The specific method is as follows:
1, integrated into the program
The solid horse is also a server-client program, in order to prevent users from easily deleting it, It is often integrated into the program. Once the user activates the Trojan, the Trojan file is bundled with an application and then uploaded to the server to overwrite the original file, so that even if the Trojan is deleted, just run the application with the Trojan. The Trojan will be installed again. Bind to an application, such as binding to a system file, then every time Windows starts, it will start a Trojan.
2, hidden in the configuration file
Trojans are too embarrassing, know that the rookie usually use a graphical interface operating system, for those who are not too important configuration files It is not to be heard, this just provides a hiding place for the Trojan. And with the special role of the configuration file, the Trojan can easily run, attack, or monitor everyone in your computer. However, this method is not very hidden and easy to find, so it is rare to load Trojans in Autoexec.bat and Config.sys, but you can't take it lightly.
3, lurking in Win.ini
Trojans must run to control or monitor the computer, but no one will be stupid enough to run this on their own computer. Trojan. It must find a place that is both safe and can run automatically when the system starts up, so lurking in Win.ini is a place where the Trojan feels more comfortable.
Solution: You may wish to open Win.ini to see if there is a startup command in the [windows] field, “load=” and “run=”, in general, “ =” Behind is blank, if there is a follow-up program, for example, this is the same: run=c:windowsfile.exe load=c:windowsfile.exe
4, disguised in the ordinary file
For unskilled windows operators, it is easy to be fooled.
Solution: Disguise the executable file as a picture or text----In the program, change the icon to the default picture icon of Windows, and then change the file name to *.jpg.exe, because Win98 defaults The setting is "Do not display the known file suffix name", the file will be displayed as *.jpg, the person who does not pay attention to this icon will be in the Trojan.
5, built into the registry
Due to the complexity of the registry, Trojans often like to hide here, happy, check it out, what program is under it, look at your eyes Don't let go of the Trojan:
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersion all key values starting with "run";
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersion all key values starting with "run";
HKEY-USERS.DefaultSoftwareMicroso
1. First open the “Control Panel” option in the Start menu to o
1. Open the Start menu and enter the “secpol.msc” c
We know that in the win7 system download official website computer, the font size, color and font sh
With the gradual improvement of Windows 7 features and performance, Windows7 penetration rate has gr
Windows7 can also watch online TV
How to disable win7 autorunning
Create virtual memory and increase win7 speed
How to open the Win7 system tablet function?
Win7 system click on the page secondary link after a blank solution
Zeng Qiang Windows 7 System Security and Privacy Protection
Win7 batch delete C disk log log file method
How to capture and save the Win7 system computer?
How to set the default gateway for Windows7 system?
How to adjust the volume of different applications in Windows 8 system
Fruit powder must know the use of skills
Win10 Mobile preview version 10581 download card at 0% solution
Win10 Build 10240 Improvement Summary: Browser Performance Increases
How does Win8.1 classify the desktop application and Modern application classification
Several recommendations for improving the performance of Windows 7 systems
CF young does not accept the event website share to win gold M4
Win8 paid application released
How can a Win10 account only open a specific application?
How to load a USB flash drive or a removable hard disk under Linux system