Trojans are typically files with suffices like "ini", "exe", or "com", such as "dmsetup.exe". These days nearly all trojans are spread in the guise of a free game or other software. You probably downloaded one from a WWW or FTP archive, ICQ file exchange, or through IRC's DCC file transfer (by manual /dcc get or, worst yet, an "auto DCC get" feature which allows anybody to send you anything, including not only trojans but also viruses, child porn, etc.). Typically the trojan needs to be run manually, and installs hacked files all over your disk silently.

You may say I never download files from people or sites, which I am not 100% sure about. But the most common way to get the trojan is from your friend and known people on icq or email, yes these are the people whom you can’t say no to a file transfer. Just for fun, or invading your privacy they send you a trojan file saying it is a nice joke or a game, you accept the file run it and along with that joke or the game the trojan gets installed. YES any picture file or exe file nowadays can be attached with a trojan with the help of softwares like joiner or silkrope etc. So along with file the trojan is merged.

While you are surfing the net your cd-rom opens and closes on its own, sound files start playing on your computer, your background on your desktop has changed on its own. Worse your computer restarts on its own (giving the hacker the opportunity to see your internet password). Your keyboard hangs etc. See the image below to see what all can be done by the attacker. This is a screen dump of netbus trojan.

1. Back Orifice

This sophisticated backdoor program is not specific to IRC at all. Once downloaded and run, it allows attackers to remote control your computer almost as if they were sitting right in front of it. They can change or steal your passwords, run or delete files, reboot the computer, format your disk, etc. all without your knowledge or consent.

Downloaded as a relatively large .exe or .zip file, typically 125 kB. creates " .exe" in c:\windows\system which will appear to be nameless. creates a Windows registry key under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
\RunServices.

To remove follow this link

http://lrbcg.softseek.com/Utilities/Virus_Protection/Review_19487_index.html

2. NetBus

Like Back Orifice (BO) above, NetBus is a backdoor program that allows others access to your computer remotely. One thing that sets it apart from BO is the ability to open/close your CD-ROM door. In addition, like BO it allows others to change/steal your passwords, run or delete files, reboot your computer, format drives, and even make your computer unable to be started up.

Your machine listens for TCP connections on port 12345 or 20034, although this can be changed with more recent versions. Telneting to those ports gives a string like "NetBus [version number]".

creates a Windows registry key under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run or for version 2 or later HKEY_CURRENT_USER/NetBus Server/

3. SubSeven the latest and the deadliest.

Similar to back orifice but many advanced features including web cam support.

The sub seven screen

Backdoor.BO (aka Backorifice) Backdoor.DeepThroat Backdoor.Executor Backdoor.Netbus Backdoor.Phase aka Phase Server Backdoor.TheThing Backdoor.Choleepa Crackers On4ever (Trojan) PKZIP300 Trojan Trojan.AOL.Buddy Trojan.BuggyHidp Trojan.Durell Trojan.FlashKiller Trojan.Macro.Excel.Taiwanes Trojan.Macro.Word.Format Trojan.Macro.Word.Nikita Macro.Word97.Trojan.Thief Trojan.NetPatch Trojan.PSW family Trojan.Stdout Trojan.Telefoon Trojan.Win.BadSector Trojan.Win.BuggyShell Trojan.Win.Heckler Trojan.Win32.AntiBTC Trojan.Win32.Antigen Trojan.Win32.Coke Trojan.Win32.DiskAdmin Trojan.Win32.LoveYou etc.

For eg lockdown2000 and cleaner can detect more than 50 types of trojans including new ones.

Just download lockdown2000 or cleaner and run it on your computer and then sleep with peace of mind.