So You Got a Trojan Horse Virus
First, understand what happened, so we can prevent it from happening again. You downloaded or copied and then ran a program that you thought was one thing, but actually turned out to be this Trojan horse virus. If it came from an e-mail–possibly from a friend or family member–they are likely infected too. It may have appeared interesting, or it may have been a “fake” version of a real program; perhaps an upgrade. That doesn’t matter now–you ran the program and it has infected your system.
Removing Trojan Horses
Once the Trojan has infected your system, removing it is similar to removing other viruses. Depending on the specific Trojan horse virus you are infected with (there are many different ones) the steps and effort to remove it may be different. For most any virus infection if the virus was not detected and blocked or quarantined when it first tried to run or load, you’re going to have trouble removing it while the system is running.
The best thing to do first is power off your system. If you are sure you are infected don’t bother trying to shut down the system normally, you’ll give the Trojan horse more time to make changes, alter system files, or spread other ways. Just power it off.
You will want to use a recovery disk which can boot up and includes malware removal tools. Your anti-virus software package should have this option, although you may need to burn the disc if you don’t have a retail copy and instead downloaded the anti-virus or anti-malware suite.
The point of booting up using a known good clean boot CD or other boot device is to prevent the virus from loading into memory and blocking the loading or actions of removal tools. The removal tools can search for and remove the Trojan horse virus on your normal boot device and other disks or media. Once you are sure the Trojan has been removed and any damaged files have been replaced (you may want to run a Windows repair to ensure this) you can boot up normally.
Why didn’t your anti-virus software catch and stop the Trojan horse virus? Likely your anti-virus software’s virus description information is out of date. Either update it or switch to a better anti-virus software package. If the problem was that you had a subscription and it ran out and you didn’t want to pay–see what your penny pinching cost you? There are free anti malware software packages that are excellent, so cost isn’t really an issue.
If your anti-virus software was up to date and the Trojan got past it, you may have a new variant that the anti-virus software couldn’t identify. As we discussed above, this is an unusual but possible situation and you should be careful. Disconnect the computer from the network, keep it powered off, and contact your anti-virus vendor from a different, uninfected computer and let them know that you’ve got a new variant that their software didn’t detect.
The best advice for avoiding infection by Trojan horse viruses is simply don’t run programs that you don’t trust and know to be safe. To learn more about viruses and malware in general check out my articles on Trojan horse viruses, the differences between worms and viruses, the different types of viruses, and how people create viruses.