Trojan Horses

Trojan wars

Trojan defenses have been getting better, but some Trojans have become much harder to detect and eradicate. They're like cockroaches: They hide in dark places, breed rapidly, and are almost impossible to stamp out. RATs are an example of the current breed of Trojans (sorry for the mixed metaphor).

Specific defenses

The points listed here are taken from the 7-Step plan, but are limited to a Trojan defense point of view.

  1. Install a good firewall.
  2. Install an anti-virus program, even though it will only provide limited protection.
  3. Install anti-malware, or better yet install robust anti-Trojan software in addition. Ordinary anti-malware programs can be simply disabled by the Trojan.
  4. Be very careful with email, email attachments or files of any kind.
  5. Be very careful about strange or unexpected popup windows announcing that you need to download or install something.
  6. Learn more about Trojans.

How do you get rid of a Trojan?

  1. Stay vigilant so you don't get one in the first place. Just joking. But a good defense would have saved you a lot of trouble, eh?
  2. Antivirus programs can sometimes remove Trojans. Don't have one? It might have prevented the intrusion in the first place, but the more cunning Trojans sidestep most ordinary antivirus programs anyway.
  3. GFiTrojanScan will scan your computer online for Trojans, and even remove them. You will need to use Internet Explorer, and allow them to install "ActiveX controls". It will take a while for them to download. PC Flank's Trojan Test, TrojanScan.com and Trend Micro's "Housecall" are three more good places to get your computer scanned for Trojans.
  4. Use a robust anti-Trojan program. Even then you may not be able to remove the Trojan. And if it was wily enough, how would you know for sure?
  5. You could format your hard drive, reinstall Windows and reinstall all your programs. In fact, that's the only way sometimes -- even for experts. It's also something to consider if you're particularly concerned about the security of your private information.

Robust anti-Trojan programs

Anti-virus, and anti-malware programs can detect some Trojans. Firewalls can block others. Anti-Trojan programs are much better at both blocking and detecting Trojans.

TrojanHunter -- , from the talented Swedish author Magnus Mischel, rapidly improved during 2003. It has become probably the best anti-Trojan program, both for average and experienced users. It's very fast, and scans memory, the registry, critical system files and ports as well as scans files against signatures. TrojanHunter also provides real-time protection. It's the one that I rely on. [review]

AVG Anti-Spy: (was Ewido Security Suite) A newcomer to Trojan defense, with impressive performance. There are free and commercial versions. Both worked well when I tried them, and they continue to get good reviews.

PestPatrol is a more general program that is quite effective against Trojans. It's also effective against worms, spyware, ANSI bombs, DoS tools, virus droppers, hostile Java, password crackers, remote monitoring, keystroke sniffers, and more.

More on the Web

You will find authoritative, but easy to read information on all aspects of Trojans at anti-trojan.org

Anti-trojan Software Reviews and Wilders.com provide excellent reviews of anti-Trojan software.

A comprehensive list of anti-Trojan tools: http://lists.thedatalist.com/pages/AntiTrojan_Tools.htm

Extensive links to anti-Trojan resources: http://www.chebucto.ns.ca/~rakerman/trojan-port-table.html