Je hebt een klacht over de onderstaande posting:
The worm creates its copies (EXE and DLL) in the root of C: drive - C:SVCHOST.EXE and C:HTTPEXT.DLL. This EXE file is then registered in the Registry auto-run key: HKLMSoftwareMicrosoftWindowsCurrentVersionRun Domain Manager = C:svchost.exe The worm then creates and swapns a C:D.VBS script file, then looks for the INETINFO.EXE application and terminates it if it is active. The VBS script program also searches for Indexing Service, Indexing Query and printer mapping and removes them. As a result, the worm disables security breaches that can be used (or were used) by other worms to infect the machine and/or hackers to break through the Web-security protections.
Beschrijf je klacht (Optioneel):