What is the next step you would do?

You suspect that your Windows machine has been compromised with a Trojan virus. When you
run anti-virus software it does not pick of the Trojan. Next you run netstat command to look for
open ports and you notice a strange port 6666 open.
What is the next step you would do?

You suspect that your Windows machine has been compromised with a Trojan virus. When you
run anti-virus software it does not pick of the Trojan. Next you run netstat command to look for
open ports and you notice a strange port 6666 open.
What is the next step you would do?

A.
Re-install the operating system.

B.
Re-run anti-virus software.

C.
Install and run Trojan removal software.

D.
Run utility fport and look for the application executable that listens on port 6666.

Explanation:
Fport reports all open TCP/IP and UDP ports and maps them to the owning
application. This is the same information you would see using the ‘netstat -an’ command,but it also
maps those ports to running processes with the PID,process name and path. Fport can be used to
quickly identify unknown open ports and their associated applications.



Leave a Reply 0

Your email address will not be published. Required fields are marked *