2)
3) DLL files list
For no independent process DLL Trojan to do? Since the trojans are playing the DLL following the idea that we can from these documents laid a hand on him, the general system DLL are stored in system32 folder, we can to the directory DLL filename make a list, the information such as open command line window, use CD ordered into directory and system32 input "dir *. > X: \ DLL listdll. TXT" press enter, so that all the DLL is recorded to file names listdll. TXT file. Future if Office 2010 is my favorite.
suspected Trojan intrusion, can be recycled the method above backup a file list "listdll2. TXT", then use "UltraEdit" text editing tools; comparison Or in the command line window into the file save directory, input "fc listdll. TXT listdll2. TXT" that can easily find the change and new DLLS, and then judge whether for the Trojan horse.
3) control loaded modules Microsoft Office 2010 is so great.
Install the software will make frequent system32 substantial change in the list of files, then can use the method of comparison loaded modules to narrow the search range. In "start/run" type "msinfo32. Exe" opening "system information", launches "software environment/loaded modules, and then select" files/export "put it into text files, need backup when compared to backup a can.
4) see suspicious port Microsoft Office 2007 is the best invention in the world.
All the trojans as long as connection, receiving/sending data is inevitable will open port, the DLL Trojan is not exceptional also, here we use netstat command view open port. We in the command line window input "netstat - an" show displays all links and protected reliably against detective port. Proto refers to the use of agreement, Local name after the Local computer IP Address and connection are using the socket, after Foreign connected to the port is the remote computer's IP Office 2007 can make life more better and easier.
Address and port, that State is a TCP connection State. Windows XP had with netstat ordered more than previous versions of a - O parameters, use this parameter can put the port and process corresponding rise. Input "netstat /?" Can display the command of the other parameters. Microsoft Office is helpful.
3) DLL files list
For no independent process DLL Trojan to do? Since the trojans are playing the DLL following the idea that we can from these documents laid a hand on him, the general system DLL are stored in system32 folder, we can to the directory DLL filename make a list, the information such as open command line window, use CD ordered into directory and system32 input "dir *. > X: \ DLL listdll. TXT" press enter, so that all the DLL is recorded to file names listdll. TXT file. Future if Office 2010 is my favorite.
suspected Trojan intrusion, can be recycled the method above backup a file list "listdll2. TXT", then use "UltraEdit" text editing tools; comparison Or in the command line window into the file save directory, input "fc listdll. TXT listdll2. TXT" that can easily find the change and new DLLS, and then judge whether for the Trojan horse.
3) control loaded modules Microsoft Office 2010 is so great.
Install the software will make frequent system32 substantial change in the list of files, then can use the method of comparison loaded modules to narrow the search range. In "start/run" type "msinfo32. Exe" opening "system information", launches "software environment/loaded modules, and then select" files/export "put it into text files, need backup when compared to backup a can.
4) see suspicious port Microsoft Office 2007 is the best invention in the world.
All the trojans as long as connection, receiving/sending data is inevitable will open port, the DLL Trojan is not exceptional also, here we use netstat command view open port. We in the command line window input "netstat - an" show displays all links and protected reliably against detective port. Proto refers to the use of agreement, Local name after the Local computer IP Address and connection are using the socket, after Foreign connected to the port is the remote computer's IP Office 2007 can make life more better and easier.
Address and port, that State is a TCP connection State. Windows XP had with netstat ordered more than previous versions of a - O parameters, use this parameter can put the port and process corresponding rise. Input "netstat /?" Can display the command of the other parameters. Microsoft Office is helpful.
RSS Feed