Killing Trojan (original)
Judging the suspicious port
Run the CMD, command Netstat -an, normal ports are generally: 21, 23, 25, 80, 1025, 4000, etc. Trojan's port number is generally relatively large, and very special. For example: the port of the ice is
7626, the black hole 2001 port is 2001, the port of the online bull is 234444, etc. If there is a suspicious port, it is likely to be recruited.
2. Stop processes
Trojans typically start with Windows, there may be processes in the task manager. If there is a suspicious process, stop it. General Windows process is fixed, plus your application process, other
I feel that eye is likely to be a Trojan process. If you can't find a suspicious process, go to the control panel, manage the tool, and find a suspicious process, if you have, stop it.
3. Clean up the registry
The process of Trojans may also be hidden. If you can't stop him, you can delete his key value .cmd, regedit, divide three paths: First, hkey_local_machine / software / microsoft / windows / currentversion All keys value;
Second, HKEY_CURRENT_USER / SOFTWARE / Microsoft / Windows / CurrentVersion All key values starting with "run";
Third, HKEY_USERS / .DEFAULT / SOFTWARE / Microsoft / Windows / CurrentVersion All key values starting with "run".
If the start button of the Trojan ice river is:
[HKEY_LOCAL_MACHINE / SOFTWARE / Microsoft / Windows / CurrentVersion / Run]
@ = "C: //windows/system//kernel32.exe"
[HKEY_LOCAL_MACHINE / SOFTWARE / Microsoft / Windows / CurrentVersion / Runservices]]]
"Diagnostic Configuration" = "c: //windows//system//diagcfg.exe"
Blue Flame 0.5 start key value is:
[HKEY_LOCAL_MACHINE / SOFTWARE / Microsoft / Windows / CurrentVersion / Run]
"NetWork Services" = "c: //windows//system//tasksvc.exe"
Be careful, don't delete it easily to prevent the key value of other programs.
4. Manually clear the program
After checking the program name and path from the registry, a comprehensive search will be discovered.
5. Tool removal
Introduce several practical tools: Makari iParmor, Jinshan Trojan special kill, Trojanhunter (Trojan hunter), Windows Trojan Clear Movus 3.2 Internet essential Edition, etc. are more useful. There are many tools that kill Trojans. Everyone can search on Google. However, it is prevented from being prepared, the key is to prepare, kill the enemy in the germination. So everyone should be careful, don't pay free to the Yellow website, don't click the URL easy.
Don't open the email of strangers, etc. ^ _ ^ (Vanguar)
