka manawa he palekana. Hoʻokomo waleʻo OnFlow i kahi plugin i makemakeʻoleʻia (.ofb).
O13 - IE DefaultPrefix hijack
Pehea konaʻano:
O13 - DefaultPrefix: http://www.pixpox.com/cgi-bin/click.pl?url=
O13 - WWW Kakauwehe: http://prolivation.com/cgi-bin/r.cgi?
O13 - WWW. Prefix: http://ehttp.cc/?
Pehea e hana ai:
He hewa mau kēia. E hoʻokuʻu iā ia.
O14 - & # 39; Hoʻonohonoho i nā Pūnaewele Pūnaewele & # 39; hijack
Pehea konaʻano:
O14 - IERESET.INF: START_PAGE_URL = http: //www.searchalot.com
Pehea e hana ai:
Ināʻaʻole ka HKH i hāʻawi i kāu kamepiula aiʻole i kāu ISP, e hoʻokau iā HijackThis.
O15 - Nānā i kāpaeʻoleʻia ma kahi Pale Kūkulu
Pehea konaʻano:
O15 - Keleina Hoʻokele: http://free.aol.com
O15 - Keʻei i hilinaʻi: * .coolwebsearch.com
O15 - Keʻei i hilinaʻi: * .msn.com
Pehea e hana ai:
ʻO ka hapa nui o ka manawa wale nōʻo AOL a Coolwebsearch e hoʻokau ponoʻole i nā pūnaewele i kahi Paleʻoiaʻiʻo. Ināʻaʻoleʻoe i hoʻohui i ka inoa i kohoʻia i loko o ke kahuaʻoiaʻiʻo, e hoʻokō iā HijackThis.
O16 - AEXX AEX (aka ii iia iiaiiia i? Iaaiey i? A)
Pehea konaʻano:
O16 - DPF: Yahoo! Kōkua - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Hoʻopiha Flash Flash) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Pehea e hana ai:
Ināʻaʻoleʻoe e hōʻoia i ka inoa o ka mea, a iʻole ka HKH i kiʻiʻia mai, e hoʻokau iā HijackThis. Inā loaʻa i ka inoa a iʻole URL kekahi mau hua'ōlelo e like me 'dialer', 'casino', 'free_plugin' a pēlā, e hoʻopaʻa pono. Loaʻa i kahi polokalamu SpywareBlasterʻo Javacool kekahi kikowaena nui o nā mea ActiveX kino e hiki ke hoʻohanaʻia no ka nānāʻana iā CLSIDs. (E kāomi pono i ka papa inoa e hoʻohana ai i ka hana Find.)
O17 - Lop.com domain hijacks
Pehea konaʻano:
O17 - HKLM Pūnaewele CCS \ Services \ VxD MSTCP: Domain = aoldsl.net
O17 - HKLM Pūnaewele CCS \ Services \ Tcpip Nā Paʻina: Domain = W21944.find-quick.com
O17 - HKLM Software \ .. Telephony: DomainName = W21944.find-quick.com
O17 - HKLM Pūnaewele CCS \ Services \ Tcpip \ .. \ {D196AB38-4D1F-45C1-9108-46D367F19F7E}: Domain = W21944.find-quick.com
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Nä Paʻina: SearchList = gla.ac.uk
O17 - HKLM \ System \ CS1 \ Services \ VxD MSTCP: NameServer = 69.57.146.14,69.57.147.175
Pehea e hana ai:
Ināʻaʻole ka waihona mai kāu ISP aiʻole ka pūnaewele, e hoʻokau iā HijackThis. Pēlā nō ia no nā'elina 'SearchList'. No ka inoa 'NameServer' ( DNS servers ), Google no nā IP a iʻole IPs a he maʻalahi paha eʻike inā he maikaʻi a heʻino.
O18 - Nānā Hou a me nā hijackers protocol
Pehea konaʻano:
O18 - Halawai pili: relatedlinks - {5AB65DD4-01FB-44D5-9537-3767AB80F790} - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ MSIETS \ msielink.dll
O18 - Protocol: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82}
O18 - Hijack kaʻina: http - {66993893-61B8-47DC-B10D-21E0C86DD9C8}
Pehea e hana ai:
Aia wale nā mea hijackers i hōʻike aʻe maʻaneʻi. ʻO nā meaʻino iʻikeʻiaʻo 'cn' (CommonName), 'ayb' (Lop.com) a me nā 'pili pili' (Huntbar), pono iā HijackThis e hoʻopaʻa i nā. ʻO nā mea'ē aʻe e hōʻike aʻe neiʻaʻole i hōʻoiaʻia i ka manawa e palekana aiʻole ua kāohiʻia (ʻo ia hoʻi, ua loli ka CLSID) ma o spyware. I ka hopena hope, e hoʻokō iā HijackThis.
O19 - Ke kāʻeiʻokoʻa mea hoʻohana
Pehea konaʻano:
O19 - Pepa hoʻohana kanaka: c: \ WINDOWS \ Java \ my.css
Pehea e hana ai:
I ka wā o ka lohi pūnaewele a me nā popups pinepine, e hoʻokau iā HijackThis i kēia mea inā hōʻikeʻia ma ka log. Akā naʻe, no ka meaʻo Coolwebsearch wale nō i hana i kēia,ʻoi aku ka maikaʻi o ka hoʻohanaʻana iā CWShredder e hoʻoponopono.
O20 - AppInit_DLLs ka mana hana inoa inoa
Pehea konaʻano:
O20 - AppInit_DLLs: msconfd.dll
Pehea e hana ai:
ʻO kēia kelepona inoa ma HKEY_LOCAL_MACHINE Software \ Microsoft Windows NT \ CurrentVersion Windows e amo i DLL i ka manawa e hoʻopaʻa ai ka mea hoʻohana, a laila e hoʻomau i ka hoʻomanaʻo a hiki i ka'ōmole. Heʻuʻuku mau polokalamu pono e hoʻohana ai ia (Norton CleanSweep e hoʻohana ana i APITRAP.DLL), i ka manawa pinepine e hoʻohanaʻia e nā trojans a me nā hijackers hijacker.
Inā loaʻa kahi DLL 'hūnāʻia e hoʻouka ana mai kēia palapala Registry (ʻike waleʻia i ka hoʻohanaʻana i ka' Edit Binary Data 'koho ma Regedit) hiki ke hoʻokauʻia ka inoa dll me kahi paipa' | ' e hōʻike i kaʻike.
O21 - ShellServiceObjectDelayLoad
Pehea konaʻano:
O21 - SSODL - AUHOOK - {11566B38-955B-4549-930F-7B7482668782} - C: \ WINDOWS \ System \ auhook.dll
Pehea e hana ai:
He papa hana hoʻolālāʻole, i hoʻohanaʻia e kekahi mau kikowaena pūnaewele Windows. ʻO nā mea i heluʻia ma ka HKEY_LOCAL_MACHINE polokalamu polokalamu Microsoft Windows CurrentVersion ShellServiceObjectDelayLoad ke halihaliʻia e Explorer i ka hoʻomakaʻana o Windows. HijackThis hoʻohana nei i kahiʻoi o keʻano o nā mea SSODL maʻamau loa, no laila i ka manawa e hōʻikeʻia ai kekahi mea i ka log eʻikeʻoleʻia ai hiki paha i ka meaʻino. Hana me ka mālama nui.
O22 - SharedTaskScheduler
Pehea konaʻano:
O22 - SharedTaskScheduler: (no inoa) - {3F143C3A-1457-6CCA-03A7-7AA23B61E40F} - c: \ windows \ system32 \ mtwirl32.dll
Pehea e hana ai:
He mana kūponoʻole ia no Windows NT / 2000 / XP wale nō, kahi i hoʻohana nuiʻia. Loaʻa iā CWS.Smartfinder kahi hoʻohana wale. Hana me ka mālama.
O23 - NT Services
Pehea konaʻano:
O23 - Nānā: Kerio Personal Firewall (PersFw) - Kerio Technologies - C: \ Nā Pūnaehana Pūnaeweleʻo Kerio Personal Personal Firewall \ persfw.exe
Pehea e hana ai:
ʻO kēia ka mahele o nā lawelawe o Microsoft. Pono ka papa inoa e like me ka mea āu iʻike ai i ka pono o Msconfig o Windows XP. Ua hoʻohana kekahi mau mea hijackers i kahi lawelawe homema i ka hoʻokomoʻana i nā hoʻomaka'ē aʻe e hōʻano hou iā lākou iho. ʻO ka inoa piha ka mea nui-kaniʻana, e like me 'Network Security Service', 'Kekahana Logon Hana' a 'Ke Kahua Kōkua Kūlohelohe' paha, akāʻo ka inoa o loko (ma waena o nā pale) he kaula ia, e like me 'Ort'. ʻO ka hapa hope o ka laina ka mea nona ka file ma ka hopena, e like me ia iʻikeʻia ma nā'āpana o ka file.
Eʻike i ka hoʻoholoʻana i kahi mea O23 e hoʻopau wale i ka lawelawe a hoʻopau iā ia. Pono e holoiʻia ka lawelawe mai ka Registry me ka lima a me kahi mea hana'ē aʻe. Ma HijackThis 1.99.1 aʻoi paha, e hiki ke hoʻohana i ka pākuhi 'Mukau NT Service' ma ka māhele Misc Tools i kēia.