Zombie BOT is a computer that is infected by a malicious software which allows remote control. Hackers usually fool computer users by binding the remote control software to another legitimate program such as a game. When you run the program, it’ll only show the game at your screen but in background, it has already secretly installed a remote control software which allows the hacker to gain access to your computer when you go online.
Bot owners(hackers) usually doesn’t delete your files or make your Windows unbootable because they have other better use. Most often they (the hackers) require a lot of bots, which is called Botnets, to send out spam or launch distributed denial of service (DDoS) to bring down a website. A very good explanation taken from Wikipedia.
1. A botnet operator sends out viruses or worms, infecting ordinary users’ computers, whose payload is a trojan application — the bot.
2. The bot on the infected PC logs into a particular IRC server (or in some cases a web server). That server is known as the command-and-control server (C&C).
3. A spammer purchases access to the botnet from the operator.
4. The spammer sends instructions via the IRC server to the infected PCs, …
5. …causing them to send out spam messages to mail servers.
You can’t depend on antivirus alone to help you detect a bot infected computer because most of the bot software are custom programmed to avoid being detected by antivirus and firewalls. What I can suggest is for you to use a tool to monitor your computer for remote command and control (C&C) commands sent from a bot-herder.
Trend Micro RUBotted is a free program that runs on your computer, watching for bot related activities. Once installed on your computer, RUBotted checks for network traffic associated with BotNets.
RUBotted intelligently monitors your computer’s system behavior for activities that are potentially harmful to both your computer and other people’s computers. Additionally, RUBotted watches for an array of potentially malicious bot-related activities, including mass mailing – a common activity performed by a bot-infected computer.
RUBotted can co-exists with your existing AV software, providing advanced bot specific behavior monitoring. RUBotted does not rely on frequent, network intensive updates to ensure your computer’s continued protection. It supports from Windows 2000 to Vista.
RUBotted is still BETA. The program has very easy and basic interface. Even the settings doesn’t have much settings for you to configure.
RUBotted takes up 10MB of your memory. You can stop RUBotted from running but when you reboot your computer, it will autostart again. I hope in future RUBotted will have the option of disabling autorun whenever Windows is booted up. If you want to disable RUBotted from autostart, go to Start > Run > type MSCONFIG and hit OK. Go to Startup tab and uncheck the startup item “TMRUBottedTray“.
Related posts:
would have downloaded it but kept getting ‘page not found’ message
the only thing is the hacker deleted my user accounts and i only have guest so i cant install :(
Una reflexión… a parte de los espamers a quien más le interesa que existan virus y malware? A los diseñadores de sistemas antivirus y seguridad informatica. Vamos a los que dan de comer a nuestros temores.
És solo una opinión… pero por eso, uso software libre … por ejemplo Ubuntu gnu/linux.
Lo de be Free software és también free de malware y virus!!
Segun la tecnologia q utilices … más vulnerable pudes ser! keep it in mind!
Hola
Estoy currando en un proyecto sobre bots. Necesito tener una amplia lista de precios de bots para ataques de DDoS, para que el estudio sea fiable y no tenga mucho error y estoy un poco desesperada porque no encuentro mucha información. Estoy escribiendo a todo el mundo que puedo para ver si saco más precios. Te escribo porque creo que sabes bastante de este mundillo y si me pudieras ayudar te lo agradecería muxisimo.
Tienes mi email asi que si puedes proporcionarme algun dato, sitio donde pueda encontrar informacion o lo que sea, podrías escribirme ok?
Muxisimas gracias!
thanks,…very usefull article
I downloaded RUBotted fron Trend Micro’s website. The d/l went well, but the installation terminated with the error message “Cannot install RUBotted, installation process will be terminated ( -2146500093 ).” A few days ago, I d’l Win XP SP3 from Windows Update. There have been no problems since then, except with this RUBotted. Is this problem to do with SP3? I have told Trend Micro about this.
I’m downloading it now ,too
Thanks Raymond – very helpful indeed for peace of mind.
you are sharing nice articles. Thank you very much.
sounds interesting..thanks raymond..love the site..keep up the good work..and thnx for this software..
thanks
thanks Sir Raymund …Great help for me especially for my Pc security project …Great Article !
Just wanted you to know that I enjoy your blog and the wealth of great information it provides. You are doing a great job
thank U very much, I’m downloading it now.
thanx ray very useful software like always..actually iv been using AntiProrat for a while NOTE ‘PRORAT’ very popular program by most for creating RATS..still by me using AntiProrat i keep getting infected because they bind the trojan into maybe a picture like my first attack..lol
anyway thanx a lot…:)