A botnet is a virus that infects your computer, deletes files and changes your settings. It is a network of compromised systems that run on the command and control of bot masters. If your system is part of botnet, then they can harm your business data. They quietly infect your computer and its network without any warning and use your computers for criminal purposes. In our earlier article we discussed about the basic information on botnet, how to detect it and its preventive measures. In this article, we will discuss how to remove the bots from your computer.

However, there are many botnet removal tools available. In this article we will discuss about RUBotted and Bot Haunter, which are software program tools that will detect bots and remove them.

RUBotted: It is a security monitoring tool from Trend Micro that recognizes bots from your computer. Read on to get some addition information on this software program.

  • When you can use it?
    If your anti-virus hasn’t reported anything, but you still suspect your computer is part of botnet then you can take RUBotted as a second option.
  • What will it do?
    It identifies and informs you of suspicious activities associated with bots.
  • How to use it?
    Install it and run it in the background without interfering with other anti-virus tools – this is the advantage of the program.

    • GUI: There is no complex interface, no settings to consider, no scans to schedule. It requires only a small amount of system memory.
  • How it works? This program automatically performs a scan job on your computer and displays notifications whenever a malicious agent is discovered. Upon detecting the infection – RUBotted tray icon will display a pop to alert you. Then it will clean the bot client with ‘HouseCall” (Note: You have to install HouseCall, an anti-virus separately to remove the bot from your computer) and inform you the result.
  • What are the system requirements?
    You need Internet connection, along with operation system – Windows XP Professional , Window Vista, Windows 7, with latest service pack installed.

BotHunter: This is a passive network monitoring tool from SRI international that detects the communication patterns of your computer.

  • What will it do?
    It tracks the suspicious activities that most commonly occur when a computer is infected by malwares such as virus, worms, Adware, Spyware, botnet code, etc. But it is not a substitute to traditional security (firewall and anti-virus).
  • How it works?
    BotHunter correlates the two way communication flow between bot and external control system used by bot master or criminals.
  • What are the system requirements?
    This tool is free and works on Windows, Mac, Linux and Unix.

Upon detecting a botnet, you should perform some effective measures to address the problem, like:

  • Disconnect the computer: Disconnect your computer from the Internet and the network immediately. By doing so, it prevents the hacker from obtaining the files and other information. It also prevents from infecting other computers in the network.
  • Remove and put the hard drive into another system as a secondary non-bootable drive: Shut down the compromised PC to prevent further damage to other files. Then pull out the hard drive from it and connect to another PC as a secondary non-bootable drive.

As an option, you can use USB drive caddy to connect your hard drive to another computer. Make sure the other computer has up-to-date anti-virus and anti-spyware, or download a free rootkit detection scanner.

  • Scan the hard drive: Use the host PC security software to remove infections from the files of the hard drive.
  • Backup of important files: Copy all the important files into DVD, CD or another clean hard drive.
  • Wipe out your hard drive: After backup of important files, remove the hard drive and put it back into your system. Scan the PC with security software, even if it reveals that there is no threats – it is advised to wipe out the drive by using disk wipe utilities.
  • Reinstall OS: Reload the operating system with the disks that have came with your PC. Because tainted operating system disks may reinfect your PC. After that, download and install all updates and patches for your OS.
  • Install anti-virus or anti-spyware: Install security software, anti-virus or anti-spyware before you install other software. After that scan the data of backup disks before copying into your PC.

Now your system is bot free. Make sure to regularly update all the software – operating system, anti-virus, anti-spyware, web browsers, to keep your computer safe from the threat of botnet.