Know Your Malware: BanBot Removal

BanBot is a backdoor that provides the attacker with unauthorized remote access to a compromised computer. The intruder can download, upload and execute arbitrary files, run applications, manage the file system, control the mouse and keyboard and steal user sensitive information. BanBot includes the functionality to record user keystrokes. It is able to bypass some firewalls. The backdoor secretly runs on every Windows startup.

Related files: ali.exe

BanBot properties:
Allows remote user connection
Logs keystrokes
Connects itself to the internet
Hides from the user
Stays resident in background Remove BanBot, removal instructions

Linked by shanmuga Tuesday, 13th December 2005 7:46AM