Do you have any idea which method is the best for protection? Personally speaking, I think is to stop it before happening, this is a better solution. Whereas, we also know that as long as to stop Trojans running when machine starts up, then we could say bye to them.
(1) Next I will show you how:
1. Go to Start menu and choose “Start-up”.
2. In the registry, locate the branch “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor” and double click “AutoRun”; then find “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\” and double click “Run”;
Note: ” HKEY_CURRENT_USER\Microsoft\Windows\CurrentVersion\Run” (usually this is same as to the “Start-up” button in Start menu, but it doesn’t show in “start-up”)
You can check up the application here, if which is abnormal, just delete it.
3. Start—Run—gpedit.msc, run Group Policy—User configuration—Administrative template—System—Logon,
4. The setup for system services.
You guys check up here, whether there’s something wrong here, then terminate it.
(2) Here we take a “Pigeon” Trojan for an example:
First we check up the remote 8000 port, whether it’s open already, before getting infected by “pigeon” Trojan, there’s no remote 8000 port. In order to let you see obviously, I will not change the settings of the