 A Trojan horse is an impostor—a software program that claims to do something beneficial in order to entice you to install the software, but it is instead malicious, and once installed, performs hidden actions that compromise your system’s security and integrity. Trojans often lead to identity theft, an impaired system, and other criminal mischief involving your PC.
One common example of how a Trojan gains access to your system is by downloading a free browser toolbar. Once installed, the toolbar works as expected; but behind the scenes and hidden to the user, malicious code is at work to accomplish the objectives of the programmer who created the toolbar and its Trojan horse payload. By installing the toolbar as the computer’s administrator, you unwittingly give the malicious code enormous power: access to your entire computer and authorization to do anything an administrator is allowed to do on your system.
Other examples of Trojans include certain peer-to-peer file-sharing software, bootlegged commercial software, screen savers, altered operating system patches or system software, compromised utility programs, games, and any other software likely to be attractive to PC users. The malicious payload may be in the form of a Java applet, JavaScript, an ActiveX control, or any other form of executable content, which usually runs surreptitiously in the background. Unlike a virus, a Trojan does not replicate itself, but instead relies on social engineering (deception, manipulation, and exploitation of an end user) to spread.
 What Can A Trojan Do? | 
The Zlob Trojan runs an executable process named Spy-locked.exe. |
Because Trojans are generally installed with your “permission” (at least, as far as the system can tell), it can do just about anything your PC can do. Some common exploits include disabling your PC security software; rendering your system scans ineffective; spying on your usage of the computer or the Internet; sending files or personal data such as email addresses, account numbers, passwords, or Social Security numbers to an outsider; modifying your PC files or access privileges; installing other malware on your PC; hijacking your PC for use in a “zombie” network; or opening a backdoor that will allow a criminal hacker remote access to your computer.
Trojans have been found for all personal computer operating systems (Windows, Mac, and Linux). Because the software that carries the malicious payload appears to be beneficial (and often free) to users, Trojans are highly effective in gaining distribution and are pervasive. Trojans are one of the favorite means of organized crime to gain control of personal systems in order to run illegal spam or porn servers unbeknownst to the hosts or to gain control of millions of PCs (in networks named botnets) in order to accomplish various illegal purposes.
By its very nature, a Trojan is only able to get onto your system through running or installing some kind of executable program on your PC and thus gaining system access. If you download and run any kind of software from a less-than-100%-trustworthy source, it could be software that is bearing a Trojan horse. If you open an attachment in an email to check out a photo (that’s actually a program and not a photo) or run a cute animation in a greeting card, you put your system at risk. If you insert a CD, DVD, or floppy diskette from unknown origins, you could infect your system with a Trojan.
Identify A Trojan
It can be very difficult to detect a Trojan on your system, primarily because the Trojan works best to accomplish its nefarious objectives as it goes undetected. So perhaps the best (but not the least expensive) way to detect Trojans is to pay a professional PC and Internet security specialist to run a deep system scan on your system. Alternatively, you can identify and run a scan by a world-class anti-malware application that is strong on identification of Trojans. Often, your system gives you some indication of a Trojan infection. If your system or browser ever shuts down and then restarts unexpectedly or experiences inexplicable slowdowns, you should be suspicious about the presence of a Trojan. Other indications may include Internet bandwidth usage that’s higher than expected, random system behaviors, and system pop-ups requesting or demanding that you subscribe to some form of protection for your PC.
If the Trojan is at work and actively running on your PC and you know which processes are typical for your system, you can identify the Trojan as a rogue process by pressing CTRL-ALT-DELETE, clicking Task Manager (Start Task Manager in Windows Vista), and then selecting the Processes tab.
Options For Getting Rid Of Trojans
Most good antispyware software will prevent the installation of known Trojans and help you remove any Trojan horses identified during a system scan, so that should always be your first choice to prevent and remove a Trojan.
If you’re confident in your PC abilities and the infestation doesn’t seem serious, then you can manually try to remove the Trojan and any malware it might have planted. Keep in mind that you need to uninstall all the related programs that were originally installed, including the Trojan itself. The original Trojan horse can usually be uninstalled using the uninstall utility of the Control Panel, but the payload portion of the Trojan must often be uninstalled using antispyware or antivirus software that recognizes the Trojan and knows which files and Registry entries to remove, along with any other system implications.
If you're not comfortable trying to manually remove a Trojan, or if you are not satisfied with the performance of the security software and need additional assistance, let Microsoft try. It offers phone support for security breaches affecting Windows at (866) PCSAFETY or (866) 727-2338. However, if you take this route, be prepared to be told that your best bet for recovery is to reformat your hard drive, reinstall the operating system, and carefully restore your backed-up data after scanning it to ensure that it’s free from infection.
When confronted with the possibility of a serious Trojan infection, however, even seasoned PC veterans reach out for expert help from a variety of other sources. There are several Web sites you can also visit for help. Use a search engine such as Google (www.google.com) to search for a variety of sites for help in learning more about known Trojan horses and their various names.
Other options include contacting expert service providers such as Geek Squad (www.geeksquad.com), Invisius (www.invisus.com), or a local and certified technician. 
by Dave Whittle and Jay Ferron
Prevention Tips
Antivirus and antispyware. Be sure that both your antivirus and antispyware software checks for and protects against Trojans and offers regular definition updates. Use the software regularly and keep it up-to-date.
OS updates. Keep your operating system up-to-date with security fixes. Details of Microsoft’s security updates may be found at its Web site (update.microsoft.com).
Internet downloads. Be extra careful about downloading and installing software programs from the Internet or any other unsecure source, especially freeware that sounds or looks too good to be true. Stick with reliable sources, such as Tucows (www.tucows.com).
Attachments. No matter how curious you may be, never open an email attachment from an unknown source.
Executable content. Use caution and good judgment when executing content from Web pages such as Java applets, JavaScript, or ActiveX controls.
Enhanced privileges. Apply the principle of least privilege in daily activity. For example, do not use an administrator account to perform everyday tasks such as reading email or working with documents. |
|
Email This
Print This
