Trojans, remove trojan.

What is trojan?

Trojan is a program installed on computers usually without the owners permission or knowledge and are used to gain access by unauthorised people to the computer.

Trojans appear to be safe, but they often hide malicious computer code that can spread a virus or worm.

Trojans can sit harmlessly on a computer until the hacker activates it and gains access.The term comes from the a Greek story of the Trojan War, in which the Greeks give a giant wooden horse to their foes, the Trojans, ostensibly as a peace offering. But after the Trojans drag the horse inside their city walls, Greek soldiers sneak out of the horse's hollow belly and open the city gates, allowing their compatriots to pour in and capture Troy.

How do trojans work?

Trojans typically consist of two parts, a client part and a server part. When a victim (unknowingly) runs a Trojan server on his machine, the attacker then uses the client part of that Trojan to connect to the server module and start using the Trojan. The protocol usually used for communications is TCP, but some Trojans' functions use other protocols, such as UDP, as well. When a Trojan server runs on a victim’s computer, it (usually) tries to hide somewhere on the computer; it then starts listening for incoming connections from the attacker on one or more ports, and attempts to modify the registry and/or use some other auto-starting method.

It is necessary for the attacker to know the victim’s IP address to connect to his/her machine. Many Trojans include the ability to mail the victim’s IP and/or message the attacker via ICQ or IRC. This system is used when the victim has a dynamic IP, that is, every time he connects to the Internet, he is assigned a different IP (most dial-up users have this). ADSL users have static IPs, meaning that in this case, the infected IP is always known to the attacker; this makes it considerably easier for an attacker to connect to your machine.

Most Trojans use an auto-starting method that allows them to restart and grant an attacker access to your machine even when you shut down your computer. Trojan writers are constantly on the hunt for new auto-starting methods and other such tricks, making it hard to keep up with their new discoveries in this area. As a rule, attackers start by “joining” the Trojan to some executable file that you use very often, such as explorer.exe, and then proceed to use known methods to modify system files or the Windows Registry.

Categories of trojans

• Remote Access Trojans
• Data Sending Trojans
• Destructive Trojans
• Proxy Trojans
• FTP Trojans
• security software disabler Trojans
• denial-of-service attack (DoS) Trojans
  

How to secure your PC from trojans?

• Never open files which you are offered by an unknown party. This applies to all types of files received through all possible channels.
  
• Ensure that programs such as Microsoft Word and Excel do not automatically run macros.
  
• Ensure that your e-mail program does not automatically open attachments for you.
  
• Never accept files which are offered via MSN Messenger or similar chat programs.
  
• Do not accept files which you have to install in order to view a web page.
  
• Use a specialist trojan scanner to detect passive trojans.
  
• Make sure you always download the latest updates for these programs. Trojan scanners are not effective without updates.
  
• Ensure that your operating system automatically receives new updates and patches.
  
• The producer of your operating system will use these updates in order to close any security holes. Special trojan scanners are available to help you detect trojans. Like your virus scanner, a trojan scanner requires updates in order to recognise the latest trojans. You can use a trojan scanner to remove trojans. It will not protect you against trojans, but can be used to remove trojans from your computer.

Trojans catalog

• Abebot Trojan
• Backdoor.Rinbot.A
• Beagle.GM
• Golden Palace Casino
• Dangerous trojans popup
• PSW.Lineage.DN
• SpyBot@MXt
• Storm Trojan
• TrojanDownloader.xs
• Trojan.Win32.agent.akk
• Trojan.Agent.AFG
• TrojanClicker.Small.KJ
• Trojan.Colecto
• Trojan.Downloader.Small.ASE
• Trojan.Dropper-Delf
• Trojan.FakeAlert
• Trojan.FakeCodecs
• Trojan Farli
• Trojan.Kardphisher
• Trojan.Lazar
• Trojan.Obfuscated.gx
• Trojan.Pandex
• Trojan.Peacomm
• Trojan-Spy.Win32@mx
• Trojan.Starter.65
• Trojan.SystemPoser
• Trojan.Win32.BlackBird
• Trojan.Win32.CP4000
• Trojan.Win32.Patched
• Trojan.Win32.StartPage.fg
• Virantix Trojan
• Vundo
• Winlogonhook
• Zlob
• Zlob.B
• Zlob.GoldCodec
• Zlob.iVideoCodec
• Zlob.MovieBox
• Zlob.QualityCodec
• Zlob.PerfectCodec
• Zlob.PornMagPass
• Zlob.PornoPlayer
• Zlob.VideoKeyCodec
• Zlob.ZCodec
• Zlob-x.a