The Trojan horse was taken today to give a harmful virus which enters a computer disguised as a harmless and even useful software. The user downloads a program and does not even suspect that the code is written in its hostile function. When you run the program the Trojan is embedded in the computer system and starts creating all those outrages for which he was created by cyber criminals. The effects of infection by Trojans can be very different from unnerving, but it is harmless freezes, before the transfer of your data to fraudsters and causing you serious financial damage. Unlike a Trojan from a virus is that a Trojan is not capable of copying itself and then each of them was introduced into the system by the user. Antivirus programs are able to keep track of Trojan horses, but a special program handle it much better.
Moreover, almost all anti-virus vendors offer on their websites a free utility for catching Trojans. Eset NOD, Dr. Web, Kaspersky – any of these manufacturers can offer the freshest version of the program able to catch your uninvited guests. It is very important to use fresh utilities, the army of Trojans is updated daily with new, more cunning, and the day before yesterday ago the program may simply not recognize. Sometimes it makes sense to download a few programs, and run the system through them. In addition to tools produced by the antivirus companies, the network can find and antitroyanov from lesser-known manufacturers, but not less efficient in the search. For example AntiSpyWare, Ad-Aware, SpyBot and many others. If independent attempts of treatment of a computer does not bring the desired result, it is best to take the computer to a specialist who will be able to apply more serious measures.
But as you know, the best treatment is prevention. As mentioned above, Trojans are not materialists out of nowhere, users are downloading them to my computer. This can happen when downloading unknown files, clicks on suspicious links, opening file with unknown contents in the mail. Especially dangerous in terms of potential intrusion hacked program - this program at 99% will be infected with a Trojan virus, free lunch, alas, does not exist. So vigilance and caution, these two qualities will be more reliable than any antivirus. And a good antivirus, with a new database, regular inspection of special computer programs will close the last gap through which you could sneak a Trojan horse.
Advice 2: How to remove virus backdoor
Trojans can cause computer user both moral and financial damage. Antivirus and firewalls stop the main flow of malicious software, but new versions of Trojans appearing every day. Sometimes a PC user finds himself in a situation when the antivirus does not see the malicious code, then to deal with the malware have their own.
One of the most unpleasant varieties of Trojans are backdoors (backdoor), allowing a hacker to remotely control the compromised computer. Justifying its name, backdoor to the attacker opens a loophole through which you can execute on the remote computer any action.
The backdoor consists of two parts: a client installed on the computer of a hacker, and servers located on your computer. The server part is always waiting for connection "hanging" on some port. It is on this basis – occupy port – and it can be tracked, then delete the Trojan will be much easier.
Open a command prompt: "start – All programs – accessories – Command prompt". Type netstat –aon and press Enter. You will see a list of connections of your computer. Current connections are indicated in the column "Status" as ESTABLISHED, waiting for connection marked line LISTENING. Backdoor, waiting for a connection, is in the hearing.
In the first column you will see the local address and ports used by those network connections software. If you see it in the programs list, pending connection, it does not mean that your computer is certainly infected. For example, ports 135 and 445 are used by Windows services.
In the very last column (PID) you will see the ID numbers of the processes. They will help you find out which program is using the port you are interested in. Type in the same window the command line command tasklist. You will see a list of processes with their names and ID numbers. Looking up the identifier in the list of network connections you can on the second list to determine what program it belongs to.
It so happens that the name of the process tells you nothing. Then use Everest (Aida64): install it, run and view a list of processes. Program is Everest makes it easy to find the path that is executable. If the program running the process that is unfamiliar to you, delete the executable file and close it the process. During the next computer startup can pop-up warning that this file cannot be run, this will set its startup key in the registry. Using this information, a delete key using the registry editor ("start – Run" regedit).
If the monitoring process bandaru really belongs, in the column "Foreign address" you can see the ip connecting to your computer. But it is likely to be the address of the proxy server, and therefore to calculate a hacker you are unlikely.