A botnet is a collection of internet connected zombie computers which are being controlled by cyber criminals through the malware like SpyEye, Zeus and Palevo. The cyber criminals can make these zombie computers do anything, for example, start a spam campaign, start a denial of service attack and more. Not to mention, that the financial and personal information of users using these infected computers is visible to the criminals at the click of a button. The most common way of a PC getting infected by bot malware is through drive-by-downloads. When you visit a specially crafted website, it automatically downloads bot malware on your PC and infects it. You can prevent your PC from connecting to such sites by blocking the known bot infected sites. The free Mirage AntiBot tool updates your HOSTS file to block such IP addresses and sites.
You can download Mirage AntiBot from the PhrozenSoft website. The download is a mere 2 megabytes setup file. At the end of the installation, the Mirage AntiBot runs automatically and places an icon in the system tray. In the Mirage AntiBot window that shows up, you can click on the Update button to automatically update the websites list which need to be blocked. In the same window, you can toggle on or off the logging of the blocked websites.
The update function would automatically download and update the IP addresss and site lists which need to be blocked to prevent the connections to various infected sites. If you are using an antivirus product with HIPS that monitors critical areas of your system and registry, then it might prevent Mirage AntiBot to make changes to the HOSTS file. So you may have to allow Mirage AntiBot so that it can update your HOSTS file.
In the Mirage AntiBot settings, you can choose the color of the progress bar (shown during the update), set it to automatically start with Windows, set proxy server settings (in case you want to connect to Mirage update server through proxy) and you can also protect Mirage AntiBot settings by setting a password.
At present, Mirage AntiBot blocks sites infected by three deadliest bots in the world – SpyEye, Zeus and Palevo. It downloads the blocklist from the abuse.ch website. This website hosts a large list of domain names and IP addresses which need to be blocked. Mirage AntiBot simply makes the task easy by downloading this blocklist and updating your HOSTS file accordingly.
Mirage AntiBot does not protect from you all attack sites, neither does it prevent or detect malware of any kind. It simply blocks the domains found on the publicly available blocklist on abuse.ch site. This means that any new or unknown malicious website, not listed on the blocklist, will not be blocked. You should use Mirage AntiBot only as an extra second layer of protection in addition to an updated antivirus software.
You can download Mirage AntiBot from http://phrozenblog.com/?p=638.