Wet Wet web Site

Computer Virus Removal

 Blog  
 

 

How To Remove Trojans from Your Computer

 

Trojans are very sneaky programs that will try to remain hidden as long as they can. They will not corrupt or delete files, will not show error messages or popup ads. You will never know that a Trojan is on your machine, if you do not check. There are two ways to remove Trojans from your computer. One is more difficult than the other is and it might be less efficient. The first one is manual removal and the second one is automated removal. There are no apparent benefits of manual removal, but for those who need to know let’s see how we can do it.

Manual removal of a Trojan horse

Two tools will help you manually remove Trojans. The first one is the Task List. This appears when you press CTRL+ALT+DEL when in Windows. This will present a list of programs that are running and, in the next tab, the list of processes that are currently running. A simple search after each process on Google will bring a lot of results. The ones related to Trojans are the ones you are looking for. For starters, you must write down the name of the process. Be aware that Microsoft hides some processes (perhaps to avoid confusion) and this gives hackers the perfect opportunity to hide the process.

You need to go to the System Information Utility (msinfo32.exe) that can be found in the C:\program files\common\microsoft shared\msinfo folder. This little tool will show you almost any process that is running on your machine, even the hidden ones from the Task List. You can disable the suspect processes starting with the next reboot. Windows literally blocks the Trojan from starting again, which is what we want. In the System Information Utility, you can also track the exact path where the suspected file resides. Run it through an antivirus tool. If you are convinced it is a Trojan, stop it from launching again! By doing this with every potential threat, you make sure that no Trojan horse will ever affect your PC.

The second tool you can use to remove Trojans is Netstat. The definition of a Trojan horse is communication. If it is unable to communicate, the Trojan is useless. Every communication leaves a trail, and you can follow the trail just like a hunter. Go to Start, click Run, type cmd and hit ENTER. Now, in the cmd window, type netstat -an and you should see all the connections that are open and the destination IP. If you see a suspect connection, simply use TCPView (a free tool from Sysinternals) to track down the program that is keeping that connection open. All you have to do now is rename the file and reboot. If everything is working fine, delete the file.

Since each Trojan has its own characteristics, manual removal is very hard and time-consuming. You might need to go into the Registry, a very dangerous task. It is best to use the second method, automated removal.

Automated removal of a Trojan horse

By default, an up-to-date antivirus will be able to detect and remove Trojans. It will also know how to fix the Registry entries and files affected. This method is much faster than manual removal and safer! For specific Trojans, which the antivirus is unable to remove, there are specialized tools on the Internet. Most of them are free. You are highly advised to use the automated removal to avoid any damage to your machine.