New tutorial Trojan defense full strategy

Check Registry

Has your computer been installed with a Trojan? How to detect?

1) check the registry.

Check all the key-value names starting with "Run" under HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curren Version and HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion, and whether there are any suspicious file names. If yes, you need to delete the corresponding key value and then delete the corresponding application.

2) Check the Startup Group.

Trojans hidden in the startup group are not very concealed, but they are indeed a good place to automatically load and run. Therefore, Trojans prefer to reside here. The folder corresponding to the startup Group is C: \ windows \ start menu \ programs \ startup, and the location in the registry is: HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Shell Folders Startup = "C: \ windows \ start menu \ programs \ startup ". Check these two locations frequently!

3) Win. ini and System. ini are also hidden places for Trojans.

The trojan is also a good place to load Trojans, so pay attention to it. When you see this: shelljavaser.exe wind0ws.exe, please refer to the wind0ws.exe program as a Trojan server! Check it out.

4) Check C: \ windows \ winstart. bat, C: \ windows \ wininit. ini, and Autoexec. bat. Trojans may also be hidden there.

Trojan mechanism Principle

5) if the EXE file is started, run the program to check whether the trojan is loaded into memory and whether the port is opened. If yes, it means either the file starts the trojan program or the file is bound with the trojan program, so you have to find another program and reinstall it.

6) there is a way to start a trojan. It only starts in a specific situation. So pay more attention to your port and check the running program, it should be okay to use this to monitor most Trojans.

2. There are already some specialized Trojan removing software. In the new Skynet firewall, the powerful Trojan clearing function is bound. The general principle of the Trojan clearing Mechanism is as follows:

1) detect trojans.

2) Find the trojan Startup File. Generally, the location of the Trojan file can be found in the Registry and files related to system startup.

3) Delete the trojan file and delete information about the trojan in the registry or System Startup File.

However, for some very slippery Trojans, these measures cannot be found out. Now, the trojan detection method is nothing more than network connection and viewing system processes. In fact, some well-skilled Trojan compilers can reasonably hide communications and processes to make it difficult to detect trojans.
Trojan prevention tools

3. Trojan prevention tools.

There are many defense Trojan tools. Please install one to improve the security of your computer. The following lists several common preventive tools. You can use various search engines to find information about them, such as functions and usage.

1) Skynet Personal Edition Firewall

2) Norton Personal Firewall

3) the cleaner)

4) BlackICE: blocks hackers' claws

5) Anti-hacker LockDown 2000

6) cut down the computer's Black Hand (lockdown)

7) ZoneAlarm