This tutorial will include the understanding concept of Trojan, Dangers created by Trojans, how they can come to your computer, how do they destroy you and your data. How many types of Trojans are there, how Trojans are attached behind other applications and finally the most important, Detection of Trojan on your computer and their prevention to safeguard your system and your data.
Knowing the Trojan
Trojans is a program that appears to perform a desirable and necessary function but that, because of hidden and unauthorized code, performs functions unknown and unwanted by the user. These downloads are fake programs which seems to be a original application, it may be a software like monitoring program, system virus scanners, registry cleaners, computer system optimizer, or they may be applications like songs, pictures, screen savers, videos, etc..
You just need to execute that software or application, you will find the application running or you might get an error, but once executed the Trojan will install itself in the system automatically.
- Once installed on a system, the program then has system-level access on the target system, where it can
be destructive and insidious. They can cause data theft and loss, and system crashes or slowdowns; they can
also be used as launching points for other attacks against your system.
- Many Trojans are used to manipulate files on the victim computer, manage processes, remotely run commands, intercept keystrokes, watch screen images, and restart or shut down infected hosts.
Different Types of Trojans
- Remote Administration Trojans: There are Remote Access Trojans which are used to control the Victim’s computer remotely.
- Data Stealing Trojans: Then there are Data Sending Trojans which compromised the data in the Victim’s computer, then find the data on the computer and send it to the attacker automatically.
- Security Disabler Trojan: There are Security software disabler Trojans which are used to stop antivirus software running in the Victim’s computer.
In most of the cases the Trojan comes as a Remote Administration Tools which turns the Victim’s computer into a server which can controlled remotely. Once the Remote Access Trojan is installed in the system, the attacker can connect to that computer and can control it.
Some famous Trojans
- Back Orifice
- Net Bus
Download it from
- Pro Rat
Download it from –
- Girl Friend
Download it from –
- Sub Seven
Download it from –
Components of Trojans
Trojan consists of two parts:
- A Client component
- A Server component.
One which resides on the Victim’s computer is called the server part of the Trojan and the one which is on the attacker’s computer is called the client Part of the Trojan. For the Trojan to function as a backdoor, the server Component has to be
installed on the Victim’s machine.
- Server component of the Trojan opens a port in the Victim’s computer and invites the Attacker to connect and administrate the computer.
- Client component of the Trojan tries to connect the Victim’s computer and administrate the computer without the permission of the User.
A Wrapper is a program used to combine two or more executable into a single packaged program. The wrapper attaches a harmless executable, like a game, to a Trojan’s payload, the executable code that does the real damage, so that it appears to be a harmless file. Hackers use Wrappers to bind the Server part of the Software behind any image or any other file. Wrappers are also known as Binders.
Generally, games or other animated installations are used as wrappers because they entertain the user while the Trojan in being installed. This way, the user doesn’t notice the slower processing that occurs while the Trojan is being installed on the system—the user only sees the legitimate application being installed.
Mode of Transmission for Trojans
Reverse Connection in Trojans
Reverse-connecting Trojans let an attacker access a machine on the internal network from the outside. The Hacker can install a simple Trojan program on a system on the internal network. On a regular basis (usually every 60 seconds), the internal server tries to access the external master system to pick up commands. If the attacker has typed something into the master system, this command is retrieved and executed on the internal system. Reverse WWW shell uses standard HTTP. It’s dangerous because it’s difficult to detect – it looks like a client is browsing the Web from the internal network
Now the final part ….
Detection and Removal of Trojans
The unusual behavior of system is usually an indication of a Trojan attack. Actions/symptoms such as,
- Programs starting and running without the User’s initiation.
- CD-ROM drawers Opening or Closing.
- Wallpaper, background, or screen saver settings changing by themselves.
- Screen display flipping upside down.
- Browser program opening strange or unexpected websites
All above are indications of a Trojan attack. Any action that is suspicious or not initiated by the user can be an indication of a Trojan attack.
One thing which you can do is to check the applications which are making network connections with other computers.
One of those applications will be a process started by the Server Trojan.
i hope this article very helpful for understanding about trojans virus and also prevention for get rid from trojans.so remember me in your praryer
Samilee virux 🙂