crvss.exe - Dangerous
crvss.exe
Manual removal instructions:
Antivirus Report of crvss.exe:
crvss.exe
Backdoor.Sdbot.AB
It is a Trojan horse program with backdoor capabilities that spreads to network shares and allows a remote attacker to gain unauthorized access to an infected computer.
Steals confidential information.
Attempts to access the network share folder $IPC.
If the network share folder is password-protected, the Trojan attempts to gain access using predefined user names and passwords.
Opens a backdoor by connecting to the IRC server newuslut.parited.net on TCP port 6564, and listening for commands from a remote attacker.
These commands may allow a remote attacker to perform some of the following actions:
- Perform a Denial of Service (DoS) attack against a target host
- Retrieve system information
- Connect to a URL
- Upload and download files
- Execute programs
- Log keystrokes
- Sniff network packets
- Conduct port scans against other computers
- Steal the Windows Product ID
- Steals CD keys for the different games
Manual removal:
Navigate to the keys:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
and delete the value: "Windows media service"="crvss.exe"
| crvss.exe | Malware |
| crvss.exe | Dangerous |
| crvss.exe | High Risk |
It is a Trojan horse program with backdoor capabilities that spreads to network shares and allows a remote attacker to gain unauthorized access to an infected computer.
Steals confidential information.
Attempts to access the network share folder $IPC.
If the network share folder is password-protected, the Trojan attempts to gain access using predefined user names and passwords.
Opens a backdoor by connecting to the IRC server newuslut.parited.net on TCP port 6564, and listening for commands from a remote attacker.
These commands may allow a remote attacker to perform some of the following actions:
- Perform a Denial of Service (DoS) attack against a target host
- Retrieve system information
- Connect to a URL
- Upload and download files
- Execute programs
- Log keystrokes
- Sniff network packets
- Conduct port scans against other computers
- Steal the Windows Product ID
- Steals CD keys for the different games
Manual removal:
Navigate to the keys:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
and delete the value: "Windows media service"="crvss.exe"
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.