What is a Trojan?
Let's start at the beginning. A "Trojan" is a program that appears to be something helpful (i.e. anti-spyware, essential download) when in reality it is actually a harmful program that can open up unauthorized access to your PC and its settings. Runtime refers to a Trojan that continues to actively "run." So, rather than just being downloaded and dropping its nasty little package, the Trojan runs continuously in the background of your PC. The reason for this is that usually the Tojan is designed to open up a port and keep it open, letting some hacker or malicious server have access to your PC. A packed runtime Trojan is a program that contains something inside it, generally a hunk of malware. The Trojan "packs" its contents and makes it smaller in hopes of the malware going undetected.
What sorts of malware are "packed"? Anything that can do a job secretly and that is small. This usually means spyware, so little keylogging programs, web-monitors and even simple tracking cookies can all be part of a Trojan's payload.
How are Runtime Packed Trojans Disguised?
More often than not, a runtime packed Trojan makes its appearance as something benign or something essential to the functionality of your PC. Clever advertising and disguises make it difficult to determine potential threats from necessary updates.
As a general rule, always be cautious when downloading:
1) An attachment in an e-mail Many Trojans can be spread by worms. These worms will hijack email addresses of people you know and trust. If the email is vague and points you to a link that you don't recognize, be suspicious. If it came from a friend, call and ask if they sent it.
2) A codec your PC doesn't have that is needed to access a multimedia file Codecs are programs that tell your browser how to interpret/display media, like videos. Some are legit and well known, like codecs for Adobe Flash or Microsoft Silverlight. The key here is that - if most videos already work for you and a website says theirs won't - be suspicious.
3) A plug-in for your browser Is it useful? Is it reviewed? Is it from a reputable source?
4) A free, downloadable security scanner or an "anti-spyware" program of some sort There are lots of good, legitimate free scanners our there, but there are also some scams. These are called "rogues," and work by using exaggerated or false reports of malware to scare you into buying a license. If a security program shows up on your computer and you didn't install it, it likely came from a Trojan.
When you do download files, make sure you always scan files for infection before you download or open them; and, of course, it's always a good idea to check up on any program before you install it. Reliable download sites like http://www.download.com have customer reviews and expos on hundreds of programs.
What Do these Trojans Do?
There are thousands of these little Trojans out there and each one can carry out a particular malicious function. But in general, most runtime packed Trojans will have the same effect on your PC.
1) Monitor and log your online activity without your permission.
2) Download files without your permission.
3) Slow down your downloads and operating system speed.
4) Disable antivirus software and firewalls.
These are just a few examples of what these Trojans are capable of. But if you are noticing the above symptoms, it's possible your PC could be infected.
As mentioned above, a new trend in packed Trojans is to appear disguised as free anti-spyware. By downloading this type of Trojan, your PC will experience dozens of pop-up windows of "threats" found by the malware. The malware usually recommends buying a specific product to "fix" the fake security issues. Once the PC user purchases the fake security software, the fake threats disappear; however your PC is also left unprotected and you shelled out good money for a fake fix. Vundo and Zlob Trojans are examples of these prolific anti-spyware rogues.
How Do I Get Rid of It?
If it's too late to prevent getting a Trojan, this sequence for troubleshooting should help with most uninvited Trojans that have taken over your system.
1) First thing's first, make sure you have a reliable anti-spyware scanner and anti-virus scanner before you get any infections. You don't have to keep them running all the time, but you should routinely update their definitions.
2) Disconnect your PC from the Internet. This way you can prevent further interference from outside sources. You can disable a network adapter or simply disconnect the ethernet cable and/or turn off the modem.
3) Restart your PC in Safe Mode by pressing the F8 key as it reboots.
4) Pressing F8 brings up a menu on a black screen with one option being safe mode. Once you can access safe mode, you can log into your computer with only the minimal number of functions running. This cuts off a maliciously installed software that doesn't operate as "essential" to the system. Open your (up-to-date) antivirus software.
5) Run a deep scan on your PC from your antivirus software first. You want to make sure that it removes all occurrences of the malware from your computer.
You will want to make sure that your antivirus is looking for and finding the specific kind of malware files you have on your PC. You may have to run the scan several times or use multiple kinds of antivirus and anti-spyware utilities. Remember the two are different and work in different ways. Run the antivirus first and then the anti-spyware, one will likely find the Trojan and the other will likely find the spyware it left behind.
If your scanner(s) don't initially succeed try others. A reputable download site will have various options, and all of the major brands have free versions that will provide what you need in an emergency: Microsoft Security Essentials, McAfee, Symantec, Panda, Trend-Micro, Avast AntiVirus, Ad-Aware, Spybot S&D, etc.
Julie Dreese is a freelance writer and editor who attempts to perform her own tech support through thorough research and anyone-can-do-it solutions.