It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. It drops the following copy(ies) of itself in all removable drives: It is also where the operating system is located.) %System Root% is the root folder, which is usually C:\. %Program Files% is the default Program Files folder, usually C:\Program Files. (Note: %User Profile% is the current user's profile folder, which is usually C:\Windows\Profiles\ on Windows 2000, XP, and Server 2003. %Program Files%\morpheus\my shared folder\.%User Profile%My Documents\Frostwire\shared.It drops copies of itself into the following folders used in peer-to-peer (P2P) networks: This worm creates the following folders in all removable drives: %System%\PCSuite.exe = %System%\PCSuite.exe:*:Enabled:Explorer HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\įirewallPolicy\StandardProfile\AuthorizedApplications\ It adds the following registry entries as part of its installation routine: This worm adds the following registry keys: Nokia Launch Application = %System%\PCSuite.exe This worm adds the following registry entries to enable its automatic execution at every system startup: It adds the following mutexes to ensure that only one of its copies runs at any one time: It drops the following copies of itself into the affected system: (Note: %System% is the Windows system folder, which is usually C:\Windows\System on Windows 98 and ME, C:\WINNT\System32 on Windows NT and 2000, or C:\Windows\System32 on Windows XP and Server 2003.)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |