Code: p312 Severity: Warning
Description: Dagger is a Trojan Horse. Impact: Possible theft of data and control of the targeted machine leading to a compromise of all resources the machine is connected to. This Trojan also has the ability to delete data, steal passwords and disable the machine. Corrective: This is a particularly difficult Trojan to remove and should only be attempted by an experienced Windows Administrator. Edit the system registry to remove the extra keys or restore a previously known good copy of the registry. Affected registry keys are: [HKEY_CLASSES_USER\Software\Microsoft\Windows\CurrentVersion\RunServices] [HKEY_CLASSES_USER\Software\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] Registry keys added are: "SysManager"="C:\\WINDOWS\\System\\Manager.exe" Removal of the file Manager.exe is required. Also end the process Manager.exe. A machine reboot may be required to clear the existing process from running in memory.
|
