Remove the W32.Codbot WORM

Written by

in

W32.Codbot is a worm that has been popping up throughout the net. It exploits the SQL Sever LSASS and RPC-DCOM process.

W32.Codbot.AL masquerades as a system process which allows it to be run
when the system boots up. Once running it connects to Internet Relay
Chat (IRC) where it can take command to control you sytem.

Instructions to remove W32.Codbot.htm:
http://elamb.blogharbor.com/hacked/codbot.htm

Ready to actually get the RMF/ISSO job?

Go from reading about the Risk Management Framework to doing it — with the full video course, the books, and a community of GRC professionals taught by Bruce Brown (CISSP, CGRC).

Get the RMF ISSO Foundations course → Browse the RMF & GRC books Join the free GRC community

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *