How to Remove Trojan Horses

Remove Trojan manually


Check network connection
As many Trojan horses are always active to detect port, or connect specific IP port, so we can find Trojan virus through checking network connection without normal program connection. The specific steps: click start->;run->;CMD and then input the command netstat-an to see all the IPs connected with your computer and the ports detected by your computer, including four parts: proto, local address, foreign address and state. Thus we can completely monitor computer connection through detailed information of the command.

Check running service
Service is one of lots of methods used to keep running in system all the time by Trojans. We can check what service ran by clicking start->; run->; cmd, and then input net start. We can find service in managing tools and stop using it.

3. Check startup item of system


Check startup item of system
Because it is complicated for users to learn about registry where is the best place to hide for Trojans? The way of checking registry startup item: click start->; run->;regedit, and then check the key value with start of run under HKEY_LOCAL_MACHINE Software Microsoft Windows CurrentVersion, and all the key value under HKEY-USERS . Default Software Microsoft Windows Current Version.

Otherwise, horses also love to hide in System.ini under the directory of Windows installation. When opennig the file, if you find shell=Explore.exe file.exe in the document [boot], the file.exe is the Trojan!


Check system account
Malicious attackers love to control your computer by leaving a account. This can activate default account used less in system, and then promote the account to be manager. Thus this account will be extremely harmful to your computer. According to this situation, you can check your account by this way: click start->;run->; cmd, and then input net user in the command line to see users, and use net user name to check this user authority. Generally, all accounts are managed by administrators except administrator. If you find some a account managed by administrators, your computer must be attacked. You need to use net user name/del to delete this user.

If checked the Trojan, you can remove Trojan virus as followings:
  • Run task management and kill Trojan process.
  • CRUNheck , RUNSERVEICE and etc in registry. Firstly backup, write down the address of start item, and delete the suspicious item.
  • Delete executable files in hardware found in key.
  • Usually, this document is put under the file of WINNT, SYSTEM, and SYSTEM32, which don’t exist alone. Moreover, this kind of document is copied by other documents. Please delete these files if checked out the suspicious file of .exe, .com or bat under C.D.E disks.
  • Check the registry HKEY_LOCAL_MACHINE SOFTWARE and HKEY_CURRENT_USER Microsoft Internet Explorer. If be modified, change it back.
  • Check HKEY_CLASSES_ROOT txtfile shell open command and HKEY_CLASSES_ROOTxtfileshell open command. Once found being modified, you need to change it back. Trojans attarck computer by modifying .txt default program when users open text.

Trojan virus removal software

Perhaps, you don’t learn more about computer or feel so troublesome to check computer, it is a good choice to install Trojan removal software which can help you scan Trojan horses and kill them. Now there are many anti Trojan softwares available in the market. They can protect computer from virus and guard your privacy.

Social Share Toolbar
Leave a comment


One thought on “How to Remove Trojan Horses

  1. These fake security sysetm viruses are a real pain to get rid of. And many get by my real active antivrus program. You can try the removal tools if you want but many dont work.This has worked every time I get one running XP. At least 8 times so far over the last 6 months and it is simple.This works every time.Shut off computer.Restart and as soon as welcome screen comes on go and run sysetm restore to a time prior to infection (yesterday).You must start the sysetm restore program before the virus loads so be quick.Once the virus loads it wont let you start the restore program.This has worked every time I get it.I gave up on all the removal tools posted here.Someone called me a moron for sugesting this. I wonder if they work for the removal tool Cos.?Of course one should restore to a clean setting.Run a complete scan after restore if you want and follow this if your restore point was not clean or go back to an earlier one.

Leave a Reply

Your email address will not be published. Required fields are marked *

Are you human? Click the Grapes...