Recovering from a Botnet Attack
The most effective botnet applications disable antivirus and spyware detection software. If your computer slows down even when you're not using several applications at once, you might have a zombie problem. If you encounter error pages or denials when you try to visit sites that offer antivirus or spyware programs, that's a dead giveaway that something is wrong.
The best way to get rid of a botnet application is also the most painful: a complete system wipe and backup restoration. You do back up your hard drive, don't you? You should perform regular backups just in case you have any sort of catastrophic failure.
If you have personal firewall software, you might be able to detect the specific application on your computer that's giving someone remote access to your machine. Firewalls act as filters between your computer and the Internet. Most firewalls have multiple security settings. First, set your firewall to the maximum security level -- this should require notifications for any application seeking access to the Internet. Then, reboot your computer.
Keep a close watch on network requests. Jot down the names of any applications that are unfamiliar to you, particularly if you haven't done anything to activate that application. Don't allow any application you don't recognize or trust to access the Internet. If you get repeated requests from the same application, that's a good indication that it's responsible for turning your computer into a zombie.
You may need to do some research on the Web regarding the application to see if other people have identified it as malware. You'll need to find a list of all the files associated with that application and where you can expect to find them on your computer. Only by removing all of the offending files can you be sure your computer is free of the malware. In fact, you may have to go through the process several times to be certain you've cleared everything away -- one piece of malware often invites other applications and programs to join the party, too.
Of course, this method is a little risky -- you could accidentally remove a file that your computer relies on to function. It's often a better idea to just wipe the computer completely rather than assume you've caught all the offending software.
The best advice we can give is to avoid becoming a victim in the first place. Next, we'll look at ways you can protect yourself from joining a zombie computer army.