Dasher.c is a quickly spreading Internet worm that infects vulnerable remote computers running the Microsoft Windows operating system with unpatched security flaws. The infection process does not require any user interaction. Once installed, Dasher.c runs a spreading routine. Then it opens a back door that provides the attacker with unauthorized remote access to a compromised computer. The intruder can download from a predefined FTP server and execute arbitrary files. Dasher.c also terminates some running antivirus programs, firewalls and other security-related software. It is able to lower security settings on the infected system by altering the Windows registry.
sqlexp.exe, sqlscan.exe, svchost.exe
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesMSDTCStart=4HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetBTParametersSMBDeviceEnabled=0