Is there any way to fully detect and protect against a botnet infection?
My situation is this: recently, I had to redownload a program to burn it to a disc after I discovered my original had been snapped in half. I download it, burned it, and installed it with my CD Key, and everything went smoothly.
I was informed that there was a chance that what I had downloaded and installed might have contained a botnet, despite no one else containing of problems or issues of the sort, I became paranoid.
The scans that I've run (Microsoft Security Essentials, Ad-aware, and Spybot), found no issues remotely close to the description of a botnet.
I found this program RUBotted, which looks effective, and once I installed that, it detected nothing botnet-related.
My question,again, is this; what is a concrete description of a botnet, and is there any way to fully detect and protect against a botnet infection?
Thanks.
If you ran all of that stuff, you should probably be ok. They should catch anything like that.
The program, RUBotted, if you want to check it out, is here - [url]http://free.antivirus.com/rubotted/[/url]
I hope so, I'm trying to be really careful after I formatted my computer to clean out my hard drive.
If in doubt, check if your computer is connected to any IRC servers while having no IRC programs running
Well, I have no IRC programs, like mIRC, installed, so I should be in the clear for that, right?
No. Botnet viruses have a stealthy and lightweight IRC client build into them, and will join the IRC server/channel that was hardcoded into the virus upon execution, and stands by for commands.
So, to be sure, how would I check for stealthy IRC clients?
Sorry to bump my own thread, but this new situation is related to the old one.
I was just sitting here, doing some classwork, not on the internet, when that "RUBotted" ([url]http://free.antivirus.com/rubotted/[/url]) program lit up and said it detected a bot. So it recommended me to install their anti-virus detector "HouseCall." ([url]http://housecall.trendmicro.com/[/url])
So I scanned for a bit, and it found two threats; rootkits. These, both in that folder:
[img]http://filesmelt.com/dl/uhoh.jpg[/img]
Now I'm really concerned. Microsoft Security Essentials, Ad-Aware, and Spybot didn't detect anything. Would I be better off reformatting? This all started after I redownloaded that program and upgraded to Windows 7.
Quite an interesting filename. Couldve used TCPView from Sysinternals and look for any connections that looked suspicious. Or use Malware anti-bytes, or hijack this.
So should I be concerned?
I'm running Ad-aware now; it just updated; Spybot didn't find anything, HouseCall is going again, and I'm going to run Microsoft Security Essentials again afterward.
netstat -a
know your shit
[QUOTE=Links;20280647]Sorry to bump my own thread, but this new situation is related to the old one.
I was just sitting here, doing some classwork, not on the internet, when that "RUBotted" ([url]http://free.antivirus.com/rubotted/[/url]) program lit up and said it detected a bot. So it recommended me to install their anti-virus detector "HouseCall." ([url]http://housecall.trendmicro.com/[/url])
So I scanned for a bit, and it found two threats; rootkits. These, both in that folder:
[img]http://filesmelt.com/dl/uhoh.jpg[/img]
Now I'm really concerned. Microsoft Security Essentials, Ad-Aware, and Spybot didn't detect anything. Would I be better off reformatting? This all started after I redownloaded that program and upgraded to Windows 7.[/QUOTE]Isn't that the SecuROM rootkit?
It's SecuROM. If you've installed SPORE you have it, as well as a few other games use it I believe.
[QUOTE=Ryx;20283342]It's SecuROM. If you've installed SPORE you have it, as well as a few other games use it I believe.[/QUOTE]
But why would a warning pop up now? And I don't have any games installed that use SecuROM, I think. Only BF2, Men of War, and Empire: Total War.
I think it'd be safe if I just reformatted, just to be sure. But I was looking up the nature of rootkits, and how they can jump to external flash drives and hard drives. I had to use my flash drive to back up some schoolwork.
Do you think my flash drive is now compromised because of this? Or am I just being really paranoid?
Paranoid, I was when i was like, 12 when i got keylogged :P.
[QUOTE=Links;20286249]But why would a warning pop up now? And I don't have any games installed that use SecuROM, I think. Only BF2, Men of War, and Empire: Total War.
I think it'd be safe if I just reformatted, just to be sure. But I was looking up the nature of rootkits, and how they can jump to external flash drives and hard drives. I had to use my flash drive to back up some schoolwork.
Do you think my flash drive is now compromised because of this? Or am I just being really paranoid?[/QUOTE]
You could burn school work to a CD or DVD and then format the stick if you are that worried.
Sorry, you need to Log In to post a reply to this thread.