A Trojan Horse is an email virus usually released by an email attachment, It is a program that appears to be legitimate, but in fact does something malicious. Quite often, that something malicious involves gaining remote, surreptitious access to a user’s system. Unlike viruses, a Trojan does not replicate(i.e. infect other
files), nor does it make copies of itself as worms do. There are different types of Trojans. Some of these include: remote access Trojans(RATs), backdoor
Trojans(backdoors), IRC Trojans(IRCbots), and keylogging Trojans. Many Trojan
encompass multiple types. For example, a Trojan may install both a keylogger
and a backdoor. IRC Trojans are often combined with backdoors and RATs to
create collections of infected computers known as botnets.
But one thing you probably
won’t find a Trojan doing is scouring your hard drive for personal details, as
the Visa description alleges. Contextually, that would be a bit of a trick for
a Trojan. Instead, this is where the keylogging functionality most often comes
into play - capturing the user’s keystrokes as they type and sending the logs
to the attackers. Some of these keyloggers can be pretty sophisticated,
targeting only certain websites(for example) and capturing any keystrokes
involved with that particular session.
But why is it important to
know the difference between a virus, a worm, and a Trojan? Because a virus
infects legitimate files, thus if antivirus software detects a virus,
that file should be cleaned. Conversely, if antivirus software detects a
worm or a Trojan, there is no legitimate file involved and action should be to delete
the file.
This virus is a common yet difficult to remove computer threat and works
by hiding within a set of seemingly useful software programs. Once executed or
installed in the system, this type of virus will start infecting other files in
the computer.
Another method used by
malware developers to spread their Trojan Horse viruses is via chat software
such as Yahoo Messenger and Skype. Another method used by this virus in order
to infect other machines is through sending copies of itself to the people in
the address book of a user whose computer has already been infected by the
virus.
The best way to prevent a
Trojan Horse Virus from entering and infecting your computer is to never open
email attachments or files that have been sent by unknown senders. However, not
all files we can receive are guaranteed to be virus-free. With this, a good way
of protecting your PC against malicious programs such as this harmful
application is to install and update an antivirus program.
Recovering from a Trojan
Horse or Virus *
If you know what specific malicious program has infected your
computer, you can visit one of several antivirus web sites and download a
removal tool. Chances are, however, that you will not be able to identify the
specific program. Unfortunately your other choices are limited, but the
following steps may help save your computer and your files.
1. *Disconnect
your computer from the Internet *
Depending on what type of virus you have, intruders may have access to your personal information and may
even be using your computer to attack other computers. You can stop this
activity by turning off your Internet connection. The best way to accomplish
this is to physically disconnect your cable or phone line, but you can also
simply “disable” your network connection.
2. *Back
up your important files *
At this point it’s a good idea to take back up of ur files. If possible, compile all of ur photos, documents,
Internet favorites, etc., and burn them onto a CD or DVD or save them to some
other external storage device. It is vital to note that these files cannot be
trusted, since they are still potentially infected.
3. Scan your machine
Since your computer may be infected with a malicious program, it is safest to
scan the machine from a live CD(or “rescue” CD) rather than a previously
installed antivirus program. Many antivirus products provide this
functionality. Another alternative is to use a web-based virus removal service,
which some antivirus software vendors offer(try searching on “online virus
scan”). Or you could just try Microsoft’s web-based PC Protection Scan. The
next best action is to install an antivirus program from an uncontaminated
source such as a CD-ROM. If you don’t have one, there are many to choose from,
but all of them should provide the tools you need. After you install the
software, complete a scan of your machine. The initial scan will hopefully
identify the malicious program(s). Ideally, the antivirus program will even
offer to remove the malicious files from your computer; follow the advice or
instructions you are given. If the antivirus software successfully locates and
removes the malicious files, be sure to follow the precautionary steps in Step
7 to prevent another infection. In the unfortunate event that the antivirus
software cannot locate or remove the malicious program, you will have to follow
Steps 5 and 6.
* 4. Reinstall your operating
system *
If the previous step failed to clean
your computer, the most effective option is to wipe or format the hard drive
and reinstall the operating system. Although this corrective action will also
result in the loss of all your programs and files, it is the only way to ensure
your computer is free from backdoors and intruder modifications.
Many computer vendors also offer a
rescue partition or disc(s) that will do a factory restore of the system. Check
your computer’s user manual to find out whether one of these is provided and
how to run it.
Before conducting the reinstall, make
a note of all your programs and settings so that you can return your computer
to its original condition.
It is vital that you also reinstall
your antivirus software and apply any patches that may be available. Consult
“Before You Connect a New Computer to the Internet” for further assistance.
5. Restore your files
If you
made a backup in Step 3, you can now restore your files. Before placing the
files back in directories on your computer, you should scan them with your
antivirus software to check them for known viruses.
6. Protect your computer
To prevent future infections, you
should take the following precautions:
• Do not open unsolicited attachments
in email messages. • Do not follow unsolicited links. • Maintain updated
antivirus software. • Use an Internet firewall.
• Secure your web browser.
• Keep your system patched.