sez
10-03-2009, 03:51 PM
What Is a Bot (or Zombie)?
A 'bot' is a type of malware which allows an attacker to gain complete control over the affected computer. Computers that are infected with a 'bot' are generally referred to as 'zombies'. There are literally tens of thousands of computers on the Internet which are infected with some type of 'bot' and don't even realize it. Attackers are able to access lists of 'zombie' PC's and activate them to help execute DoS (denial-of-service) attacks against Web sites, host phishing attack Web sites or send out thousands of spamemail messages. Should anyone trace the attack back to its source, they will find an unwitting victim rather than the true attacker.
How to check if you are infected by a botnet and how to remove it:
Go to start and then configuration
http://img136.imageshack.us/img136/1553/step1f.jpg
Double click Windows Firewall
http://img185.imageshack.us/img185/922/step2k.jpg
Open exceptions and follow the steps in the picture
http://img19.imageshack.us/img19/8761/step3at.jpg
Download CCleaner from the official website:
http://www.ccleaner.com/
Open up CCleaner and go to tools > startup and disable & remove all unknown startup programs
http://img230.imageshack.us/img230/5050/step4i.jpg
If you can't delete the bot follow this sub-chapter:
First download Unlocker 1.8.7 from the official website:
http://ccollomb.free.fr/unlocker/
Here are some pictures for how it works
http://img176.imageshack.us/img176/7931/unlocker1871.jpg
http://img401.imageshack.us/img401/8243/unlocker1872.jpg
http://img193.imageshack.us/img193/8933/unlocker1873.jpg
How to defend yourself from botnets:
First download Sandboxie from the official website:
http://www.sandboxie.com/
[B]What is a sandboxie?[B]
http://en.wikipedia.org/wiki/Sandboxie
Always before you run/open an application that you don't trust, right click and click "Run Sandboxed"
If your downloaded application crashes,the application has a Sandboxie bypasser hence its not safe for use.
A sandboxie bypasser is some sort of code that automatically shuts down the application when run through sandboxie. It is mostly used by trojans, worms, rats etc.
http://img300.imageshack.us/img300/1450/step5.jpg
This step is optional but when you want to know whether the downloaded application has some sort of virus you may as well scan it on:
http://scanner.novirusthanks.org/
PS: Sandboxie has been used extensively to also run trial version software indefinitely.See the how to:
http://www.scribd.com/doc/14926655/Using-Sandboxie-to-Bypass-Trial-Version-Limitations-in-Software
Originally shared on:
http://liquid-security.net/forums/viewtopic.php?f=5&p=9383
A 'bot' is a type of malware which allows an attacker to gain complete control over the affected computer. Computers that are infected with a 'bot' are generally referred to as 'zombies'. There are literally tens of thousands of computers on the Internet which are infected with some type of 'bot' and don't even realize it. Attackers are able to access lists of 'zombie' PC's and activate them to help execute DoS (denial-of-service) attacks against Web sites, host phishing attack Web sites or send out thousands of spamemail messages. Should anyone trace the attack back to its source, they will find an unwitting victim rather than the true attacker.
How to check if you are infected by a botnet and how to remove it:
Go to start and then configuration
http://img136.imageshack.us/img136/1553/step1f.jpg
Double click Windows Firewall
http://img185.imageshack.us/img185/922/step2k.jpg
Open exceptions and follow the steps in the picture
http://img19.imageshack.us/img19/8761/step3at.jpg
Download CCleaner from the official website:
http://www.ccleaner.com/
Open up CCleaner and go to tools > startup and disable & remove all unknown startup programs
http://img230.imageshack.us/img230/5050/step4i.jpg
If you can't delete the bot follow this sub-chapter:
First download Unlocker 1.8.7 from the official website:
http://ccollomb.free.fr/unlocker/
Here are some pictures for how it works
http://img176.imageshack.us/img176/7931/unlocker1871.jpg
http://img401.imageshack.us/img401/8243/unlocker1872.jpg
http://img193.imageshack.us/img193/8933/unlocker1873.jpg
How to defend yourself from botnets:
First download Sandboxie from the official website:
http://www.sandboxie.com/
[B]What is a sandboxie?[B]
http://en.wikipedia.org/wiki/Sandboxie
Always before you run/open an application that you don't trust, right click and click "Run Sandboxed"
If your downloaded application crashes,the application has a Sandboxie bypasser hence its not safe for use.
A sandboxie bypasser is some sort of code that automatically shuts down the application when run through sandboxie. It is mostly used by trojans, worms, rats etc.
http://img300.imageshack.us/img300/1450/step5.jpg
This step is optional but when you want to know whether the downloaded application has some sort of virus you may as well scan it on:
http://scanner.novirusthanks.org/
PS: Sandboxie has been used extensively to also run trial version software indefinitely.See the how to:
http://www.scribd.com/doc/14926655/Using-Sandboxie-to-Bypass-Trial-Version-Limitations-in-Software
Originally shared on:
http://liquid-security.net/forums/viewtopic.php?f=5&p=9383