Disguised Trojan Viruses – They Hide In Your Computer
Trojan viruses are what the name implies. Named after the Trojan horse tactic used in wars and fighting, it is disguised as something it is not. Often appearing as part of a trusted application or your operating system, the Trojan actually has settled into your computer and is performing any of hundreds of malicious tasks.
Trojans can be especially hard to ferret out and get removed from your system. They can be in directories of applications you use on a day to day basis. They can be placed in hidden files so you have to know they are there before you will see them. They may be placed with your operating system files. The hardest and most delicate problem is when a Trojan has been integrated into a file used by an application or the operating system. The person constructing the Trojan has taken an important file that is necessary to the application, and purposely added the Trojan virus to it. This means that if you simply remove the file, you get rid of the Trojan, but you also make the application stop working.
Sometimes, removing the file containing the Trojan is the only way to get rid of the virus. Then it’s necessary to reinstall the application. The best way to proceed when this happens is to uninstall the application. Then, run a full scan of your computer with your virus protection software to be sure there are not other parts to the virus that remain. If the scan reveals other parts, follow the recommendations of the virus protection software. Now, reboot the computer. Rerun the virus scan again to be sure the virus is gone. Rebooting and rerunning the scan helps guarantee the virus is in fact gone. After that, reinstall the application that originally contained the infected file(s) and run the virus scan again. You do this to be sure the application installation was not infected. Yes, installation disks have been infected, both intentionally and unintentionally.
Also, be very careful because there are a number of virus and spyware protection programs being sold that are no more than delivery mechanisms for Trojan viruses. Some have become very clever. They actually scan your system, report on viruses (both real and imaginary) and appear to be doing a very good job of ridding your system of viruses. When in reality, they really are doing nothing other than planting more Trojan viruses on your computer.
Below are a few examples of files that are used to disguise Trojan viruses.
Regmech.exe is a necessary part of very well known Registry checking and scanning program. It has been known to become infected with the Trojan - Troj/WMIGumby-A.
Udcsdr.exe is a file which disguises itself through a drive cleaning utility but is in fact a Trojan that uses very annoying advertising techniques.
Sysvcs.exe usually comes bundled with virus or spyware checking software. It occasionally can become infected with the Trojan Orse-F downloader virus
Winav.exe is file that is part of Virus protection program advertised widely on the internet. In reality it is a Trojan disguised as the antivirus application.
Winlock.exe comes bundled with a very common virus protection program that may not be perform virus protection. It is part of the downloader Trojan WinCommX.
In short be very careful what is installed on your computer and who gets access to it. It can take only a matter of seconds for something to be downloaded and installed. It often happens completely behind the scenes without your knowledge or accompanies something you think is safe. Regularly run your virus protection scans. If you have any reason to suspect something is wrong, don’t put off trying to fix it. Viruses never get better, they only get worse.
