HackingHow the stuff works?

How does Trojans and backdoor work and how to prevent these viruses

Most PCs and laptop  are now connected to the world wide web i.e Internet, making easier the spread of malicious software (known as malware), which includes Trojans (also known as trojan horses), viruses, worms, spyware, adware, rootkits and other malicious or unwanted programs.

trojan

What are Trojan virus?

Trojan horses are programs that enter into a system or network under the guise of another program. A Trojan horse may be included as an attachment or as part of an installation program. The Trojan horse could create a backdoor or replace a valid program during installation. It would then accomplish its mission under the guise of another program. Trojan horses can be used to compromise the security of your system, and they can exist on a system for years before they’re detected. Check out my recent post top 10 security tips for your system.

Unlike Trojans, Virus and Worms do not replicate themselves, but they can be just as destructive. On the surface, trojans appear benign and harmless, but once the infected code is run, Trojans kick in and perform malicious functions to harm the computer system without the users’ knowledge.

computer-trojan-virus-worm

For example, waterfalls.scr is a waterfall screen saver as originally claimed by the author, but it can be associated with malware and become a trojan to unload hidden programs and allow unauthorized access to the users’ PC.

Some typical examples of threats by trojans are as follows:

  • Erase, overwrite or corrupt data on a computer
  • Help to spread other malware such as viruses (by a dropper trojan)
  • Deactivate or interfere with anti-virus and firewall programs
  • Allow remote access to your computer (by a remote access trojan)
  • Upload and download files without your knowledge
  • Gather e-mail addresses and use them for spam
  • Log keystrokes to steal information such as passwords and credit card numbers
  • Copy fake links to false websites, display porno sites, play sounds/videos, display images
  • Slow down, restart or shut down your computer
  • Re-install themselves after being disabled
  • Disable the task manager
  • Disable the control panel

Do you know?

Starting in September of 2011, the FBI began investigating a modified version of the Zeus Trojan, known as GameOver Zeus (GOZ), which we covered in depth. Thousands of corporations were infected with GameOver Zeus and as many as 1.2 million computers were infected prior to the take down of Zeus. It is believed GameOver Zeus is responsible for financial losses of more than $100 million USD.

How to prevent Trojan viruses?

The best preventive measure for Trojan horses is to not allow their entry into your system. Immediately before and after you install a new software program or operating system, back it up! If you suspect a Trojan horse, you can reinstall the original programs, which should delete the Trojan horse. A port scan may also reveal a Trojan horse on your system. If an application opens a TCP or UDP port that isn’t regularly used in your network, you can notice this and begin corrective action.

What are Backdoor virus ?

A backdoor, is a secret entry point into a program that allows someone that is aware of the backdoor to gain access without going through the usual security access procedures.

Backdoor Viruses

So the term backdoor attack can have two different meanings. The original term backdoor referred to troubleshooting and developer hooks into systems. During the development of a complicated operating system or application, programmers add backdoors or maintenance hooks. Backdoors allow them to examine operations inside the code while the code is running.

Do you know?

Self-replicating programs were established in 1949, to produce a large number of  viruses,  John von Neumann, whose known to be the “Father of Cybernetics”, wrote an article on the “Theory of Self-Reproducing Automata” that was published in 1966.

The backdoors are stripped out of the code when it’s moved to production. When a software manufacturer discovers a hook that hasn’t been removed, it releases a maintenance upgrade or patch to close the backdoor. These patches are common when a new product is initially released.

The second type of backdoor refers to gaining access to a network and inserting a program or utility that creates an entrance for an attacker. The program may allow a certain user ID to log on without a password or gain administrative privileges. The attacker is using a back door program to utilize resources or steal information. On the other hand. A typical backdoor opens a network port (UDP/TCP) on the host when it is executed. Then, the listening backdoor waits for a remote connection from the attacker and allows the attacker to connect to the system.

How to remove backdoor virus ?

Method 1: ( Backdoor.bot.MSIL Manual removal Only for Advanced and Experienced PC users who are familiar with hidden files and Registry)

Step 1. Show hidden files on your computer system by changing system folder settings

Step 2. Search for and remove malicious files generated by Backdoor.bot.MSIL on your Hard Drive.

Step 3. Go to Registry Editor and delete all its related registry keys

Method 2: (Manual Rmoval+Aotomatic Removal)

Step 1. Uninstall all unknown programs from computer control panel

Step 2. Check your Browser settings and remove all suspicious plug-ins, toolbars, add-ons, extensions from Internet Explorer/Google Chrome/Mozilla Firefox/Safari

Step 3. Scan your entire computer with SpyHunter to remove the insidious Backdoor.bot.MSIL (this is the most important step)

Method 3: (Ultimate Solution: Automatic Removal)

Step 1. Use RegHunter to clean up malcodes that Backdoor.bot.MSIL adds to your Registry and fix all the corrupted/modified system files.

Step 2. Recheck your computer and remove remnants of Backdoor.bot.MSIL with Malwarebytes.

Step 3. Reset your browser settings to remove components related to Backdoor.bot.MSIL.

Whats Next?

In next post we will be discussing about the list of FREE Trojan tools which are commonly used for making Trojan and backdoor viruses.

Harinder
the authorHarinder
blacklisthackers.com is created and owned by Harinder(Aarav).Aarav is a technology Blogger from India(Dehradun). He’s Quiet type and Creative Guy who enjoys creating and exploring new trends on the WEB. Currently pursuing B.tech from DIT University.

Leave a Reply