google

সোমবার, ২৪ আগস্ট, ২০০৯

How to detect a Trojan with DOS

Step 1
Open a DOS command prompt
Open a DOS command prompt

Open a command prompt ( dos window ), by selecting

START >> RUN

Step 2
call the command prompt box
call the command prompt box

type in the letters CMD and press OK

Step 3
netstat is the dos command to show you connections
netstat is the dos command to show you connections

type in netstat -a and press enter to show you all connections to your PC

Step 4
your pc connections are here
your pc connections are here

you should see a list of all connection your PC is making, locally as well as remotely.

Step 5
typical output from netstat -a
typical output from netstat -a

This image shows some typical connections that your PC may display when running netstat -a

Step 6
netstat -ab
netstat -ab

type in netstat -ab and press enter, this will show you what programs are making the connections

Step 7
typical netstat -ab output results
typical netstat -ab output results

you may have to wait several minutes for all the connections to display and you might be amazed at what you see.

Step 8
verify that you are running Internet Explorer if you see these results
verify that you are running Internet Explorer if you see these results

some connections you see will be obvious, iexplorer.exe is Internet explorer , and you can see that it's making connections.

if you see iexplorer.exe and you don't have Internet Explorer open, then you probably have a Trojan.

Step 9

if you see a program making any UDP OR TCP request to remote destination, you can search google or yahoo to determine what the program is, and how to remove.

at ১১:৩৫ AM

কোন মন্তব্য নেই:

একটি মন্তব্য পোস্ট করুন

এতে সদস্যতা: মন্তব্যগুলি পোস্ট করুন (Atom)