Tuesday, July 22, 2008

Methods of deletion

Posted by vishnu vardhan reddy boda at 7:26 PM

Share this Post and Be Awesome

Since Trojan horses have a variety of forms, there is no single method to delete them. The simplest responses involve clearing the temporary internet files file and deleting it manually ( safe mode is recommended ). Normally, anti-virus software is able to detect and remove the trojan automatically. If the antivirus cannot find it, booting the computer from alternate media(cd) may allow an antivirus program to find a trojan and delete it. Updated anti-spyware programs are also very efficient against this threat.

[edit] Disguises

Most varieties of Trojan horses are hidden on the computer without the user's awareness. Trojan horses sometimes use the Registry, adding entries that cause programs to run every time the computer boots up. Trojan horses may also work by combining with legitimate files on the computer. When the legitimate file is opened, the Trojan horse opens as well.

[edit] How Trojans work

Trojans usually consist of two parts, a Client and a Server. The server is run on the victim's machine and listens for connections from a Client which is used by the attacker.

When the server is run on a machine it will listen on a specific port or multiple ports for connections from a Client. In order for an attacker to connect to the server they must have the IP Address of the computer where the server is being run. Some trojans have the IP Address of the computer they are running on sent to the attacker via email or another form of communication.

Once a connection is made to the server, the client can then send commands to the server; the server will then execute these commands on the victim's machine.

Today, with NAT infrastructure being very common, most computers cannot be reached by their external ip address. Therefore many trojans now connect to the computer of the attacker, which has been set up to take the connections, instead of the attacker connecting to his or her victim. This is called a 'reverse-connect' trojan. Many trojans nowadays also bypass many personal firewall installed on the victims computer. (eg. Poison-Ivy)

Trojans are extremely simple to create in many programming languages. A simple Trojan in Visual Basic or C# using Visual Studio can be achieved in 10 lines of code or under.

✔ Become Premium User For Free

Get posts directly to your Email. Submit your Email

✔ Share it for others

Love to hear what you think! Thanks Would make us Smile :)

Receive all updates via Facebook. Just Click the Like Button Below else Hit close icon

-->

Search Entire Site

Custom Search
back to top