On Windows operating systems, svchost.exe manages the services and services are actually running under
svchost.exe’s as threads. Phant0m targets theEvent Logservice and finding the process responsible for theEvent Logservice, it detects and kills the threads responsible for the Event Log service. Thus, while the Event Log service appears to be running in the system (because Phant0m didn’t kill process), it does not actually run (because Phant0m killed threads) and the system does not collect logs. Phant0m | Windows Event Log Killer
so.cl
Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer