[Admin]

When people talk about botnets, they are talking about a group of computers infected with the malicious kind of robot software, the bots, which present a security threat to the computer owner. Once the robot software (also known as malicious software or malware) has been successfully installed in a computer, this computer becomes a zombie or a drone, unable to resist the commands of the Bot Commander.

Usually, the owners of the zombie computers do not know that their computers and their computers' resources are being remotely controlled and exploited by an individual or a group of malware runners through Internet Relay. There are various types of malicious bots that have already infected and are continuing to infect the internet.

Spamming and Traffic Monitoring

A botnet can also be used to take advantage of an infected computer's TCP/IP's SOCKS proxy protocol for networking applications. After compromising a computer, the botnet commander can use the infected unit (a zombie) in conjunction with other zombies in his botnet (robot network) to harvest email addresses or to send massive amounts of spam or phishing mails. Your computer can actually send out spam without you knowning it. Have you ever received an email from someone you know and right after (or at the same time) a spam message comes through. The person sending you that email could be a Zombie.

Moreover, a bot can also function as a packet sniffer to find and intercept sensitive data passing through an infected machine. Typical data that these bots look out for are usernames and passwords which the botnet commander can use for his personal gain. Data about a competitor botnet installed in the same unit is also mined so the botnet commander can hijack this other botnet.

Keylogging and Mass Identity Theft

An encryption software within the victims' units can deter most bots from harvesting any real information. Unfortunately, some bots have adapted to this by installing a keylogger program in the infected machines. With a keylogger program, the bot owner can use a filtering program to gather only the key sequence typed before or after interesting keywords like PayPal or Yahoo mail. This is one of the reasons behind the massive PayPal accounts theft for the past several years.

Bots can also be used as agents for mass identity theft. It does this through phishing or pretending to be a legitimate company in order to convince the user to submit personal information and passwords. A link in these phishing mails can also lead to fake PayPal, eBay or other websites to trick the user into typing in the username and password.


What Can I do?

Microsoft offers a free online safety scan. Microsoft Safety Scan

Small Symantec Video



Determine whether your PC is part of a Botnet. Stay on the lookout for an Internet connection that seems inexplicably slow when you are online as it may be that a botnet infection is using your connection to send or receive data. If this happens, stop surfing, close your email software (e.g. Outlook) and try and open Task Manager by pressing the CTRL, ALT and Delete keys at the same time then selecting Task Manager. "When Task manager opens click on the Network tab and see if your PC is using the internet network connection, if it shows more than a few percent usage then this could be further evidence of something using your internet connection without your knowledge."

Hope this helps.
Admin

[JeepinIan]

Thanks Admin!

[TallJeep]

Excelent info!!!!

[TranyDoctor]

just did the one at home now for my work computer
thanks admin

[Rollbar]

Did the Vista and came up w/376registry errors (maybe Super AdBlocker or Super Anti-Spyware had something to do w/it). It didn't fix anything, well maybe 7 items but....then if memory serves you have to buy a subscription.

I run the two programs everyday along w/Malwarebyte's Anti-Malware.

[Admin]

 Rollbar, on Jul 2 2009, 10:19 AM, said:

Did the Vista and came up w/376registry errors (maybe Super AdBlocker or Super Anti-Spyware had something to do w/it).

You could disable while you are running it. If you get errors after this than they are valid. Fixing them would be up to you.

Quote

It didn't fix anything, well maybe 7 items but....then if memory serves you have to buy a subscription.

Are you saying that the Microsoft free tool on the first post is charging for this?

Admin

[Rollbar]

 Admin, on Jul 3 2009, 06:47 AM, said:

You could disable while you are running it. If you get errors after this than they are valid. Fixing them would be up to you.

I guess I could disable all of it and try it but it took a veeerrrrrrrrry long time to run.

Quote

Are you saying that the Microsoft free tool on the first post is charging for this?

Admin

Yes, @ the end I thought I could click and fix but it said something like 47 bucks a year (the tool is FREE to run but costs to fix/subscription). I could run again to double check just to make sure the mushrooms were not kicking in . I could try it again w/everything off but then would I be venerable to spammers and should I leave Norton on while doing the test.

[Rollbar]

Ok, 11:40am
I'm gonna shut down everything and run the test again. Will post what they say and check thetime frame of the test to this post stamp.

[Rollbar]

OK, 2:40pm and I found 11 registry items, 4 fixed, 7 errors, 0 skipped by user. So, I guess it did take care of the problem. I ran Norton and Malwarebytes during the scan. No virus. It will ask if you would like to continue, click next. It will then ask if you would like continued support for a year and you can choose yes or no. If choosing no, then you can visit and do the scan at anytime. If you choose yes then you can subscribe to the service. I'm sure the subscription will be a little more in-depth or should I say more features, hum, not sure.

Note: this was a FULL scan. You have the option of a QUICK or FULL scan of your system.