Code: p27 Severity: Warning
Description: This event is generated when Trojan Horse activity is detected from the program WinCrash. Impact: Limited control of the targeted machine. Corrective: Edit the system registry to remove the extra keys or restore a previously known good copy of the registry. Affected registry keys are: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ Registry keys added are: WinManager Removal of this entry is required. Delete the file server.exe Edit the win.ini file to remove any references to the Trojan file. Ending the Trojan process is also necessary. A reboot of the infected machine is recommended.
|
