Je hebt een klacht over de onderstaande posting:
gevonden met Google "backdoor jeem removal" When Backdoor.Jeem runs, it does the following: It copies itself as C:%system%Msrexe.exe. Note: %system% is a variable. The Trojan locates the Windows System folder and copies itself to that location. By default this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP). It adds the value System Service C:%System%msrexe.exe to the registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun so that the Trojan runs when you start Windows. It adds these values: 1c3943 4lkf83 vk8593 2340v93 4c34 c0948273 398349873 to the registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionWelcome It creates the registry key HKEY_LOCAL_MACHINESystemCurrentControlSetServicesSwartax and adds this value to it: ImagePath C:%System%msrexe.exe The Trojan opens three TCP ports to allow the hacker to remotely control the infected computer. One TCP ...
Beschrijf je klacht (Optioneel):