Computer in Trojan how to do
Publish: 2021-05-07 18:54:36
1. You can open the Tencent Smart Security page
and find the whole system of Yudian terminal in the proct
and then choose to apply for the use of Tencent Yudian, and then use the virus killing function to kill the virus
and find the whole system of Yudian terminal in the proct
and then choose to apply for the use of Tencent Yudian, and then use the virus killing function to kill the virus
2. Try Tencent's computer housekeeper killing. It is the instry's first to apply CPU virtual execution technology to anti-virus software, which will improve the anti-virus ability and efficiency to a certain extent. Eagle eye engine makes housekeeper's anti-virus technology a qualitative leap, improves the in-depth anti-virus ability, and can eradicate the "most persistent virus" on the user's machine without damaging the computer files.
3. At this time, the next Trojan can not be killed, you can re install the system, or install an anti-virus software
4. Because many novices don't know much about security issues, they don't know how to clear the "Trojan horse" in their computer. Although there are many new anti-virus software on the market can automatically clear the "Trojan horse", but they can not prevent the new "Trojan horse" program, so the most important thing is to know the working principle of the "Trojan horse", so it is easy to find the "Trojan horse". I believe that after reading this article, you will become a master of "Trojan horse"
"Trojan horse" program will try its best to hide itself. The main way is to hide itself in the taskbar. This is the most basic. As long as the visible property of form is set to false and showintaskbar is set to false, the program will not appear in the taskbar when it runs. Invisible in Task Manager: it's easy to disguise yourself by setting programs as "system services"
of course, it will also start quietly. Of course, you don't expect users to click the "Trojan horse" icon to run the server every time they start. The "Trojan horse" will automatically load the server every time the user starts, and the "Trojan horse" will be used to load the application automatically when the windows system starts, such as the startup group, win.ini, system.ini, etc Registry and so on are "Trojan horse" hiding place. The following specific talk about "Trojan" is how to automatically load
in the win.ini file, under [windows], "run =" and "load =" are possible ways to load "Trojan horse" programs, so we must pay close attention to them. In general, their equal sign is followed by nothing. If you find that the path and file name are not familiar with the startup file, your computer may be on the "Trojan horse". Of course, you have to see clearly, because many "Trojans", such as "AOL Trojan Trojan", disguise itself as command.exe file. If you don't pay attention, you may not find that it is not the real system boot file
in the system.ini file, there is a "shell = file name" under [boot]. The correct file name should be "explorer. Exe". If it is not "explorer. Exe", but "shell = explorer. Exe program name", then the following program is the "Trojan horse" program, that is to say, you have been in the "Trojan horse"
the situation in the registry is the most complicated. Open the registry editor with regedit command, and click "hkey-local-machine & # 92; Software\ Microsoft\ Windows\ CurrentVersion\ "Run" directory, check the key value to see if there are any unfamiliar auto start files with the extension of exe. Here, remember: some files generated by "Trojan horse" programs are very similar to the system's own files, and want to muddle through by camouflage, such as "acid battery v1.0 Trojan horse", which will register "hkey-local-machine & # 92"; SOFTWARE\ Microsoft\ Windows\ CurrentVersion\ Change the key value of explorer under "run" to "C: &" 92 "; WINDOWS\ There are only "I" and "L" differences between the "Trojan horse" program and the real explorer. Of course, there are many places in the registry where you can hide "Trojan horse" programs, such as: "hkey-current-user & # 92; Software\ Microsoft\ Windows\ CurrentVersion\ Run”、“HKEY-USERS\****&# 92; Software\ Microsoft\ Windows\ CurrentVersion\ It's possible in the "run" directory. The best way is in the "hkey-local-machine" directory; Software\ Microsoft\ Windows\ CurrentVersion\ Find the file name of "Trojan horse" program under "run", and then search the whole registry
knowing the working principle of "Trojan horse", it is very easy to check and kill the "Trojan horse". If it is found that there is a "Trojan horse", the safest and most effective way is to immediately disconnect the computer from the network to prevent hackers from attacking you through the network. Then edit the win.ini file, and change "run =" or "load =" to "run =" and "load =" under [windows]; Edit the system.ini file and change "shell ='trojan horse 'file" under [boot] to: "shell = explorer. Exe"; In the registry, regedit is used to edit the registry. First, in "hkey-local-machine & # 92; Software\ Microsoft\ Windows\ CurrentVersion\ Find the file name of the "Trojan horse" program under "run", and then search and replace the "Trojan horse" program in the whole registry. Sometimes, it should be noted that some "Trojan horse" programs do not directly use "hkey-local-machine & # 92"; Software\ Microsoft\ Windows\ CurrentVersion\ "Run" under the "Trojan" key to delete it, because some "Trojan" such as: bladerrunner "Trojan", if you delete it, "Trojan" will immediately automatically add, you need to write down the "Trojan" name and directory, and then return to MS-DOS, find the "Trojan" file and delete it. Restart the computer, and then go to the registry to delete the key value of all "Trojan" files. So far, we're done<
little knowledge:
the full name of "Trojan horse" is "Trojan horse", which originally refers to the story of ancient Greek soldiers hiding in the Trojan horse to enter the enemy city and occupy the enemy city. On the Internet, "Trojan horse" refers to the application or game that some programmers can download from the network, including the program that can control the user's computer system, which may cause the user's system to be damaged or even paralyzed.
"Trojan horse" program will try its best to hide itself. The main way is to hide itself in the taskbar. This is the most basic. As long as the visible property of form is set to false and showintaskbar is set to false, the program will not appear in the taskbar when it runs. Invisible in Task Manager: it's easy to disguise yourself by setting programs as "system services"
of course, it will also start quietly. Of course, you don't expect users to click the "Trojan horse" icon to run the server every time they start. The "Trojan horse" will automatically load the server every time the user starts, and the "Trojan horse" will be used to load the application automatically when the windows system starts, such as the startup group, win.ini, system.ini, etc Registry and so on are "Trojan horse" hiding place. The following specific talk about "Trojan" is how to automatically load
in the win.ini file, under [windows], "run =" and "load =" are possible ways to load "Trojan horse" programs, so we must pay close attention to them. In general, their equal sign is followed by nothing. If you find that the path and file name are not familiar with the startup file, your computer may be on the "Trojan horse". Of course, you have to see clearly, because many "Trojans", such as "AOL Trojan Trojan", disguise itself as command.exe file. If you don't pay attention, you may not find that it is not the real system boot file
in the system.ini file, there is a "shell = file name" under [boot]. The correct file name should be "explorer. Exe". If it is not "explorer. Exe", but "shell = explorer. Exe program name", then the following program is the "Trojan horse" program, that is to say, you have been in the "Trojan horse"
the situation in the registry is the most complicated. Open the registry editor with regedit command, and click "hkey-local-machine & # 92; Software\ Microsoft\ Windows\ CurrentVersion\ "Run" directory, check the key value to see if there are any unfamiliar auto start files with the extension of exe. Here, remember: some files generated by "Trojan horse" programs are very similar to the system's own files, and want to muddle through by camouflage, such as "acid battery v1.0 Trojan horse", which will register "hkey-local-machine & # 92"; SOFTWARE\ Microsoft\ Windows\ CurrentVersion\ Change the key value of explorer under "run" to "C: &" 92 "; WINDOWS\ There are only "I" and "L" differences between the "Trojan horse" program and the real explorer. Of course, there are many places in the registry where you can hide "Trojan horse" programs, such as: "hkey-current-user & # 92; Software\ Microsoft\ Windows\ CurrentVersion\ Run”、“HKEY-USERS\****&# 92; Software\ Microsoft\ Windows\ CurrentVersion\ It's possible in the "run" directory. The best way is in the "hkey-local-machine" directory; Software\ Microsoft\ Windows\ CurrentVersion\ Find the file name of "Trojan horse" program under "run", and then search the whole registry
knowing the working principle of "Trojan horse", it is very easy to check and kill the "Trojan horse". If it is found that there is a "Trojan horse", the safest and most effective way is to immediately disconnect the computer from the network to prevent hackers from attacking you through the network. Then edit the win.ini file, and change "run =" or "load =" to "run =" and "load =" under [windows]; Edit the system.ini file and change "shell ='trojan horse 'file" under [boot] to: "shell = explorer. Exe"; In the registry, regedit is used to edit the registry. First, in "hkey-local-machine & # 92; Software\ Microsoft\ Windows\ CurrentVersion\ Find the file name of the "Trojan horse" program under "run", and then search and replace the "Trojan horse" program in the whole registry. Sometimes, it should be noted that some "Trojan horse" programs do not directly use "hkey-local-machine & # 92"; Software\ Microsoft\ Windows\ CurrentVersion\ "Run" under the "Trojan" key to delete it, because some "Trojan" such as: bladerrunner "Trojan", if you delete it, "Trojan" will immediately automatically add, you need to write down the "Trojan" name and directory, and then return to MS-DOS, find the "Trojan" file and delete it. Restart the computer, and then go to the registry to delete the key value of all "Trojan" files. So far, we're done<
little knowledge:
the full name of "Trojan horse" is "Trojan horse", which originally refers to the story of ancient Greek soldiers hiding in the Trojan horse to enter the enemy city and occupy the enemy city. On the Internet, "Trojan horse" refers to the application or game that some programmers can download from the network, including the program that can control the user's computer system, which may cause the user's system to be damaged or even paralyzed.
5. In general, after computer poisoning or Trojan horse or virus, Trojan horse virus will destroy the system. General anti-virus software can't solve these problems. It is recommended that you use 360 antivirus to cooperate with 360 security guard to repair the system. I am using this, with less resources, fast killing speed and good effect
360 antivirus download address:
http://sd.360.cn/
download address of 360 security guard:
http://www.360.cn/down/soft_ down2-3.html
360 antivirus download address:
http://sd.360.cn/
download address of 360 security guard:
http://www.360.cn/down/soft_ down2-3.html
6. The best advice for you is that I have been maintaining my computer for more than ten years. If there is a virus or Trojan horse in my computer, it's better to re install the system. No matter how good the anti-virus and anti Trojan software is, it can't completely remove all the resial programs. Therefore, it's strongly recommended to re install the system. If there is one, you can backup the system with ghost, In this way, even after the virus or Trojan can be in the shortest time to restore the system to its original state.
7. Unknown_Error
8. First, use the special killing tool to check and kill. If it doesn't work, only men can restore the system or redo the system. This is more thorough. Usually, I redo the system in order to be thorough
Hot content