Security Tips & Talk

Tips about computer security, online safety, and privacy

Best ways to battle botnets

Best ways to battle botnets

  • Comments 10

What is a botnet?

Botnets are networks of compromised computers that criminals use to commit fraud, such as:

  • Secretly spreading malware
  • Stealing personal information
  • Hijacking Internet search results to take you to websites that are potentially dangerous

How do I know if my computer is part of a botnet?

Your computer might be part of a botnet if it crashes or stops responding often or you experience other malware symptoms. You might also be directed to this page:

 

How can I clean my computer if I’ve been infected?

Botnets infect your computer with malware. To clean your computer, run the Microsoft Safety Scanner, and then run a scan with your antivirus software.

Get more guidance on how to remove malware

How can I help keep my computer out of botnets?

Make sure your computer has antivirus software, such as Windows Defender or Microsoft Security Essentials, and keep it updated.

To learn more about botnets, see How to better protect your PC from botnets and malware.

Comments
  • For Windows 7, is Microsoft Security Essentials and Windows Update enough to stop viruses, worms, and malware?

  • How can I tell if the NSA is hacking my computer?

  • What if my computer says it cannot run window defender

  • On my computer I had sudden  black out  but anti-malware not register multi-attach by  maids.

  • Why is Microsoft silent about Conduit and its SearchProtect? They appear to be malware. I've had a lot of flaky behavior since they showed up on my computer (running Vista with all Security Essentials updates).

  • Wrong.  Usually most botnets will not cause crashes, glitches, or anything else like that.  I had PerrniciousMalware (nee PeskySpammer) deliver 500+ email messages one day that were not the usual spam.  Instead they all had one of four versions of hybird Zeus mini-downloaders.  They were safely commented on at VirusTotal and trundled off to the AV companies.  Not being content with that the next day they flooded  me with 500+ more email messages, each of which had zipped malware attached.  This time I got two distinct types with my random sampling.  I hope I didn't miss any.  Why?  When I first get these the detection rate can be as low as none of the AV companies at VirusTotal detecting them.

    There are all types of botnets but for the one I am dealing with, if you download and install WireShark you can monitor for outgoing mail.  They don't use your email accounts.  They drop the sending half of an SMTP email server on your machine and send spam and malware out directly.  Why do I receive so many?  Yahoo set it up so I get anything sent to even fictitious users at my domain. They need to drop it down so I get only me, abuse, postmaster, and webmaster.  I have a mini-honeynet!  At the end of the email send cycle PerniciousMalware will use gleaned financial information to empty your bank accounts insofar as possible and savage your machine so you cannot even use it.  But other than the outgoing email that may make your Internet connection slower you won't even know they are there until the finall day.  Oh, they won't give me malware any more since I know exactly what to do with it.

  • Online infection is bad, but what about phone calls that say my PC is sending messages to Microsoft and they are calling to help me fix the problem?  I received a call from 203 026-4051 and a fellow with an Indian accent said that all I needed to do was follow his instructions to solve my problem.  I didn't realize I had a problem. I hung up!

  • RE: kathy 11 Mar 2014 7:07 PM

    "What if my computer says it cannot run window defender"

    I had the same question and just learned the following, which answered my question and might also apply to yours:

    Windows 8 includes a more advanced version of Windows Defender that provides enhanced protection against viruses and spyware. If your computer is running Windows 8, you don’t need Microsoft Security Essentials. If you install a different antivirus program, Windows Defender will be disabled automatically.

  • I have felt very happy with security essentials since I started using it a couple of years back. However, prevention is the best measure: simply dont visit web-sites that are likely to be infected.

  • Your article is incorrect, Microsoft.  I had security essentials on my computer but my Hotmail account was hacked and emails were sent sent from it to all my contacts with a website address.  The next day I got an email from Microsoft saying my account had been hacked! how did they know?  I guess I was not the only one at that time.  So it was not my fault after all......be honest, Microsoft!  We ordinary mortals are not always at fault.

Page 1 of 1 (10 items)