 |
Every day I get up and look through the Forbes list of the richest people in America. If I’m not there, I go to work. - Robert Orben |
 |
|
|
||||||
Removal:If you notice that your bandwidth is being consumed or that your computer is acting weird you might be infected with the sdbot. The sdbot source can be customized greatly so it can be hard to remove if you are dealing with a higher order of script kiddie. I will show you how to remove a standard sdbot that hasn't been modified. The sdbot will make a registry entry in : and in so to remove it find these entries, if its a standard sdbot that hasn't been configured the registry entry will probably be "Configuration Loader". Remove the entry in run and run services (making a note of the filename for these keys) and reboot. Now go into the system or system32 folder depending on what version of windows you run and deleted the exe that was associated with that registry entry, now you should be clean. Do a netstat to make sure you don't see the bot connected to an IRC server, if you don't, you should be fine now. Conclusion:This was a quick tutorial I wrote for some friends of mine. I hope you enjoyed it. Remember that DDoS attacks as well as entering someone else’s computer without permission is illegal and can land you in jail and at the very least will give you a bad name on IRC. There are times when script kiddie methods can be more effective at getting the job done, when that time comes you shouldn't have reservations about using whatever method works, but use discretion and don't become another wannabe hacker giving hackers a bad name. s0mber phatalysis AT yahoo {dot} com AIM: phatalysis
No Comments for this page. |
|
|||||||||||||||||||||||||||
