| Name: |
Srv.CWS.GTBdropper |
| Category: |
Trojan |
| Advice: |
Remove |
| Risk: |
High Risk
High risk threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction. May open up communication ports, use polymorphic tactics, stealth installations, and/or anti-spy counter measures. May use a security flaw in the operating system to gain access to your computer. |
| Description:
|
Srv.CWS.GTBdropper is a program used by hackers to perform malicious activites on the infected machine.
Srv.CWS.GTBdropper collects information about the infected system and sends this information back to a remote IP address. This information is then used to help facilitate the process of installing more programs/malware on the infected machine.
|
| Signatures:
|
process: scrsvc.exe: MD5 Hash: 7a69ff54af98946383b...
process: l04d3r.exe: MD5 Hash: e34dcebce8bf71e3706...
process: winmain.exe: MD5 Hash: 7a69ff54af98946383b...
process: bootpd.exe: MD5 Hash: 200e586d67915ba9d9a...
process: actsie4.exe: MD5 Hash: 796b2703c691d85b7ba.. |
| Type: |
Trojan - A Trojan software is any software on a user's computer that the user is not aware or intentionally installed. Most Trojan software is designed to perform some sort of actions that could jeopardize the user's security or privacy. |
