What is a Botnet?

@Annie: There is no paid version of Firefox. I suspect that you have been ripped off. That is actually rather common.

@Herrick: You should look into SPF to protect your email address from being spoofed.

More good botnet info here:
http://what-is-what.com/what_is/botnet.html

Re: Post by Robert Herrick 03 Aug 2008

This has happened to me a couple of times in recent months via my work e-mail account. I get a slew of "undeliverables" supposedly sent from my account, but only over a period of a couple of days, then things settle down. This account is actually a Gmail account, so I knew my machine was not hijacked, but I was still horrified the first time it happened and call my IT Dept immediately. They said this is a form of something called "joe jobbing" and there's not much you can do about it. Basically a spammer uses your return address for a day or so, then moves on to another return address. If you Google search "joe jobbing" you'll get the history of the term -- it's actually quite an interesting story!

I've been using the spamarrest spam filtering service (spamarrest.com) for close to a year now, and have nothing but praise for this service. Designed specifically to keep bot generated spam from your system, its well worth the modest subscription fee. For the record, I'm not affiliated with spamarrest in any way other than as a satisfied customer.

I get the impression from this that there's little you can do once your computer has been hijacked and placed in service as a botnet--is that correct? I do have an anti-virus program and several anti-spyware programs, but lately my computer is running slower than before, and i've wondered if I have the botnet problem. Won't anti-virus software find the problem and remove it?

Also, you say above that " your computer may be affected without you ever suspecting it." Is that even if you run an antivirus program? What makes these programs so hard to detect?

EDITOR'S NOTE: Sorry if I wasn't clear on that point... If you have a good anti-virus and anti-spyware program, it should take care of (or prevent) the problem.

to Annie: I use a shareware spam filter called SpamSieve on my iMac. The Mail program's spam filter is, well, really bad. I was so pleased with SpamSieve I actually PAID for it. :)

Regarding Gmail, maybe I'm just paranoid, but it IS offered by a company whose business it to collect information. I'm not sayin', I'm just sayin'.

EDITOR'S NOTE: So you trust Microsoft? If you run Windows, MS has COMPLETE control over your computer. Same with Mac OS and Apple.

I've been spoiled by you, to the point I found myself looking for stuff in your article that wasn't there. To be exact, I was looking for information to at least help me determine whether a botnet was present -- if not also how to rid myself of one.

Someone I know has someone he knows whose Outlook running under Vista is behaving suspiciously: "When it first opened it was fine but after a few minutes outlook had a couple of send and receive processes going then 3 then 4 and none ever finished, also noticed that it kept trying to send 4 msgs when the outbox was empty." I was hoping to pass on more information (and look like a hero). Oh well...

EDITOR'S NOTE: I tried to clarify that in a comment, but in a nutshell, if you have been affected, you've got some sort of malware infection. Install good anti-virus and anti-spyware software, and it should detect, take care of, or prevent the problem.

My XP laptop has become very lethargic, most of the time. Have done the "Making XP Run Faster" stuff. Am running AVG antivirus, Counter Spy, SPF, RegCure, doing defrags, Disk Cleanup.

When I watch Windows Task Manager, it seems the CPU is very busy, but I get very few cycles. On initial boot, CPU stays low, but then picks up to near 100%. I've heard of "worms" that embed in System Restore, so that they restart each time the system boots. Ideas, other than buying another machine? I must do something!

EDITOR'S NOTE: When you look at Task Mgr, what process is consuming the CPU?

Re: Post 30 Aug. Monitor_DL.exe, firefox.exe even though there is no apparent activity,explorer.exe, taskmgr.exe about 10%. About 52 processes running. Where can I learn what each of the processes is doing? Most are at 0.

EDITOR'S NOTE: The best way is to type the name of the process into Google, and see if it's a known malware threat.

Alot of the newest botnet malware these days is very hard to detect... they used very advanced techniques to rootkit themselves into your computer and hide from taskmanager, even running underneath microsoft's kernel core process. So only the best AV companies can sometimes get newer ones, and thats only analysing them (which can take days or weeks). Your AV usually won't protect you if the virus is an advanced one and has only just been 'released'.
Alot of the time the ONLY way to know if you've been infected is if your antivirus is able to detect it, otherwise you won't notice a thing, not even a drop in system performance; until the attacker decides your computer should do something for him.

I think the best defense is to have a fully updated system (make sure your Operating System and browser are fully updated) and to make sure you only ever download and install things you fully trust and can authenticate. Even your friends might have been unknowningly infected and can send you malware unwittingly! This is one of the most common ways of viruses spreading, because we trust links our friends give us.

The days where you can do whatever you want and rely on your AntiVirus to clean-up after you are gone, you have to be reasonably careful whenever on the internet. But alot of people are paranoid these days too. -_-

I recently got my internet bill and it said i went 23GB over my monthly limit, which is impossible as i all ready have 20GB allowance!

I have avast free home virus protection, and occasionally run the MS malicious software tool removal but find no problems.

What could cause this massive use of my bandwidth and how can i stop it? i recently joined a Yahoo group and have been bombarded with Emails advertizing free sex vids etc etc.