A sword to seal the throat: Use the system permission method to clear dll Trojans

This article is a simple expert. You can refer to this article for more information.

I believe everyone is very familiar with Dll Trojans. It is indeed a very hateful guy. Wait for a normal process, so you can't find it. Even if you find it, it's hard to clear it, because a normal process is calling it.

I use mcafee Anti-Virus Software. For example, it now reports

Defds. dll: C: Documents and SettingsAdministratorLocal Settings Temp defds. dll deletion failed

Fdgeg.com: C: Windowsimefdgeg.com failed to be deleted.

So we can know about defds. dll should be a dll Trojan. We can view the system process through the ice blade icesword and find the process that calls the dll file. For example, we can try to terminate the daemon worker of the process and re-enable it.

Now we can: My computer ----- tool ---- folder option ----- view the hook for removing "simple file sharing" under the Advanced Settings option (my computer is an XP operating system, NTFS disk format)

Then go to C: windo0wsime right-click fdgeg.com and select properties. In properties, select "security" and click "advanced". In the displayed window, "inherit from the parent item the permission items that can be applied to sub-objects, including those clearly defined items that are not selected, click Delete in the pop-up window, and then click OK ". In this way, no user can make fdgeg.com work.

Use iceswordto stop notepad.exe and delete defds in C: Documents and SettingsAdministratorLocal Settings Temp. dll and then to C: right-click fdgeg.com in Windowsime and select "security" and click "advanced" in properties. In the pop-up window, select "inherit from parent project permissions that can be applied to sub-objects, include those projects that are clearly defined here, and delete them.

Finally, do not forget to delete the dll Trojan in the startup Item of the Registry.

In this way, we will completely remove this nasty dll Trojan from our computer.