|Home » Security » Smart Computing
Run Run Run
Having a trojan hidden on your computer will not, in and of itself, cause you any harm. The trojan is a program, and to cause harm it must run. And as you continually reboot and reboot your machine, it must have a means of starting up all by itself without your knowing about it.
An astute user would spot such an occurrence immediately. The culprit is counting on you not being such an astute user.
It's the operating system which has to start programs, and in Windows there are a number of ways this can happen. The trojan - or a link to it - might be in either of the Startup directories on your Start menu. It can also be in your Registry. To see if it's there, you have to use the Registry Editor, REGEDIT.EXE. This is a dangerous program in the hands of the uninitiated - see the online article for more information - but for now, as long as you promise to never hit an OK button anywhere and to keep your wits about you at all times, it should be all right. You won't find REGEDIT.EXE or Registry Editor on your Start menu, but it's there on your system and all you need is Start -> Run to fire it up.
Once you've read the online article and know your way around a bit, look for the following keys:
You should be able to identify and authenticate anything found either on your Start menu or in your Registry. If in doubt, save the information and temporarily remove it. Items you don't want to remove include SysTray.Exe, which is your system tray.
For NT+ users the fun doesn't stop there, for the trojan might have installed itself as a driver or a service. To get at this you have to go manually through your list of services and drivers and look for anything new and suspicious. Keeping an up-to-date list of what you have on your machine can be of help.