Sunday, October 24, 2010

Trojans look like Tibet, where


Trojan is a virus program on the remote control, the program has a strong hidden and dangerous, it can be undetected in people under the control of the state you or watch you. We take a look at where the Trojans like hiding?

Trojan is a virus program on the remote control, the program has a strong hidden and dangerous, it can be undetected in people under the control of the state you or watch you. Some say that since the Trojans so powerful, that I have distance from it is not on it! But this Trojan is "naughty", it can regardless of whether you welcome, as long as it pleased, it will try to broke into your idea of "home" in the past! Oh, that terrible, quickly look at their computer have Trojan horse, maybe being "home" in trouble too! Then how do I know where is the horse, I believe that the newbies are not familiar with the Trojans certainly want to know this problem. Here is the latent cunning trick horse, do not forget to read the future to deal with these Sunzhao yo trick!

1, integrated into the program
Trojan is actually a server - client program, which to prevent the user can easily delete it, it is often integrated into the programs, and if the user activate the Trojan horse, Trojan files, and then bundled with an application, and then upload to overwrite the original file server, so even if the Trojan has been removed, as long as the running application bundled with the Trojan, the Trojan will be installed on up. Bound to a particular application, such as bound to the system files, so every time Windows starts will start the Trojan.

2, hidden in the configuration file
Trojan horse is so cunning, that newbies usually using a graphical interface operating system, for those who have been less important configuration files are mostly indifferent, and this horse just to provide a hiding place. And the use of the special role of the configuration file, Trojan easily run in our computer, attack, and thus peeping or monitor you. Now, however, this approach is not very subtle, easy to find, so in the Autoexec.bat and Config.sys to load Trojans and rare, but should not be taken lightly Oh.

3, lurking in the Win.ini in
Trojan to reach the control or the purpose of monitoring computer must be running, but no one knows better than his own computer to run this damn horse. Of course, the Trojan has also been prepared, that human beings are highly intelligent animals, not to help it work, it must find a safe and can run automatically at boot time place, so is lurking in the Win.ini Trojans feel more comfortable place. Open the Win.ini you may wish to look at it [windows] field in start command "load =" and "run =", under normal circumstances "=" followed by a blank, if followed by the program, for example, that looks like this: run = c: \ windows \ file.exe load = c: \ windows \ file.exe
Then you have to be careful, and this is likely to be Trojan file.exe Oh.

4, disguised in an ordinary file
This approach appears relatively late, but now very popular windows for unskilled operators, is an easy mark. The specific method is the executable file disguised as a picture or text ---- icon in the program to change the Windows default picture icon, then the file name to *. jpg.exe, since Win98 the default setting is "Do not show known file extension name ", the file will appear as *. jpg, people who do not pay attention to the Trojan point of this icon (if you insert a picture in the program even more perfect).

5, built into the registry
The above method allows horse really comfortable for a while, neither was able to find it, can run automatically, really Yoshiya! But the good time, it's true features of human very quickly ferret out, and it was a severe punishment! But it also Afterward, after summing up lessons of failure, that the above hiding the Chuhen easy Zhao, now is not easy to hide Beiren find the place Yushi it Xiangdao the registry! Indeed, the registry of more complex, like the Trojans are often hidden in here happy, quickly check if you have any program under which, read carefully eyes wide open, do not let go Oh Trojan: HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion, all to "run" at the beginning of the key; HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion, all to "run" at the beginning of the key; HKEY-USERS \. Default \ Software \ Microsoft \ Windows \ CurrentVersion, all to "run" at the beginning keys.
6, in hiding in the System.ini
Trojan is really everywhere Yeah! Where there are loopholes in it where to fall in.! This does not, Windows installation directory is also a horse like System.ini hidden place. Was careful to open this file to see it any different from normal file in the file [boot] field, is not such a content, that is, shell = Explorer.exe file.exe, if indeed there such content, you are unfortunate, because here is the Trojan file.exe server program! In addition, System.ini in the [386Enh] field, pay attention to inspection during this period of "driver = path \ program name", there may also be used by Trojans. Again, in the System.ini in the [mic], [drivers], [drivers32] of these three fields, these paragraphs also play a role in loading the driver, but it is also a good place to add Trojan horses, and now you are the woven that we should pay attention here.

7, invisible in the startup group
Sometimes horse does not care about their whereabouts, whether it is more attention is automatically loaded into the system, because once the Trojan is loaded into the system, any of the methods you use you are unable to drive it away (hey, this horse has the nerve really thick), so according to this logic, start group is also a good place to hide Trojan horses, because there really is a good place to run automatically loaded. Activity group corresponding folder: C: \ windows \ start menu \ programs \ startup, the location in the registry: HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \
Explorer \ ShellFolders Startup = "C: \ windows \ start menu \ programs \ startup". Start the group should pay attention to regular checks Oh!

8, hidden in the Winstart.bat
In accordance with the above logical theory, all conducive to place Trojan horses automatically loaded, Trojans like to stay. This does not, Winstart.bat is a loaded automatically by Windows to run files, which in most cases for the application and the Windows auto-generated and loaded in the implementation of the Win.com after the majority of drivers started (this can be Press the F8 key by starting step through the startup process and then select the startup mode can be obtained). As the Autoexec.bat function can be replaced Winstart.bat completed, as the Trojans can be loaded in the Autoexec.bat in the running as danger from this.

9, tied in the startup file
The application's startup configuration file, the control side can start the process to use these files to the characteristics of a good production of the same name with the Trojans start command to the server file upload documents covering the same name, so you can start to achieve the purpose of the Trojan .

10, set in the super-connections
Horse owners to place malicious code on Web pages, to lure users to click, the user clicks the result is obvious: open invitation to burglars! Advise Do not click on links on the page, unless you know it, trust it, for it is also willing to die so.






Recommended links:



FLASH into VCD, no Computer could not see FLASH MV



3GP to MPEG



FLV to Zune



Using Visual Basic's Timer Control



Import of the IPTV how to do?



MODERATE BPM



implement a network BRIDGE firewall



c # and CLASS differences in the structure



Hot Nature - Screen Savers



Examples explain the whole process of PRODUCTION flashMTV (2)



Rebate good use of this double-edged sword



VOB to SWF



Wizard Vertical Market Apps



For you Games Arcade



No comments:

Post a Comment