Frequently Asked Questions & Glossary
Questions regarding the Anti-Botnet Advisory Centre
What does botfrei.de do?
What will the service cost me?
How will my ISP inform me if my computer is infected with a botnet?
My neighbour/friend/colleague also has a problem with their computer. Can I pass on the support hotline telephone number?
My computer is behaving strangely. Can I contact the support hotline directly?
Will my ISP or eco e.V. collect personal data about me?
Technical Questions
How did my computer get infected in the first place?
How do I know that my computer is infected with a bot?
How do I protect my computer against further attacks?
What is the EU-Cleaner?
Why is there no EU-Cleaner available for Linux oder Mac OS?
What differences are there between the EU -Cleaner and an installed Anti-Virus program?
What do I have consider to enable the EU-Cleaner to function properly?
How long will a scan take using the EU-Cleaner?
The EU-Cleaner has not found any malicious files on my PC. Is my computer clean?
The EU-Cleaner detected malicious files and deleted them. How do I proceed?
The EU-Cleaner deleted infected files and I can no longer start any programs. What should I do?
How can I reinstall my operating system?
Glossary
Anti-Virus Program
Bot
Botnets
Browser
Dialer
Distributed Denial of Service (DDoS)
Email Spam
Firewall
Grayware
Internet Service Provider (ISP)
Patch
Scareware
Servicepacks
Social Network
VoIP
WLAN
Questions about the Anti-Botnet Advisory Centre
What does botfrei.de do?
Botfrei.de is an initiative from eco – Association of the German Internet Industry with the support of their member organizations. The project's goal is to reduce the number of botnet infected computers in Europe and to help affected users clean their computers of malicious files. The Anti-Botnet Advisory Centre (botfrei.de) supports affected users in this process.
Botfrei.de consists of IT experts that help you to clean your computer of an infection and protect you from new attacks from the Internet. The support follows in two stages: The affected user will first be informed by their
Internet Service Provider about a possible malware infection e.g, via a landing page which appears when the user opens their browser. Further Internet usage, however, remains possible. The customer will then be invited to visit our website where information and tools are provided for self-help. In the second stage, the provider-neutral Advisory Center comes into play: Customers needing additional help will be advised by telephone and be taken through the necessary steps to remove the malicious software, and to improve security on their computer in the long term.
Return to the FAQs
What will the service cost me?
All instructions on this site, along with the EU-Cleaner, are available free of charge. The telephone support through the Anti-Botnet Advisory Centre is charged at the local call rate.
Return to the FAQs
How will my ISP inform me if my computer is infected with a botnet?
The notification of an affected user occurs over several channels, to ensure delivery of the message to the customer: for example by email and additionally by letter.
Return to the FAQs
My neighbour/friend/colleague also has a problem with their computer. Can I pass on the telephone number of the support hotline?
Unfortunately this is not possible. Support can only be provded in combination with a valid ticket number which you will receive from your ISP. This ticket number is not transferable.
Return to the FAQs
My computer is behaving strangely. Can I contact the Anti-Botnet Advisory Centre directly?
This is only possible in combination with a ticket number, which you will receive from your ISP.
Return to the FAQs
Will my ISP or eco e.V. collect personal data about me?
Neither your ISP nor eco e.V. will collect personal data about you or your computer. This initiative has the goal of taking Germany out of the top-ten list of countries from which botnet activity originates. In the case of an infection, your Internet Service Provider will recognize certain patterns of behavior from you computer. If this is the case, then your ISP will contact you. They will go through the required steps and if further assistance is necessary, then they will put you in touch with the specialists at the Anti-Botnet Advisory Centre by giving you a ticket number with which you can phone the ABBZ and receive support anonymously.
Return to the FAQs
Technical Questions
How did my computer get infected?
Botnets comb through the Internet for potential victims. You computer probably has security holes or vulnerabilities that enable attackers to install malicious files. As soon as you move through the Internet on your computer, you are exposed to all dangers. That is why it is very important that you make sure your operating system and the associated programs are always up-to-date.
Return to the FAQs
How do I know that my PC is infected with a Bot?
The criminals who spread bots want to remain undetected. This is also true for the bots themselves, which are active on millions of computers worldwide. The first sign of an infection is a poorer Internet speed, unrequested visits to websites or unwanted popups and adverts, or even that you can no longer access websites using common browsers (Internet Explorer, Firefox, Opera). However, infected computers do not necessarily exhibit these symptoms. Users often don’t notice anything, or don’t notice until too late that their computer has become part of a botnet
Return to the FAQs
How can I protect my PC from further attacks?
Be aware of the following Four Basic Rules.
. The following tips should be considered for your security:
- Be careful with email attachments. Never open email attachments from an unknown sender. Ask the sender if in doubt.
- Be careful with unknown websites: Malicious software can be installed and run on your computer just by visiting the website.
- Use secure passwords (at least 8 characters- alphanumerics).
- Change your password at regular intervals.
- Make regular backups (copies) of your personal data (e.g. documents, pictures, music) on an external medium.
- If you use technologies such as WLAN or VoIP make sure that you use encrypted data transfer.
- Never install software from unknown or doubtful sources, even if they are free of charge.
- Be aware of free offers, for example, making quick money or free travel, as well as unknown links, attachments or graphics in well known Social Networks e.g. Facebook, Twitter and Studivz.
Return to the FAQs
What is the EU-Cleaner?
The EU-Cleaner is a program that scans your system for current bots, and cleans it.
Return to the FAQs
Why isn't the EU-Cleaner available for Linux or Mac OS?
Risk of an infection with a computer running Mac OS or Linux is relatively small, because Internet criminals attack primarily computers with Windows installed. As a user of a Mac OS or Linux you should nevertheless, for your own protection, install anti-virus software tailored for this system.
Return to the FAQs
What is the difference between the EU-Cleaner and an installed anti-virus program?
The EU-Cleaner is a program which was specifically developed in order to remove an existing malware infection, or to check for such an infection. An installed anti-virus program usually runs in the background and is primarily to prevent an infection.
Return to the FAQs
What do I have to consider so that the EU-Cleaner functions properly?
First of all close all active programs, including those which run in the background.
Return to the FAQs
How long will a scan take with the EU-Cleaner?
The scan can vary depending on the amount of data and the number of programs installed, and could require several hours.
Return to the FAQs
The EU-Cleaner did not find any suspicious files on my computer. Does this mean my computer is clean?
The EU-Cleaner is a special tool whose current signatures have been designed to detect and remove bots. As a precaution, however, you should install anti-virus software and scan your computer completely. If anti-virus software is already installed, update it and run a complete scan.
Return to the FAQs
The EU-Cleaner detected and deleted malicious files on my computer. What do I do now?
After the successful removal of an infection, you should restart your computer and, to be on the safe side, repeat the scan. After this, follow in every case these Prevention measures.
Return to the FAQs
The EU-Cleaner removed malicious files from my computer and now another program no longer starts. What can I do?
It can happen that the EU-Cleaner detects as suspicious and removes a file, but the program was actually not malware at all. Don’t worry – your data has not been lost. In such a case, then please take the following steps:
- Start the EU-Cleaner and click the button "start scan".
- The last disinfection sessions that were undertaken will be listed. Select the appropriate session and click on "continue".
- Following this you will be shown exactly what the EU-Cleaner changed in this session. Click on "Undo" to restore your files.
- After this, restart your computer.
How can I re-install my operating system?
There are several possibilities, depending on whether you own a complete PC or one which you have put together yourself from components. If you own an installation CD/DVD, insert this into its drive and boot from this drive. You can find further instructions on re-installing your OS here. If you are not an owner of an Installation CD/DVD, try to perform a partition recovery. Please read your instruction manual for further instructions or ask the manufacturer of your system.
Return to the FAQs
Glossary
Anti-Virus Program
An anti-virus program is a virus scanner which detects and eliminates current and common malicious software e.g. viruses, worms and trojans.
Return to the FAQs
Bot
The term bot, derived from "robot", describes a computer program that executes its tasks independently, without any user interaction. Damaging bots can be used among other things for spam dispatch or DDoS attacks. The term bot, however, is also associated with the computer systems where bots are installed and executed.
Return to the FAQs
Botnets
Botnets are networks made up of interconnected bots. For details please read this article on the "Technical Background" page.
Return to the FAQs
Browser
A browser is a program that displays websites in the Internet (www). The best known browsers include Microsoft Internet Explorer, Mozilla Firefox, Opera, Apple Safari and Google Chrome.
Return to the FAQs
Dialer
A dialer (dial-in program) is a program that establishes an unwanted connection to the Internet using a premium rate number, for example, a 0900 number. This normally happens via an analog modem or an ISDN adapter. The cost will appear on the telephone bill of the person affected.
Return to the FAQs
Distributed Denial of Service (DDoS)
A "denial-of-service" can be caused unintentionally by excessive demand, or by a deliberate attack on a server, a computer or a network component. In this latter case, the goal is normally to interrupt or suspend active serves. A coordinated attack from numerous of other systems is a Distributed Denial of Service attack. Such attacks are controlled through back-door programs that function as bots.
Return to the FAQs
Email Spam
Email spam is the unsolicited sending of bulk messages with commercial content. Email spam often contains infected attachments or links that direct you to infected websites.
Return to the FAQsn
Firewall
Firewalls are software which monitor the data flow between two networks and filter or block specific traffic according to predetermined rules. A firewall can, for example, hinder unwanted access to your computer over the Internet, thus increasing the security of your computer. Some routers, such as the AVM FRITZ!Box or or some Speedport hardware from German Telecom have integrated firewalls.
Return to the FAQs
Grayware
Grayware is the least harmful form of malware. Programs in the greyware category track the surfing behaviour of users and on the basis of this send or display personalized advertising.
Return to the FAQs
Internet Service Provider (ISP)
An Internet Service Provider is a company that offers users access to the Internet. Well known providers in Germany are: German Telecom, 1&1, Versatel, Kabel BW, Netcologne and QSC.
Return to the FAQs
Patch
A patch is a small software update or a fix for a program. Microsoft, for example, releases a patch every second Tuesday in the month, which remedies known problems with a program, a module or an operating system.
Return to the FAQs
Scareware
Scareware comprises programs that are designed to mislead users into believing in a non-existant danger. The most well-known form is bogus anti-virus software which indicates that countless viruses are present on the computer. In order to remove them, the user is then advised to purchase a specific program. The goal is to exploit the anxiety of the computer user and to earn money with the bogus anti-virus software.
Return to the FAQs
Service packs
A service pack is an update package made available by the software developer for an operating system or a program. They normally integrate several smaller updates. They increase stability, sometimes provide additional functions, and remedy vulnerabilities. Service packs are generally free of charge and are available for download from the software developer’s website, such as Windows XP SP3 and Windows Vista SP2. You should always make sure that the most recent service pack has been installed.
Return to the FAQs
Social Network
A social network is the platform of an Internet community in which the participants mutually exchange information or data. Normally, anyone interested can participate free-of-charge in such communities. On these platforms, it is normal to make the personal profile and contact possibilities public. The goal is to make and take care of personal and business contacts. Well-known social networks include facebook, LinkedIn and twitter.
Return to the FAQs
VoIP
Voice over IP (VoIP) is new technology for the transmission of speech.Unlike classic telephony, the conversation is split into data packets and transmitted over computer networks (e.g. the Internet) – “Internet telephoning”. Advantages include the low cost of acquisition for the telephone system and the use of existing, well developed network structures. The fixed location of a classic telephone system is also not an issue.
Return to the FAQs
WLAN
A wireless local area network (WLAN) is a network which is connected without cables. To operate a WLAN, there needs to be a sender and a receiver that can communicate or exchange data with each other according to a pre-defined standard. Many Internet Service Providers provide their customers with a router with in-built WLAN. WLAN routers enable wireless Internet use.
Return to the FAQs