• United States

Removing botnet apps from a PC

Nov 21, 20052 mins

I fear that my PC has been infected with botnet software. None of my spyware detection or anti-virus software detects anything, but my computer has slowed to a crawl and often runs at close to 100% CPU utilization when I have only one browser window open. What can I do to find the culprit and clean the machine?

If you cannot wipe the machine clean and start fresh, you may be able to ferret out the offending software by using a personal firewall program, such as Kerio Personal Firewall or Zone Alarm, which will block outbound connections and incoming traffic.

Turn off the Microsoft System Restore feature in the My Computer properties, as many malware programs hide installation kits there so that they get reinstalled if you find and remove them.

Configure the firewall to block all traffic by default, and to prompt for permission on every connection attempt. Reboot the system and watch the firewall prompts.

Deny everything that you don’t understand, and look for repeated connection attempts from programs that you didn’t launch.

With luck, you can find the primary culprit. With that clue you can search the Web to identify the suspect program.

If you are careful and don’t remove real operating system files, you can delete the suspect(s) and repeat the procedure until your computer behaves.