Gridinsoft Logo

What Is a Trojan Horse? Trojan Virus and Malware Explained

Trojan Viruses are malicious code or software that claim to be doing something useful but are doing something harmful. Trojans can take various forms, such as applications, documents, and scripts.

You may be interested in taking a look at our other antivirus tools:
Trojan Killer, and Online Virus Scanner.

What is a Trojan? Is It Virus or Malware? | Gridinsoft

Trojan Virus

March 13, 2023

Have you ever heard about the fall of Troy? First, Greek warriors failed to take the city with the attack and siege. Then, they imitated that their army retreated on the boats and left a ā€œgiftā€ - a vast horse dummy. As the Greeksā€™ bellboy said to Troyans, there were gifts for them inside of the horse. The trap was uncovered when the Troyans brought that horse into the city: the horse dummy was full of Greek warriors. This group of Greeks successfully invaded the town since the army inside of Troy was negligible.

Such an instructive story cannot get a reflection in the modern environment. People often use the name ā€œTrojan virusā€ for malware that injects into the computer under the guise of a ā€œhorseā€ - a legit program or utility. History repeats itself constantly, and this is just an example.

What is the Trojan Virus?

As you have already understood, the trojan virus is a kind of malware that disguises itself as legitimate. In some cases, crooks may try to hide their virus as a keygen or system hacking tool. Sometimes the virus may get on your PC as a ā€œsystem updateā€. But let's classify the possible shapes of the trojan virus first.

Computer trojan horses may contain any virus. The only question is how to disguise something massive to avoid the situation when the user uncovers the fraud before it becomes effective. Thatā€™s why most trojans have the functionality of trojan downloaders: it is easier to stealthily modify the system, inject the viruses, inject them all into an unprepared PC, and hope that they all will work properly.

Another often case is when the trojan contains spyware or a stealer. These viruses are similar but serve different purposes: spying on the whole system or stealing specific files or passwords. The famous disguise for these viruses is online trackers: such a status allows the virus to legitimately use internet connection and location data. Nonetheless, there are a lot of examples when well-known applications were able to spy on their users. All such cases usually raise a substantial public response, so you will barely miss that case.

In sporadic cases, trojan viruses have adware functions. In that situation, the sign of virus presence is an advertisement storm, which appears on all websites you browse. Moreover, you will also spectate that your web browser opens autonomously with the advertising page. Such software is usually described as a potentially unwanted program (PUP) since it can carry natural functions besides malicious ones.

Trojan Virus Classification
Computer Trojan Horse Virus Classification

How Dangerous is the Trojan Virus?

The same shell that surrounds the virus deals low to no damage to your PC. However, even the same viruses may carry different dangers for your system. Letā€™s check out the threat of each of the mentioned types:

  • Trojan-Downloader disables Microsoft Defender, establishes a connection with its command server, and adds itself to the Run registry key. Other changes in the registry are targeted at creating an exploitable environment. All these changes are targeted to make the system vulnerable to further attacks. Changes in the registry may lead to system crashes.
  • Trojan-Spy, Trojan-Stealer. Brother in arms, they suspend Defender on your PC and connect to several servers simultaneously. They also can modify some deep settings that are responsible for telemetry uploading. After that change, burglars who maintain the virus can receive all information about your activity hours, system configurations, and other details.
  • Trojan-Ransom. Indeed, the most dangerous thing. Under the guise of something legit, ransomware will surely complete its task, especially if you have no counteraction mechanism. People often underestimate the chances of getting infected with ransomware and moan when discovering that their files are encrypted. Nukes your security settings, disabling both Defender and UAC, and blocks access to specific sites to prevent reading the removal and decryption guides.
  • Trojan-CoinMiner. Coin mining viruses can harm your computer not only in software but also in hardware. Since this sort of trojan uses your hardware for hash calculations, it may overload some of your devices. You may find a significant amount of reports saying about hardware failure after trojan-miner activity.

Read also: Trojan:PDF/Phish.A

How Can I Understand That The Program Is a Trojan Virus?

Usually, Trojan viruses are spread as some self-made tools that an unknown programmer creates. Such applications are offered massively on various online forums or specific communities. People often trust the things posted in a subreddit they usually read, so spreading the viruses through such a channel is easy. Of course, it is quite hard to understand if it contains a virus, but the chance of such a case is much higher for the mentioned types of programs.

Another popular case is when the trojan virus is hidden inside a well-known tool. Such tools are KMS Pico and its variations, a wide range of keygens, and other things with slightly illegal purposes. They are usually spread on websites where many similar programs are offered. The program you get may have the declared functions and be just a useless shell, which releases the virus after installation.

Is It Possible to See That I Have a Currently Active Trojan Virus On My PC?

In rare cases, you will detect the virus by the visible changes it does to your system. Most trojan viruses disable the Microsoft Defender so that you can catch the malware presence by this sign. Nonetheless, many users disable Defender manually since it consumes significant amounts of RAM and CPU capacities.

Another thing that indicates the virus's presence is the great performance decrease. This situation may occur when you have a ransom trojan or coin mining trojan. These viruses use your hardware power to conduct malicious activity, so you will likely feel it.

Nonetheless, the only method that will give you a 100% result is anti-malware software usage. A well-designed antivirus with updated databases will undoubtedly detect the running trojan virus and stop it with no problem. It is pretty easy to change the trojan so much that it will be hard to recognize for antivirus engines, so updating detection databases is vital. Gridinsoft Anti-Malware may offer you hourly updates of databases and 24/7 support that will surely help you if something goes wrong.

Frequently Asked Questions

What is a Trojan Virus?
A Trojan Virus (or a just "Trojan") is a malicious program or file that penetrates the victim's device in disguise as something that it is not (just like the Odysseus-invented horse that entered Troy.) A Trojan can be a file with harmful scripts or an executable with additional malicious functions. The word "Trojan" as a strict term describes the mechanism of infection, not what exactly infects.
How is Trojan injected into the system?
There are two main ways to deliver a Trojan. The first way is to install it as or along with another program. The second one is to enclose a malicious file in an email. In both cases, the exploited vulnerability is the user's unawareness.
What can Trojan Virus do?
Since the Trojan is rather a malware delivery method than a malware function, the consequences of Trojan infection vary according to the program it presents. Many existing Trojans are downloaders - they fetch other malware and plant it in the victim's system. Nevertheless, Trojans can have their own malicious payload: coin miners, rootkits, spyware, botnet infrastructure, ransomware, etc.
How to avoid Trojans?
Always check for additional program checkboxes in advanced installation options. Never download questionable email attachments, and beware of suspicious links. And, of course, install an antivirus program and keep it running. It will detect and quarantine all known Trojans immediately.