We believe that the Dll Trojans are very familiar with. It is indeed very strokes people hate the guy. Unlike ordinary exe Trojans make it easier to identify and clean up, this guy is very strong concealment, it can be embedded such as rundll32.exe, svchost.exe, and so on in the process to normal, so that you can not find, even if it will be difficult to find a clearance, because The normal process is its call them.
I use the McAfee antivirus software, for instance, it now reports:
defds.dll: C: \ ... \ Temp \ defds.dll failure to delete
fdgeg.com: C: \ Windows \ ime \ fdgeg.com failure to delete
You can know defds.dll dll should be a Trojan horse. We can Bingren icesword to view the process, call the dll file to find the process, for instance, is notepad.exe. We can first try to terminate the process, if the process after the termination of long before running again (and I have not run Notepad), then we can determine fdgeg.com notepad.exe is the guardian of the process. When it found its surveillance of notepad.exe process will be terminated immediately after the re-opening will be notepad.exe.
Now we can: my computer -> Tools -> Folder Options -> Show, in the advanced settings option under the word "simple file-sharing," the hook (my computer is XP operating system, NTFS disk format).
Then to the C: \ Windo0ws \ ime find fdgeg.com, right-select properties, select properties in the "security", click "Advanced", in the pop-up window Zhongshi "inherited from the parent can be applied to those sub - Object privileges, including those in this well-defined project "was not selected, then the pop-up window, click the" Delete ", and then click" OK. " So that users can make no fdgeg.com work.
Icesword through the termination of notepad.exe. Then to the C: \ Documents and Settings \ Administrator \ Local Settings \ Temp remove defds.dll. Then to the C: \ Windows \ ime in to find fdgeg.com, right-attributes, attributes the choice of "security", click "Advanced", in the pop-up window check "from the parent who can be applied to the succession of Object privileges, including those in this well-defined projects ", and then to delete it.
Finally do not forget the launch of the registry will remove this Trojan dll.
In this way, we will thoroughly disgusted with the dll this Trojan from our computer cleared.
I use the McAfee antivirus software, for instance, it now reports:
defds.dll: C: \ ... \ Temp \ defds.dll failure to delete
fdgeg.com: C: \ Windows \ ime \ fdgeg.com failure to delete
You can know defds.dll dll should be a Trojan horse. We can Bingren icesword to view the process, call the dll file to find the process, for instance, is notepad.exe. We can first try to terminate the process, if the process after the termination of long before running again (and I have not run Notepad), then we can determine fdgeg.com notepad.exe is the guardian of the process. When it found its surveillance of notepad.exe process will be terminated immediately after the re-opening will be notepad.exe.
Now we can: my computer -> Tools -> Folder Options -> Show, in the advanced settings option under the word "simple file-sharing," the hook (my computer is XP operating system, NTFS disk format).
Then to the C: \ Windo0ws \ ime find fdgeg.com, right-select properties, select properties in the "security", click "Advanced", in the pop-up window Zhongshi "inherited from the parent can be applied to those sub - Object privileges, including those in this well-defined project "was not selected, then the pop-up window, click the" Delete ", and then click" OK. " So that users can make no fdgeg.com work.
Icesword through the termination of notepad.exe. Then to the C: \ Documents and Settings \ Administrator \ Local Settings \ Temp remove defds.dll. Then to the C: \ Windows \ ime in to find fdgeg.com, right-attributes, attributes the choice of "security", click "Advanced", in the pop-up window check "from the parent who can be applied to the succession of Object privileges, including those in this well-defined projects ", and then to delete it.
Finally do not forget the launch of the registry will remove this Trojan dll.
In this way, we will thoroughly disgusted with the dll this Trojan from our computer cleared.
