Trojan horse software appears as beneficial software, but the fact about this software is it is malicious. This word called Trojan horse is generated from ancient history. In Greek history an historic event took place. There was a war between Trojans and Greeks and In the guise of peace Greek soldiers presented wooden horse housing, containing soldiers to Trojan enemies. When these enemies dragged that horse inside the city the Greek soldiers came out the horse belly and opened the city gates. This allowed the Greek soldiers to capture the Troy city.

A simple example of this malicious software is “rivers.scr”. Whenever a user downloads this software, he will see screen getting activated, but in the background there will be a vicious program running behind damaging the files stored in the computer. This malicious software which runs in the back ground can create troubles which cannot be rectified. The Trojan gets activated when a virus opens a back door access to your system. This back door access starts sending malicious spyware and other effective Trojans through this backdoor. The computer which sends this infection is called as Zombie computer. Most of the users don’t know that Trojan horse is running on their system. This Trojans are not detected by free antivirus protection software tools, unless scanned manually.

When a system gets affected by the Trojan its performance decreases to a large extent. Most of the infection affected computers use more CPU time for performing multiple tasks. When a Trojan horse affects the system is connected to the internet, its IP has more chances of being suspended by the ISP (Internet Service Provider).  Most of these programs are used by hackers to attack popular social networks. Hackers send these harmful programs to network administrators. When these administrators load those programs the Trojans come into existence and create a gateway for hackers to enter into these networks.

Most of the Trojan horse payloads are designed to cause harm. There are six different types of payloads namely: Remote accessing, downloader, data destruction, security software disabler, server Trojan and denial of service attack. These payloads are created smartly. They appear as something which is not of any harm to the system. This malicious payload looks like a normal program which does not cause any harm to the system. This is why an anti virus software doesn’t give more attention to this program. This Trojan horse is instructed to wait at least 12 hours before starting its work. Once the duration of 12 hours gets completed Trojan horse starts functioning, it searches the user’s computer and his network for important files which contain important documents, user ids, passwords, financial and health care information and other confidential information. This information present on users system will be sent to anonymous systems. As this software program is designed to operate for a specific time, it operates for that specific time and sends all the information to that malicious owner. Once the information is backed up to malicious system the owner of the Trojan horse develops a defense system to halt the process.

Once the user gets the required information, he orders this infection to take the final blow. Now this Trojan changes the communication protocols of the system and makes it difficult for users to detect the external communication to its internet hosts and local peers. This Trojan prevents itself from getting detected. When this process goes on the only way a user can get back his systems previous functions is by roll back or system restore and system repair. System recovery is an important and effective task which needs to be done properly.

Finding the Trojan horse and deleting it is a difficult task, however, here are some of the common steps which can help you in detecting the unwanted programs running on your computer. A free antivirus software tool will certainly assist you. If you are using a windows based operating system 95 or greater version, when you press CTRL+ALT+DEL you will see a special screen which shows list of processes running on your computer. Sometimes you can see large name processes running on this system with another user name, such processes should be located properly using the properties tab. Once you locate those processes you should go to that particular folder and delete the information present on it.

This stops the illegal access gateway formed to your system. The second best way of finding the malicious infection is going into the system information utility. This system utility will show list of processes which are in hidden mode. Another important tool which can help you in Trojan horse detection is Netstat. This is a command which should be typed in the run area. When you type the command “netstat –n” in run and press enter, you will see the list of connections going out of your system. If there is a suspicious connection on that list then you should check it.

Another program called TCP view allows you to find the victim using this illegal connection. This view allows you to find the Trojan horse owner who is illegally accessing your system. Sysinternals is a free program available in the internet which gives out a list of remote machines attached to your computer. This software also shows the list of processes present on your system which are communicating with those remote networks.

As this infection affects the security of your computer, it should be detected at an earlier stage and should be removed.  Understand that “regedit” is a famous command which can help you in deleting all malicious programs present on your system. For example: If you see a process like C: program nextegencompfilescommon sharedmsinfo, then you can go into the regedit directory and find that particular file by scanning the system. Once you scan the registry and find the process delete it. If still you find the process operating on your system then that take that system to an system analyst for prevention of loss in your data.