Trojan Horse Removal
What is a trojan?
Trojan horse removal is essential. But first lets define what a trojan horse is in the computer world. A trojan horse is an executable program that is designed to disrupt or hijack applications on your computer. The reason why these programs are developed are often to initiate other attacks from more advance malware such as spyware. In essence, trojan horses are used to break down security to make your computer more vulnerable to attack. A good AntiSpyware program can be an easy step for trojan horse removal .Trojan horse deletion can sometimes be as easy as using a spyware removal program. These programs can identify the trojan by name or behavior. This should be your first step before moving on to more difficult removal procedures.
Step 1: Identify the Trojan
If you know the trojan you have you can move on to step 2. Before you begin trojan horse removal, you must be able to identify the malware. Luckily your computer will have already given you clear signs that you have a trojan horse infection. When you have a trojan horse your computer will often send you an error message that an abnormal process is occurring in an application. This error is called a DLL error. This dll process is linked to an specific trojan. So, if you can identify the dll, you can identify the trojan. There a tons a places on the net that will help you identify the dll process. Just copy and paste the error dll error into one of the websites like www.processlibrary.com. It will then give you all the info you its a malware or normal process. If its a trojan it will give you the name of exe file.
Step 2: Display Hidden Files
Hidden files can make manual trojan horse removal impossible. It is often necessary to search the hidden contents of your computer to unearth malware. Most good anti-spyware programs can search through your hidden files automatically. You will need to need take a few steps to display all hidden files and folders.
In XP
1. Close all programs
2. Click on the My Computer icon.
3. Select the Tools menu and click Folder Options.
4. Select the View tab in the new window.
5. Check Display the contents of system folders.
6. Under the Hidden files and folders, select Show hidden files and folders.
7. Uncheck Hide file extensions for known file types and Hide protected operating system files.
1. Close all programs
2. Click on the My Computer icon.
3. Select the Tools menu and click Folder Options.
4. Select the View tab in the new window.
5. Check Display the contents of system folders.
6. Under the Hidden files and folders, select Show hidden files and folders.
7. Uncheck Hide file extensions for known file types and Hide protected operating system files.
8. Click Apply button and Restart
In Vista
1. Close all programs so that you are at your desktop.
2. Click Start button.
3. Click Control Panel.
4. In the control panel, Click on the Appearance and Personalization.
5. Click on Show Hidden Files or Folders.
6. Under the Hidden files and folders section select Show hidden files and folders.
7. Uncheck Hide extensions for known file types and Hide protected operating system files.
8. Click Apply button and restart.
2. Click Start button.
3. Click Control Panel.
4. In the control panel, Click on the Appearance and Personalization.
5. Click on Show Hidden Files or Folders.
6. Under the Hidden files and folders section select Show hidden files and folders.
7. Uncheck Hide extensions for known file types and Hide protected operating system files.
8. Click Apply button and restart.
Step 3: Stop the Trojan's Processes
Before attempting to purge your system of a trojan, the first step is to Load your PC into SAFE MODE and stop all processes related to the trojan.
1. In Safe Mode, open up the task manager by pressing CTRL-ALT-DELETE.
2. Highlight the process by clicking it.
3.Click the End Process
Before attempting to purge your system of a trojan, the first step is to Load your PC into SAFE MODE and stop all processes related to the trojan.
1. In Safe Mode, open up the task manager by pressing CTRL-ALT-DELETE.
2. Highlight the process by clicking it.
3.Click the End Process
Step 4: Edit the Registry
In order for the trojan to be completely removed from your system, you need to remove its registry entries. This way it will not be able to re-install itself. The Trojan is a "exe" process so you can find int the RUN folder of your registry. The registry key: HKEY_LOCAL_MACHINE> SOFTWARE>Microsoft>Windows>CurrentVersion>RUN
In order for the trojan to be completely removed from your system, you need to remove its registry entries. This way it will not be able to re-install itself. The Trojan is a "exe" process so you can find int the RUN folder of your registry. The registry key: HKEY_LOCAL_MACHINE> SOFTWARE>Microsoft>Windows>CurrentVersion>RUN
This action will help you eliminate and chance of it reinstalling itself. Here is how:
1. Click Start
2. Click Run
3. Type regedit
4. Find this registry key:
HKEY_LOCAL_MACHINE/
SOFTWARE/
Microsoft/
Windows/
CurrentVersion/
RUN/
2. Click Run
3. Type regedit
4. Find this registry key:
HKEY_LOCAL_MACHINE/
SOFTWARE/
Microsoft/
Windows/
CurrentVersion/
RUN/
5. In the right section click the process. For example is the trojan is "rusvdgpo". Delete all exe and dlls associated with the trojan names .
6. Delete the value.
6. Delete the value.
Step 5: Check your Startups
1. Open your Start menu.
2. Click Run
3. In the command screen type "msconfig.exe"
4. In the "system configuration utility",click "startup" tab
5. Uncheck any process that is associate with the trojan.
6. Click "OK"
7. Restart
2. Click Run
3. In the command screen type "msconfig.exe"
4. In the "system configuration utility",click "startup" tab
5. Uncheck any process that is associate with the trojan.
6. Click "OK"
7. Restart
No comments:
Post a Comment