Trojan Horse Virus Explained
What is a Trojan Horse Virus?
A Trojan Horse Virus is a small program that runs in the background of your computer. Most users will not even know they are there until an anti-virus program picks it up and prompts the user for action. A Trojan Horse Virus actually gets its name from Ancient times during the Trojan wars. A large wooden horse was left at the gates of the city of Troy. Thinking this is a peace offering by Odysseus, the King of Ithica. The Trojans brought the gigantic wooden horse into the gates of the city. That night, the Greeks that were hiding inside the wooden horse crawled out an opened the city gates. This allowed the Greek warriors to enter the city at will. A Trojan Horse Virus is very similar to this because, it appears to be something good, then wreaks havoc after the fact.
How did I get a Trojan Horse Virus?
Unlike other viruses such as worms, and such, a Trojan Hose Virus has an intended recipient and does not self replicate itself. Trojan Horse Viruses are usually spread to the victims system by email attachments. Such as an email from someone sending you porn saying something like “check out these pics” and an attachment “sexygirls.exe” However note that the attachment is an executable file (.exe) and instead of looking at sexy girls, your computer is installing the Trojan Horse Virus. There are many other popular ways to infect a system with a Trojan Horse Virus, such as instant massagers, web page download links, floppys, CDs, and file sharing programs. Sometimes a Trojan Horse Virus can be binded to another file, making the Trojan Horse Virus even harder to detect.
What exactly can a Trojan Horse Virus Do?
A Trojan Horse Virus is one the worst viruses to have in terms of payload. Because a Trojan Horse Virus basically hands over your system to an attacker, it can be devastating. If your system was a planned attack, then chances are the attacker password protected the Trojan Horse Virus so other users would not access the system they effectively compromised. This will keep anonymous attackers that are just passing by from compromising your system.
Different Trojan Horse Viruses have different payloads, but all should be considered dangerous when it comes to protecting your data. Once an attacker has the Trojan Horse Virus installed and running, he can set the Trojan Horse Virus to notify him that you are online and vulnerable. The attacker would then connect to your system and basically control it just as if he was sitting in front of it. This includes copying files and passwords, web browsing history, bank account info, and any other personal data that is stored on that system, or a system that is connected to that system and has access to other systems on that network. Printing of documents, opening and closing CD or DVD drives, or viewing the victim through their own webcam are just some of the things that are possible when a system is infected with a Trojan Horse Virus. As you can see, once infected with this type of virus, you will need to update much of you personal data, including changing passwords, etc.
Common Myths about Trojan horse Viruses
Many people believe that since the advent of Windows XP / ME system restore, they can just restore their system to a previous state and the Trojan Horse Virus will be gone, like it never happened. Not True, Most Trojan Horse Virus will infect the restore files and basically copy itself to the restored system. While it may work on some less sophisticated Trojan horse viruses, it is not recommended as a permanent fix to the problem. Many people also think that they must reformat their hard drive if they suspect a Trojan horse virus has infected their computer. While this will get rid of the Trojan Horse Virus, if steps are not taken to prevent it again, the user will end up reformatting again and again. Another myth is that firewall programs will prevent a Trojan horse attack, this is true for some Trojan Horse Viruses, but again, some of these will slip through the cracks.
Removal of Trojan horse Virus
Many anti virus programs can detect Trojan horse viruses and prompt you for action. They will tell you what the name of the Trojan Horse Virus is, and from there you can find removal instructions of their website. It is recommended that once you know that the system is infected with a Trojan Horse Virus, it should be removed from the network and disconnected from the internet. Patches and removal instructions should be attained from a friend’s computer or library computer. This way, you personal data is not available while you try and remove the Trojan Horse Virus.
Some Common Tips for Trojan horse Viruses
Never open attachments in email that are from people you don’t know. Even if you are sure that the file extension is not an executable. Exploits for email programs may allow attacks to effectively hide the fact that the file is an executable. This holds true for instant messaging also, if you suspect something fishy with a file you receive, don’t open it. If you do make sure your anti virus program is up to date and scan the file before you open it.