You have already heard a lot about Trojans. Your computer may have got infected with this at some point of time as well. But how does this work? How can you prevent it? Let’s find it out.
For the Trojan to work, it must get implanted to your computer first. An email worm or a hidden executable in an mp3 song or a free game or a picture might have this malicious software program, known as a Trojan. A Trojan mainly consists of two programs – one is the client program, which is used by the hacker to control the host or the victim computer, while the other is the server software. The client program is installed in the hacker’s computer and the server program is installed on your computer (the host).
This server program provides vital information to the client program and every time you start the computer, the server program gets auto-started.Besides the anti-Trojan software, there are also other software that actually scans open ports, which are generally used by Trojans. Interestingly, there is a Trojan Simulator available, which acts like a Trojan but is supposed to be risk-free. If installed, this tests how good your security software is. Trojan Simulator also checks it out whether your security software is able to detect Trojans or not.
Be it a Trojan Simulator or a Trojan malware, it works on the following factors:
- File Fingerprinting: A unique fingerprint that is generally detected by the security software. In order to avoid detection, it is packed with a UPX file packer to reduce its size.
- In-memory Fingerprinting: In the memory, after the Trojan server is loaded, the program code remains in unpacked form, which gives the security software a good opportunity to detect the malware.
- The Trojan server software generally creates an entry in the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run. Hence, this entry is required to be checked.
Source: Mytechsupportstore.com