What is the next step you would do?

You suspect that your Windows machine has been compromised with a Trojan virus. When you run anti-virus software it does not pick of the Trojan. Next you run netstat command to look for open ports and you notice a strange port 6666 open.

What is the next step you would do?

You suspect that your Windows machine has been compromised with a Trojan virus. When you run anti-virus software it does not pick of the Trojan. Next you run netstat command to look for open ports and you notice a strange port 6666 open.

What is the next step you would do?

A.
Re-install the operating system.

B.
Re-run anti-virus software.

C.
Install and run Trojan removal software.

D.
Run utility fport and look for the application executable that listens on port 6666.

Explanation:
Fport reports all open TCP/IP and UDP ports and maps them to the owning application. This is the same information you would see using the ‘netstat -an’ command, but it also maps those ports to running processes with the PID, process name and path. Fport can be used to quickly identify unknown open ports and their associated applications.



Leave a Reply 0

Your email address will not be published. Required fields are marked *