Code: p348 Severity: Warning
Description: This event is generated when an attempt is made by the victim to send a connection confirmation to the attacker using the CrazzyNet trojan. Impact: If connected, the attacker could remotetly execute a multitude of functions resulting in a full compromise of the victim's machine. Corrective: CrazzyNet copies itself to C:\WINDOWS\Registry32.exe Delete the registry key Reg32=Registry32.exe found in HKCUU\Software\Microsoft\Windows\CurrentVersion\Run Delete Registry32.exe from Win.ini and System.ini If found, delete Registry32.exe and server.exe Make sure to keep your virus definitions updated on your anti-virus software.
|
