Not long ago, the four Win2000 servers in our website were all red code II viruses. He is now writing as follows, and you want to pay attention to it from harm.
First of all, if your machine has IIS, there is no Win2000 third patch, you will be very likely to infect the red code virus, here you have an Explorer.exe file in your machine. Estate ( Note: You must change all files via the folder option) This file is deleted, but it can be renamed. It is recommended to download Microsoft just out of the red code to clear the software. You can restart after running. After killing the virus, change the name of Explorer.exe, you have to delete the root.exe file in the script directory in the wwwroot directory, this Trojan's back door file, and you can see if you have a task through the task manager. Exploere process, pay attention to this process is uppercase, kill it, there is a root.exe file in the MADC directory in the comm directory in the program directory, delete it, restart, can remove the virus, but Don't forget to play three patch packages of Microsoft, you can download patch two (patch two including patch a) and patch three (it is very small)
If your machine is not a server or if you do not use IIS, it is recommended to turn off IIS !!! This is Microsoft left the back door of hackers !!!
