Gano hanyoyin tafiyar Windows don ƙwayoyin cuta da barazana a CrowdInspect

Yawancin umarni game da cire Adware, Malware da wasu kayan da ba'a so ba daga kwamfutarka sun ƙunshi abu a kan bukatar buƙatar tafiyar matakai Windows don kasancewar masu shakka a cikin su bayan amfani da kayan aikin cirewa ta atomatik. Duk da haka, ba sauki ba ne don sanya shi ga mai amfani ba tare da kwarewar kwarewa ba tare da tsarin aiki - jerin jerin shirye-shiryen da aka kashe a cikin mai gudanarwa na iya gaya masa kadan.

Mai amfani kyauta CrowdStrike CrowdInspect, wanda aka tsara musamman don wannan dalili, wanda za'a tattauna a cikin wannan bita, zai iya taimakawa duba da kuma nazarin tafiyar matakai na Windows 10, 8 da Windows 7 da XP. Duba kuma: Yadda za a rabu da talla (AdWare) a cikin mai bincike.

Yin amfani da CrowdInspect don nazarin tafiyar matakai Windows

CrowdInspect ba ya buƙatar shigarwa a kan kwamfuta kuma yana da wani .zip archive tare da guda executable fayil crowdinspect.exe, wanda a farawa iya ƙirƙirar wani fayil ga tsarin 64-bit Windows. Shirin zai buƙaci haɗin Intanet.

A lokacin da ka fara, zaka buƙatar karɓar kalmomin yarjejeniyar lasisi tare da button Accept, kuma a cikin taga mai zuwa, idan ya cancanta, saita haɗin kai tare da sabis na duba labaran cutar VirusTotal (kuma, idan ya cancanta, musaki aikawa da fayilolin da ba a sani ba a wannan sabis, "Sanya fayilolin da ba a sani ba").

Bayan danna "Ok" don ɗan gajeren lokaci, CrowdStrike Falcon ya biya asusun kare kariya ta bude, sannan kuma babban taga na CrowdInspect tare da jerin tafiyar matakai da ke gudana a Windows da kuma bayanai masu amfani game da su.

Da farko, bayani akan ginshiƙan mahimmanci a CrowdInspect

  • Tsarin aiki Sunan - sunan tsari. Hakanan zaka iya nuna cikakken hanyoyi zuwa fayilolin da ake aiwatarwa ta danna maɓallin "Full Path" a cikin babban shirin menu.
  • Shiga - duba tsarin aiwatar da ingancin code (a wasu lokuta, na iya nuna kyakkyawan sakamako ga riga-kafi). Idan an yi la'akari da barazana, ana nuna alamar murmushi guda biyu da alamar ja.
  • VT ko HA - sakamakon sakamakon duba fayilolin tsari a cikin VirusTotal (kashi ya dace da kashi na rigar rigakafin da ke dauke da shi). Sabuwar fitarwa tana nuna halayen HA, kuma ana yin nazari ta yin amfani da sabis na Intanet ta Hybrid Analysis (yiwu ya fi dacewa da VirusTotal).
  • Mhr - Sakamakon tabbatarwa a cikin kamfanin Cymru Malware Hash Repository (wani bayanan ajiya na ƙwarewar malware). Nuna alamar ja da alamar mamaki guda biyu idan akwai tsarin hash a cikin database.
  • WOT - lokacin da tsari ya haɗa da shafukan yanar gizo da kuma saitunan intanit, sakamakon sakamakon duba wadannan sabobin a cikin yanar gizo na Ofishin Shafin yanar gizo.

Sauran ginshiƙan sun ƙunshi bayani game da haɗin Intanit da aka kafa ta hanyar tsari: nau'in haɗi, matsayi, lambobin tashar jiragen ruwa, adireshin IP na gida, adireshin IP mai nisa, da wakilcin DNS na wannan adireshin.

Lura: Za ka iya lura cewa ana nuna shafin yanar gizo daya a matsayin saiti na tafiyarwa ko fiye a CrowdInspect. Dalilin haka shi ne cewa an rarraba layi don kowane haɗin da aka kafa ta hanyar tsari guda ɗaya (kuma wani shafin yanar gizon yanar gizon da aka bude a cikin wani bincike yana sa ka haɗi zuwa sabobin da dama akan intanet a lokaci daya). Zaka iya musaki irin wannan nuni ta dakatar da maɓallin TCP da UDP a cikin menu na saman menu.

Sauran abubuwan menu da kuma sarrafawa:

  • Live / Tarihi - ƙaddamar da yanayin nunawa (a ainihin lokacin ko lissafin da aka fara farawa kowane tsari).
  • Dakatar - sanya tarin bayanai akan dakatarwa.
  • Kashe Tsarin aiki - kammala tsari da aka zaɓa.
  • Kusa Tcp - ƙare tashar TCP / IP don tsari.
  • Properties - bude daidaitattun Windows taga tare da kaddarorin tsarin aiwatarwa.
  • VT Sakamako - bude taga tare da sakamakon binciken a cikin VirusTotal da kuma hanyar haɗi zuwa sakamakon binciken akan shafin.
  • Kwafi Duk - Kwafi duk bayanan da aka ba da labarin game da matakai na aiki a cikin allo.
  • Har ila yau, ga kowane tsari a kan maɓallin linzamin linzamin kwamfuta, menu mai mahimmanci da ayyuka na asali yana samuwa.

Na yarda cewa mafi yawan masu amfani da kwarewa har zuwa yau sunyi tunani: "kayan aiki mai mahimmanci", kuma wadanda suka fara shiga ba su fahimci yadda ake amfani da shi ba kuma yadda za a iya amfani dashi. Abin da ya sa ke da ɗan gajeren lokaci kuma yana da sauki kamar yadda zai yiwu don farawa:

  1. Idan kunyi zaton wani mummunan abu yana faruwa a kwamfutarka, da kuma riga-kafi da kayan aiki kamar AdwCleaner sun riga sun kori kwamfutarka (duba kayan aiki mafi kyau daga malware), za ka iya duba Crowd Inspect kuma ka gani idan akwai wasu shirye-shiryen bidiyo masu ban mamaki a cikin windows.
  2. Dole ne muyi la'akari da matakai masu ban sha'awa tare da alamar ja tare da babban kashi a cikin sakon VT da (ko) alama mai ja a cikin layin MHR. Kuna da wuya ku sadu da gumakan ja a cikin Inject, amma idan kun gan shi, ku kula.
  3. Abin da za a yi idan tsarin ya kasance m: ga sakamakonsa a VirusTotal ta danna maballin VT Results, sa'an nan kuma danna mahaɗin tare da sakamakon binciken maɓallin riga-kafi. Kuna iya gwada ƙoƙarin neman sunan fayil a intanit - ana magana akan barazanar yau da kullum akan shafuka da shafukan talla.
  4. Idan sakamakon ya ƙaddamar da cewa fayil ɗin yana da mummunan aiki, kokarin cire shi daga farawa, cire shirin da wannan tsari ya shafi kuma amfani da wasu hanyoyi don kawar da wannan barazanar.

Lura: Ka tuna cewa daga ra'ayi da yawa na rigar riga-kafi, "shirye-shiryen saukewa" da kuma kayan aikin da aka sani a kasarmu na iya kasancewa maras tabbatattun kayan aiki wanda za'a nuna a cikin ginshiƙan VT da / ko MHR na Crowd Inspect Utility. Duk da haka, wannan ba dole ba ne cewa suna da haɗari - kowane al'amari ya kamata a yi la'akari da shi.

Crowd Inspect za a iya sauke shi kyauta daga shafin yanar gizon yanar gizo //www.crowdstrike.com/resources/community-tools/crowdinspect-tool/ (bayan danna maballin saukewa, kana buƙatar karɓar lasisin lasisi a shafi na gaba ta danna Dan karɓa don fara saukewa). Har ila yau, masu amfani: Best antivirus kyauta don Windows 10, 8 da kuma Windows 7.