摘要 |
A method and apparatus for detecting a Trojan horse in a suspicious version of a software application in the form of at least one electronic file. A computer device determines a source from which the suspicious version of the software application was obtained. A comparison is then made between the source from which the suspicious version of the software application was obtained and a source from which an original, clean version of the software application was obtained. If the sources differ, then it is determined that the suspicious version of the software application is more likely to contain a Trojan horse than if the sources were the same. |