| Port No | 4092 |
| Service Name | Wincrash |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | When installed on a Microsoft Windows system, this backdoor Trojan horse program lets others gain full access to the system through a network connection. Backdoor.Wincrash is divided into 2 parts: a client and a server. Both applications are capable of running under Windows 95, 98, and NT 4.0. The client application running on one computer might be used to monitor and control a second computer running the server application. The port number through which the client controls the server is configurable. However, as long as the port is blocked by a firewall, this Trojan horse cannot infiltrate the server. It does not matter whether the TCP or UDP protocol is implemented. There have not been any reports of this program breaking through a firewall |
| Reference Link | More Information |
| Attack | Name:Wincrash How To Remove: 1. Kill the following processes backdoor-m.svr.exe, client.exe, w32win,1.exe, wincrash.exe, wincrash-e.exe, wpc - wincrash password cracker.exe 2. Remove the following files backdoor-m.svr.exe, client.exe, setup.pkg, w32win,1.exe, wincrash-e.exe, wincrash.exe, wincrash.rtf, wincrash.tb, wincrash2.hlp, wincrash_english.rtf, wpc - wincrash password cracker.exe, _setup.1, _setup.lib. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.