Trojan virus detection, removal, prevention skills

1. Has your computer been installed on a Trojan horse? How to detect?

1) Check the registration form.

Look at Hkey_local_machinesoftwaremicrosoftwindowscurrenversion and Hkey_current_. Under Usersoftwaremicrosoftwindowscurrentversion, all the key value names that begin with "Run" have a suspicious filename under it. If so, you need to delete the corresponding key values, and then delete the appropriate application.

2) Check the Startup group.

Trojan if hidden in the startup group although not very covert, but here is really a good place to load the operation, so there are Trojans like to reside here. The folder for the Startup group is: C:windowsstartmenuprogramsstartup, location in the registry: Hkey_current_ Usersoftwaremicrosoftwindowscurrentversionexplorershellfolders startup= "C:windowsstartmenuprogramsstartup". Be careful to check these two places regularly!

3 Win.ini and System.ini are also the hidden places like the Trojan Horse, pay attention to these places.

For example, the load and run behind the Win.ini [Windows] section are normally not programmed to follow, and if so, be careful to see what it is; shell= in System.ini's [boot] section Explorer.exe is also a good place to load the Trojan, so also pay attention to here. When you see become like this: Shell=explorer.exewind0ws.exe, please note that the Wind0ws.exe is very likely the Trojan server program! Check it out soon.

4) Check C:windowswinstart.bat, C:windowswininit.ini, Autoexec.bat. The Trojans are also likely to be hidden there.

5 If the exe file is started, then run this program to see whether the Trojan is loaded into memory, the port is open. If so, then the file is either the start of the Trojan horse program, or the file bundled with a Trojan horse program, had to find another such program, reinstall it.

6 Trojans have a way to start, it is only in a specific case to start, so, usually pay more attention to your port, check the running procedures, use this to monitor most of the Trojan should be no problem.

2. There are already some special removal of Trojan software, in the new Skynet firewall bundled with a powerful Trojan removal function, clear the general mechanism of the Trojan Horse is mainly:

1) Detection Trojan.

2 to find the Trojan boot file, generally in the registry and the system startup related files can find the location of the Trojan file.

3 Delete the Trojan file and delete the information about the Trojan in the registry or system startup file.

But for some very cunning slippery Trojan, these measures are unable to find out, now the means of detection Trojan is nothing but through the network to connect and view system process, in fact, some skilled Trojan horse can completely through reasonable hidden communication and process make Trojan difficult to be detected.

3. Trojan Prevention Tools

There are many Trojan horse tools, please be sure to install one to improve the security of your computer. Here are a few common prevention tools that you can use to find information about them, such as features, usage, etc.

1 Skynet personal version of the firewall

2 Norton Personal Firewall

3 "Trojan" Killer (The Cleaner)

4) BlackICE: Block the claws of hackers

5) Anti-Black master Lockdown 2000

6) Cut off the hand that reaches the computer (lockdown)

7) ZoneAlarm