Search
Left Quote    It is possible to store the mind with a million facts and still be entirely uneducated.
- Alec Bourne    
Right Quote
 
[login] | [Register]
 

SD Bot Tutorial

by: Achillean
Page: 3 of 3
(View All)

Removal:


If you notice that your bandwidth is being consumed or that your computer is acting weird you might be infected with the sdbot. The sdbot source can be customized greatly so it can be hard to remove if you are dealing with a higher order of script kiddie. I will show you how to remove a standard sdbot that hasn't been modified. The sdbot will make a registry entry in :



and in


so to remove it find these entries, if its a standard sdbot that hasn't been configured the registry entry will probably be "Configuration Loader". Remove the entry in run and run services (making a note of the filename for these keys) and reboot. Now go into the system or system32 folder depending on what version of windows you run and deleted the exe that was associated with that registry entry, now you should be clean. Do a netstat to make sure you don't see the bot connected to an IRC server, if you don't, you should be fine now.


Conclusion:

This was a quick tutorial I wrote for some friends of mine. I hope you enjoyed it. Remember that DDoS attacks as well as entering someone else

1  |  2  |  3  |  


No Comments for this page.

You Must be logged in or a member to comment.


Tutorial Stats

Tutorial Stats

25,017 Views
1 Total Comments
4 Rating of 5 (3 Votes)

Options

Tutorial Options

· Login to Rate This Article
· Login to Post a Comment
· Read more by this author
Digg This Article! Del.icio.us: Bookmark This Article Reddit: Bookmark This Article BlinkList: Blink This Article! YahooMyWeb BlogMarks: Add This Mark! Furl: Save This Article Spurl: Mark This Article

Articles

Related    

Your Article Here



"AllSyntax.com" Copyright © 2002-2018; All rights lefted, all lefts righted.
Privacy Policy  |  Internet Rank