Atrax-Tor Botnet Removal Guide

Atrax-Tor Botnet is a family of backdoor infections based on TOR. TOR is free software that allows users to remain anonymous online. Lately cyber criminals have been making use of TOR-based botnets in order to hide their location and the address of their command-and-control servers. Such infections as Atrax-Tor Botnet need a command-and-control server, so that it could connect to it via the Internet and then receive configuration data or even upload information stolen from the infection PC. When you remove Atrax-Tor Botnet from your computer, make sure you remove all the other infections as well, because this backdoor arrives with a whole lot of other Trojan infections.

According to computer security experts, Atrax-Tor Botnet is installed by a malicious download program called Win32/Trojan.Downloader.Tiny.NIR. Even if you notice a new program being installed on your computer, you may dismiss Atrax-Tor Botnet installer as PayPal Customer Service, because the domain name for this infection is kundenservice-paypal.com. Once the malicious file is dropped into your system, it creates randomly named plugins in the %APPDATA% directory. This is exactly where malware stores the TOR client as well. The client is embedded into the malware downloader’s executable file, in order for it to get installed onto your computer along with Atrax-Tor Botnet.

Once the TOR botnet is up and running, it functions as a medium between the infection and the command-and-control center. The bot carries out the communication with the command-and-control center through a special HTTP request function call. Due to the fact that Atrax-Tor Botnet connects to a remote server via TOR, it is basically impossible to establish the exact IP address or the domain for the command-and-control center.

When Atrax-Tor Botnet establishes the connection with a remote server it is free to perform its payload, which includes the usual backdoor Trojan infection symptoms. Based on what the cyber criminal behind this infection would want it to do, it can download and execute arbitrary files, change browser settings, update itself, terminate various process and even steal your personal passwords. It all depends on what kind of plugins Atrax-Tor Botnet downloads and drops into the %APPDATA% directory.

In order to protect yourself from the likes of Atrax-Tor Botnet, you need to perform regular system scans with such programs as SpyHunter free scanner. The program would detect a dangerous infection immediately and you would be able to invest in a legitimate antimalware tool and remove Atrax-Tor Botnet immediately. Due to its complicated nature, you are not advised to remove Atrax-Tor Botnet manually, unless you are an experienced computer user. Keep in mind that an automatic computer security application can also protect you from similar threats in the future.