| After researching on the situation of full of virus in the Internet, we find that the Trojan accounts for a large proportion of malicious program. But now the anti-virus software has a limit in killing the new kind of virus. We realized that the point needs to be discussed.The paper will analyze the most popular malicious program: Trojan and summarize its harmful and characteristic. This may be helpful to the normal people to do the protection. Meanwhile, we will analyze a popular open-source Trojan in the Internet through the experiment. Thus we will know the process of configuring a Trojan and when it is executed, what operation it will do to our operate system, including register and system service.On the other hand, we worked on the principle of anti-virus software and try to find some weakness of them. Since feature code check and killing virus has the weakness of non-changeableness, we can modify the source code and thus will do the change to the compiled binary string and can avoid anti-virus software. Pointing at anti-software's API hook and virtual machine of active defense, we can use Windows command to take the place of API calling and adding some anti-virtual machine code, to avoid the sandbox of anti-virus. At the last of paper we discussed about"Cloud Virus Killing System"and proposed a method to avoid the"Cloud Virus Killing System".The purpose of this paper is not to make more malicious program appear in the Internet but to give some food for thought or new ways for anti-virus'developing. |
PDF Full Text Request