Kutanthauzira Chipika Cha Data Kuti Muthandize Chotsani Spyware ndi Osewera Osewera
Hijack Ichi ndi chida chaulere kuchokera ku Trend Micro. Linayambitsidwa ndi Merijn Bellekom, wophunzira ku Netherlands. Mapulogalamu a mapulogalamu a mapulogalamu a mapulogalamu aukazitape monga adaware kapena Spybot S & D amachita ntchito yabwino yozindikira ndi kuchotsa mapulogalamu ambiri a mapulogalamu a mapulogalamu a mapulogalamu a mapulogalamu aukazitape.
Zowonongekazi zinalembedwa makamaka kuti zithetse ndikuchotseratu ma-hijacks, kapena mapulogalamu omwe amatenga webusaiti yanu, akusintha tsamba lanu lakumbuyo ndi injini yosaka ndi zinthu zina zoipa. Mosiyana ndi mapulogalamu odana ndi mapulogalamu othawirana ndi mapulogalamu otere, HijackThis sagwiritsira ntchito zisindikizo kapena kulumikiza mapulogalamu kapena URL kuti azindikire ndi kuziletsa. M'malo mwake, HijackThis amayang'ana njira ndi njira zomwe zimagwiritsidwa ntchito ndi pulogalamu yowonongeka kuti iwononge dongosolo lanu ndikutsitsimutsa msakatuli wanu.
Sizinthu zonse zomwe zikupezeka mu HijackTigodi izi ndi zinthu zoipa ndipo siziyenera kuchotsedwa zonse. Ndipotu, zosiyana kwambiri. Zimatsimikiziridwa kuti zina mwazolemba zanu zojambulidwazi zidzakhala mapulogalamu ovomerezeka ndi kuchotsa zinthuzo zingasokoneze dongosolo lanu kapena kuti zisamatheke. Kugwiritsira ntchito HijackThis ndi zofanana ndi kukonzanso Windows Registry nokha. Sitikudziwa sayansi, koma simungachite izi popanda nzeru zina ngati simukudziwa zomwe mukuchita.
Mukayika HijackThis ndikuyitanitsa kuti mupange fayilo yamakalata, pali maofesi osiyanasiyana ndi malo omwe mungatumize kapena kutumiza deta yanu. Akatswiri omwe amadziwa zomwe angayang'ane akhoza kukuthandizani kufufuza deta yanu ndikukukulangizani kuti ndi zinthu ziti zomwe mungachotse ndi zomwe mungachoke nokha.
Kuti muwone mawonekedwe a HijackThis, mukhoza kupita ku tsamba lovomerezeka pa Trend Micro.
Pano pali kufotokoza mwachidule kwa zolemba za HijackThis zomwe mungagwiritse ntchito kudumpha pazomwe mukuyang'ana:
- R0, R1, R2, R3 - Internet Explorer Yambani / Fufuzani masamba a URL
- F0, F1 - Kutsegula pulogalamu
- N1, N2, N3, N4 - Netscape / Mozilla Masamba / Tsamba la Ma URL
- O1 - Othandizira amawombera
- O2 - Zinthu Zothandizira Wotsatsira
- O3 - Intaneti Explorer toolbar
- O4 - Kutumiza pulogalamu zochokera ku Registry
- O5 - IE Options chithunzi sichiwoneka ku Pulogalamu Yoyang'anira
- O6 - IE Njira zowonjezera zoletsedwa ndi Administrator
- O7 - Regedit mwayi woletsedwa ndi Administrator
- O8 - Zowonjezerapo mu IE pomwe-dinani menyu
- O9 - Mabatani Owonjezera pazitsulo zazikulu za IE, kapena zowonjezera ku IE 'Zida' menyu
- O10 - Winsock wakuba
- O11 - Gulu lapadera mu IE 'Njira Zowonjezera' zenera
- O12-IE mapulagini
- O13 - IE DefaultPrefix hijack
- O14 - 'Bweretsani majambulo a Webusaiti'
- O15 - Malo osayenera ku Malo Okhulupilika
- O16 - ActiveX Objects (akawotchedwa Program Files)
- O17 - achifwamba a Lop.com
- O18 - Mitundu yowonjezereka ndi olanda anzawo
- O19 - Nsalu yowonjezera mafilimu
- O20 - AppInit_DLLs Registry value authoriun
- O21 - ShellServiceObjectDelayLoad Registry key autorun
- O22 - SharedTaskScheruler Registry key autorun
- O23 - Mapulogalamu a Windows NT
R0, R1, R2, R3 - IE Yambani ndi Fufuzani masamba
Zomwe zimawoneka:
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.com/
R1 - HKLM \ Software \ Microsoft \ InternetExplorer \ Main, Default_Page_URL = http://www.google.com/
R2 - (mtundu uwu sugwiritsidwa ntchito ndi HijackThis pano)
R3 - Default URLSearchHook ikusowa
Zoyenera kuchita:
Ngati muzindikira URL pamapeto monga tsamba lanu loyamba kapena injini yosaka, ndibwino. Ngati simutero, fufuzani ndikugwiritsira ntchito HijackTisintha. Kwa zinthu R3, nthawi zonse muzikonzekera pokhapokha zitatchula pulogalamu yomwe mumayidziwa, monga Copernic.
F0, F1, F2, F3 - Kutsegula pulogalamu kuchokera ku INI mafayilo
Zomwe zimawoneka:
F0 - system.ini: Shell = Explorer.exe Openme.exe
F1 - win.ini: run = yotsatiridwa
Zoyenera kuchita:
Zinthu F0 ndizoipa nthawi zonse, kotero zithetsani. Zinthu za F1 kawirikawiri ndi mapulogalamu akale omwe ali otetezeka, choncho muyenera kupeza zambiri pa dzina la fayilo kuti muwone ngati zili zabwino kapena zoipa. Pulogalamu ya Poyambira ya Pacman ingathandize podziwa chinthu.
N1, N2, N3, N4 - Netscape / Mozilla Yambani & amp; Sakani tsamba
Zomwe zimawoneka:
N1 - Netscape 4: user_pref "msakatuli.startup.homepage", "www.google.com"); (C: \ Program Files \ Netscape \ Ogwiritsa \ default \ prefs.js)
N2 - Netscape 6: user_pref ("browser.startup.homepage", "http://www.google.com"); (C: \ Documents ndi Settings \ User \ Application Data \ Mozilla \ Profiles \ defaulto9t1tfl.slt \ prefs.js)
N2 - Netscape 6: user_pref ("browser.search.defaultengine", "engine: //C%3A%5CProgram%20Files%5CNetscape%206%5Csearchplugins%5CSBWeb_02.src"); (C: \ Documents ndi Settings \ User \ Application Data \ Mozilla \ Profiles \ defaulto9t1tfl.slt \ prefs.js)
Zoyenera kuchita:
Kawirikawiri Tsamba la Netscape ndi Mozilla ndi tsamba lofufuzira liri lotetezeka. Nthawi zambiri samangotengedwa, Lop.com yekhayo amadziwika kuti amachita izi. Muyenera kuwona URL yomwe simukuidziwa ngati tsamba lanu loyamba kapena tsamba lofufuzira.
O1 - Akuthandizira kukonzanso
Zomwe zimawoneka:
O1 - Othandizira: 216.177.73.139 auto.search.msn.com
O1 - Othandizira: 216.177.73.139 search.netscape.com
O1 - Othandiza: 216.177.73.139
Oxy - Oyikira maofesi ali pa C: \ Windows \ Help \ makamu
Zoyenera kuchita:
Kuthamanga uku kudzatumizira adilesi kumanja ku adilesi ya IP kumanzere. Ngati IP siili ya adiresi, mudzatulutsidwa ku malo olakwika nthawi iliyonse mukalowa mu adiresi. Mukhoza kukhala ndi HijackThis nthawi zonse, pokhapokha mutayika mzere mndandanda wa mafayilo anu.
Chinthu chotsiriza nthawi zina chimapezeka pa Windows 2000 / XP ndi matenda a Coolwebsearch. Nthawi zonse konzekerani chinthu ichi, kapena CWShredder azikonzekere izo.
O2 - Zinthu Zothandizira Wotsatsira
Zomwe zimawoneka:
O2 - BHO: Yahoo! BHO Bwenzi - {13F537F0-AF09-11d6-9029-0002B31F9E59} - C: \ MAFUNSO A PROGRAM \ YAHOO! \ COMPANION \ YCOMP5_0_2_4.DLL
O2 - BHO: (palibe dzina) - {1A214F62-47A7-4CA3-9D00-95A3965A8B4A} - C: \ PROGRAM FILES \ POPUP OTHANDIZA \ AUTODISPLAY401.DLL (fayikira kusowa)
O2 - BHO: MediaLoads Kulimbitsa - {85A702BA-EA8F-4B83-AA07-07A5186ACD7E} - C: \ MAFUNSO A NTCHITO / NTCHITO ZOTHANDIZA / ZOTHANDIZA ZOTHANDIZA \ ME1.DLL
Zoyenera kuchita:
Ngati simukudziwa mwachindunji dzina la Othandizira Wotsitsi, gwiritsani ntchito Orodha ya BHO & Toolbar ya TonyK kuti muipeze ndi kalasi ya ID (CLSID, chiwerengero pakati pa mabakiketi) ndipo muwone ngati zili zabwino kapena zoipa. M'ndandanda wa BHO, 'X' amatanthauza mapulogalamu aukazitape ndi 'L' amatetezedwa.
O3-IE zida zamatabwa
Zomwe zimawoneka:
O3 - Chida: & Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C: \ MAFUNSO A PROGRAMS \ YAHOO! \ COMPANION \ YCOMP5_0_2_4.DLL
O3 - Zida: Zowonongeka Zowonongeka - {86BCA93E-457B-4054-AFB0-E428DA1563E1} - C: \ PROGRAM FILES \ POPUP YOPHUNZITSIRA \ PETOOLBAR401.DLL (ikani kusowa)
O3 - Zida: rzillcgthjx - {5996aaf3-5c08-44a9-ac12-1843fd03df0a} - C: \ WINDOWS \ APPLICATION DATA \ CKSTPRLLNQUL.DLL
Zoyenera kuchita:
Ngati simukudziwa mwachindunji dzina la mthunzi, gwiritsani ntchito Orodha ya BHO & Toolbar ya TonyK kuti muipeze ndi kalasi ya ID (CLSID, chiwerengero pakati pa mabakiketi) ndikuwone ngati zili zabwino kapena zoipa. M'ndandanda wa Toolbar, 'X' amatanthauza mapulogalamu aukazitape ndi 'L' amatetezedwa. Ngati siziri pandandanda ndipo dzina likuwoneka kuti ndi losavuta ndipo ma fayilo ali mu fayilo ya 'Application Data' (monga yotsiriza mu zitsanzo pamwamba), mwina Lop.com, ndipo mwinamwake muyenera kukhala HijackThis fix izo.
O4 - Kutsegula pulogalamu pamagulu a Registry kapena Startup
Zomwe zimawoneka:
O4 - HKLM \ .. \ Thamani: [ScanRegistry] C: \ WINDOWS \ scanregw.exe / autorun
O4 - HKLM \ .. \ Thamani: [SystemTray] SysTray.Exe
O4 - HKLM \ .. \ Thamani: [ccApp] "C: \ Program Files \ Common Files \ Symantec Gared \ ccApp.exe"
O4 - Kuyamba: Microsoft Office.lnk = C: \ Program Files \ Microsoft Office \ Office \ OSA9.EXE
O4 - Kuyamba Padziko lonse: winlogon.exe
Zoyenera kuchita:
Gwiritsani ntchito List Of Startup List kuti mupeze cholowera ndikuwona ngati ndi zabwino kapena zoipa.
Ngati chinthucho chikuwonetsa pulogalamu yakukhala mu gulu loyamba (monga chinthu chotsiriza pamwambapa), HijackThis sangathe kukonza chinthu ngati pulogalamuyi ikadali kukumbukira. Gwiritsani ntchito Windows Task Manager (TASKMGR.EXE) kutseka ndondomekoyi musanakonze.
O5 - IE Zosankha siziwoneka mu Panja Yoyang'anira
Zomwe zimawoneka:
O5 - control.ini: inetcpl.cpl = ayi
Zoyenera kuchita:
Pokhapokha ngati inu kapena woyang'anira wanu mwabisala chithunzichi kuchokera ku Pulogalamu Yowonjezera, chitani HijackThis isinthe.
O6 - IE Njira zowonjezera zoletsedwa ndi Administrator
Zomwe zimawoneka:
O6 - HKCU \ Software \ Ndondomeko \ Microsoft \ Internet Explorer \ Zolinga zilipo
Zoyenera kuchita:
Pokhapokha mutakhala ndi chingwe cha S & D Chotsatira 'Chotsani tsamba lochokera kunyumba' kusintha, kapena otsogolera anu akuyika izi, chitani izi Zosintha izi.
O7 - Regedit mwayi woletsedwa ndi Administrator
Zomwe zimawoneka:
O7 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Malangizo \ System, DisableRegedit = 1
Zoyenera kuchita:
Nthawi zonse mukhale ndi HijackThis fix this, pokhapokha wanu dongosolo woyang'anira anaika choletsedwa m'malo.
O8 - Zowonjezerapo mu IE pomwe-dinani menyu
Zomwe zimawoneka:
O8 - Zowonjezerapo zazomwe zilipo menyu: & Google Search - res: // C: \ WINDOWS \ DOWNLOADED MAFUNSO A PROGRAMS \ GOOGLETOOLBAR_EN_1.1.68-DELEON.DLL / cmsearch.html
O8 - Zowonjezerapo zojambula zamkatimu: Yahoo! Fufuzani - fayilo: /// C: \ Program Files \ Yahoo! \ Common / ycsrch.htm
O8 - Zowonjezerapo zochitika zamkati menyu: Zoom & In - C: \ WINDOWS \ WEB \ zoomin.htm
O8 - Zowonjezerapo zazomwe zilipo menyu: Yambitsani O & ut - C: \ WINDOWS \ WEB \ zoomout.htm
Zoyenera kuchita:
Ngati simukudziƔa dzina la chinthucho pododometsa pomwepo mu IE, chitani HijackTzikonze.
O9 - Makina owonjezera pa barabu wamkulu a IE, kapena zinthu zina mu IE & # 39; Zida & # 39; menyu
Zomwe zimawoneka:
O9 - Bulu lowonjezera: Messenger (HKLM)
O9 - Mndandanda wa Zowonjezera 'Zida': Mtumiki (HKLM)
O9 - Bulu lowonjezera: AIM (HKLM)
Zoyenera kuchita:
Ngati simukudziwa dzina la batani kapena chinthu cha menyu, chitani HijackThis chikonzekere.
O10 - Winsock achidakwa
Zomwe zimawoneka:
O10 - Kugonjetsedwa kwa intaneti ndi New.Net
O10 - Kutsegula pa Intaneti chifukwa cha LSP provider 'c: \ progra ~ 1 \ common ~ 2 \ toolbar \ cnmib.dll' kusowa
O10 - Fayilo losadziwika ku Winsock LSP: c: \ program files \ newton amadziwa \ vmain.dll
Zoyenera kuchita:
Ndi bwino kukonza izi pogwiritsa ntchito LSPFix kuchokera ku Cexx.org, kapena Spybot S & D kuchokera ku Kolla.de.
Dziwani kuti mafayilo osadziwika mu stack LSP sadzasinthidwa ndi Mauthenga, chifukwa cha chitetezo.
O11 - Gulu lapadera mu IE & # 39; Zosintha Zapamwamba & # 39; zenera
Zomwe zimawoneka:
O11 - Zosankha gulu: [CommonName] CommonName
Zoyenera kuchita:
Chowombera chokhacho monga cha tsopano chimene chimapanga gulu lazochita ku IE Advanced Options window ndi CommonName. Kotero inu mukhoza nthawizonse kukhala ndi HijackThis kukonza izi.
O12-IE mapulagini
Zomwe zimawoneka:
O12 - Plugin ya .spop: C: \ Program Files \ Internet Explorer \ Plugins \ NPDocBox.dll
O12 - Plugin ya .PDF: C: \ Program Files \ Internet Explorer \ PLUGINS \ nppdf32.dll
Zoyenera kuchita:
Nthawi zambiri izi ndi zotetezeka. Only Onlow akuwonjezera pulogalamu apa yomwe simukufuna (.ofb).
O13 - IE DefaultPrefix hijack
Zomwe zimawoneka:
O13 - DefaultPrefix: http://www.pixpox.com/cgi-bin/click.pl?url=
O13 - WWW Prefix: http://prolivation.com/cgi-bin/r.cgi?
O13 - WWW. Choyamba: http://ehttp.cc/?
Zoyenera kuchita:
Izi ndi zoipa nthawi zonse. Khalani ndi HijackThintheni iwo.
O14 - & # 39; Bweretsani Mawonekedwe Webusaiti & # 39; kunyumba
Zomwe zimawoneka:
O14 - IERESET.INF: START_PAGE_URL = http: //www.searchalot.com
Zoyenera kuchita:
Ngati URL siyimapereka kompyuta yanu kapena ISP yanu, chitani HijackThis chikonzekere.
O15 - Malo osayenera ku Malo Okhulupilika
Zomwe zimawoneka:
Malo O15 Okhulupilika: http://free.aol.com
Malo O15 Okhulupilika: * .coolwebsearch.com
Malo O15 Okhulupilika: * .msn.com
Zoyenera kuchita:
Nthawi zambiri ndi AOL ndi Coolwebsearch okha omwe amawonjezera malo ku Malo Okhulupilika. Ngati simunapange dera loyikidwa ku Trusted Zone mwiniwake, chitani HijackThis chikonzeke.
O16 - ActiveX Objects (akawotchedwa Program Files)
Zomwe zimawoneka:
O16 - DPF: Yahoo! Kukambirana - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Zoyenera kuchita:
Ngati simukudziƔa dzina la chinthucho, kapena URL yomwe idasulidwa kuchokera, yambani kuikonza. Ngati dzina kapena URL ili ndi mawu ngati 'dialer', 'casino', 'free_plugin' etc, ndithudi konzani. SpywareBlaster ya Javacool ili ndi deta yaikulu ya ActiveX zinthu zomwe zingagwiritsidwe ntchito poyang'ana CLSID. (Dinani pakanomwe mndandanda kuti mugwiritse ntchito Fufuzani.)
O17 - domain Lop.com yolemba
Zomwe zimawoneka:
O17 - HKLM \ System \ CCS \ Huduma \ VxD \ MSTCP: Domain = aoldsl.net
O17 - HKLM \ System \ CCS \ Huduma \ Tcpip \ Parameters: Domain = W21944.find-quick.com
O17 - HKLM \ Software \ .. \ Telephony: DomainName = W21944.find-quick.com
O17 - HKLM \ System \ CCS \ Huduma \ Tcpip \ .. \ {D196AB38-4D1F-45C1-9108-46D367F19F7E}: Domain = W21944.find-quick.com
O17 - HKLM \ System \ CS1 \ Huduma \ Tcpip \ Parameters: SearchList = gla.ac.uk
O17 - HKLM \ System \ CS1 \ Huduma \ VxD \ MSTCP: NameServer = 69.57.146.14,69.57.147.175
Zoyenera kuchita:
Ngati malowa sali ochokera ku ISP kapena makanema a kampani yanu, chitani HijackThis chikonzekere. Zomwezo zimaphatikizapo zolembera za 'SearchList'. Kwa 'NameServer' ( ma DNS server ) kulowa, Google pa IP kapena IPs ndipo zidzakhala zosavuta kuona ngati zili zabwino kapena zoipa.
O18 - Mitundu yowonjezereka ndi olanda anzawo
Zomwe zimawoneka:
O18 - Protocol: relatedlinks - {5AB65DD4-01FB-44D5-9537-3767AB80F790} - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ MSIETS \ msielink.dll
O18 - Protocol: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82}
O18 - Kuthamangitsa Pulogalamu: http - {66993893-61B8-47DC-B10D-21E0C86DD9C8}
Zoyenera kuchita:
Otsalana ochepa chabe amasonyeza apa. Baddies odziwika ndi 'cn' (CommonName), 'ayb' (Lop.com) ndi 'relatedlinks' (Huntbar), muyenera kukhala ndi Hijack Izi zimakonza izo. Zinthu zina zomwe zikuwonetsedwa sizimatetezedwa komabe, kapena zimagwidwa (ie CLSID zasinthidwa) ndi mapulogalamu awonele. Mu nkhani yomaliza, khalani ndi HijackThis kukonza izo.
O19 - Nsalu yowonjezera mafilimu
Zomwe zimawoneka:
O19 - Chipepala chogwiritsa ntchito: c: \ WINDOWS \ Java \ my.css
Zoyenera kuchita:
Pankhani ya osatsegula kusinthasintha komanso popups, khalani HijackThis kukonza chinthu ichi ngati zikuwonetsera mu logi. Komabe, popeza Coolwebsearch amachititsa izi, ndibwino kugwiritsa ntchito CWShredder kukonza.
O20 - AppInit_DLLs Registry value authoriun
Zomwe zimawoneka:
O20 - AppInit_DLLs: msconfd.dll
Zoyenera kuchita:
Mtengo uwu wa Registry uli pa HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Windows imayendetsa DLL kukumbukira pamene wogwiritsa ntchitoyo amatha kukumbukira mpaka pomwepo. Mapulogalamu ochepa chabe omwe amagwiritsidwa ntchito (Norton CleanSweep amagwiritsa ntchito APITRAP.DLL), nthawi zambiri amagwiritsidwa ntchito ndi trojans kapena otsegula osokoneza.
Ngati 'DLL' yobisika kuchokera ku chiwerengero cha Registry (chowonekera poyang'ana pa "Kusintha Binary Data" mu Regedit) dzina loti likhoza kutsogolo ndi chitoliro '|' kuti ziwoneke muzenera.
O21 - ShellServiceObjectDelayLoad
Zomwe zimawoneka:
O21 - SSODL - AUHOOK - {11566B38-955B-4549-930F-7B7482668782} - C: \ WINDOWS \ System \ auhook.dll
Zoyenera kuchita:
Imeneyi ndi njira yovomerezeka yovomerezeka, yomwe imagwiritsidwa ntchito ndi zigawo zingapo za Windows. Zinthu zomwe zalembedwa pa HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ ShellServiceObjectDelayLoad zimatengedwa ndi Explorer pamene Windows ikuyamba. Kuthamanga Kumagwiritsa ntchito whitelist ya angapo zinthu SSODL zinthu, choncho nthawi iliyonse chinthu chikuwonetsedwa mu logi sichidziwika ndipo mwina zoipa. Muzichita zinthu mosamala kwambiri.
O22 - SharedTaskScheduler
Zomwe zimawoneka:
O22 - SharedTaskScheduler: (palibe dzina) - {3F143C3A-1457-6CCA-03A7-7AA23B61E40F} - c: \ windows \ system32 \ mtwirl32.dll
Zoyenera kuchita:
Ichi ndi permunidun autorun for Windows NT / 2000 / XP yokha, yomwe imagwiritsidwa ntchito kawirikawiri. Pakalipano CWS.Smartfinder imagwiritsa ntchito izo. Athandizeni mosamala.
Mapulogalamu a O23 - NT
Zomwe zimawoneka:
O23 - Utumiki: Kerio Personal Firewall (PersFw) - Kerio Technologies - C: \ Program Files \ Kerio \ Personal Firewall \ persfw.exe
Zoyenera kuchita:
Uwu ndiwo mndandanda wa maofesi omwe si a Microsoft. Mndandandawu uyenera kukhala wofanana ndi womwe mumawona Msconfig ntchito ya Windows XP. Anthu ambiri ogwiritsa ntchito pajambuga amagwiritsa ntchito ntchito yokonza zokhazokha kuti ayambe kudziyesa okha. Dzina loyera nthawi zambiri limakhala lofunika, monga 'Network Security Service', 'Workstation Logon Service' kapena 'Remote Procedure Call Helper', koma dzina lamkati (pakati pa mabakata) ndilo chingwe cha zinyalala, monga 'Ort'. Gawo lachiwiri la mzere ndi mwiniwake wa fayilo pamapeto, monga momwe tawonera m'mafayilo.
Dziwani kuti kukonza chinthu cha O23 kungoimitsa msonkhano ndikuchiletsa. Utumiki uyenera kuchotsedwa ku Registry pamanja kapena ndi chida china. Mu HijackThis 1.99.1 kapena apamwamba, batani 'Delete NT Service' mu gawo la Zida Zingatheke kugwiritsidwa ntchito pa izi.