Win32/KillProc [Threat Name] go to Threat

Win32/KillProc.B [Threat Variant Name]

Category trojan
Size 4608 B
Aliases Trojan.Win32.KillProc.b (Kaspersky)
  MultiDropper-GP.d.trojan (McAfee)
  Infostealer.Tarno.B (Symantec)
Short description

Win32/KillProc.B is a trojan that terminates various security applications. The file is run-time compressed using UPX .

Installation

When executed, the trojan creates the following files:

  • %system%\­mstu.exe (6656 B)

The trojan registers itself as a system service using the following name:

  • anem
Other information

The trojan terminates processes with any of the following strings in the name:

  • _AVP32.EXE
  • _AVPCC.EXE
  • _AVPM.EXE
  • AckWin32.exe
  • ACKWIN32.EXE
  • ALERTSVC.EXE
  • ALOGSERV.EXE
  • Anti-Trojan.exe
  • ANTS.EXE
  • ATCON.EXE
  • ATCON.EXE
  • ATUPDATER.EXE
  • ATWATCH.EXE
  • AutoDown.exe
  • AutoTrace.exe
  • AUTOUPDATE.EXE
  • AVCONSOL.EXE
  • AVGCC32.EXE
  • AVGCTRL.EXE
  • AVGSERV.EXE
  • AvkServ.exe
  • AVKSERV.EXE
  • AVP.EXE
  • AVP32.EXE
  • AVPCC.EXE
  • AVPM.EXE
  • AVSYNMGR.EXE
  • AVXMONITOR9X.EXE
  • AVXMONITOR9X.EXE
  • AVXMONITORNT.EXE
  • AVXQUAR.EXE
  • blackd.exe
  • blackice.exe
  • Claw95.exe
  • Claw95cf.exe
  • cleaner.exe
  • cleaner3.exe
  • cpd.exe
  • DEFWATCH.EXE
  • DOORS.EXE
  • F-AGNT95.EXE
  • FAST.EXE
  • F-PROT95.EXE
  • FRW.EXE
  • FRW.EXE
  • GUARD.EXE
  • GUARD.EXE
  • iamapp.exe
  • IAMAPP.EXE
  • iamserv.exe
  • IAMSERV.EXE
  • ICLOAD95.EXE
  • ICLOADNT.EXE
  • ICLOADNT.EXE
  • ICMON.EXE
  • ICSUPP95.EXE
  • ICSUPP95.EXE
  • ICSUPPNT.EXE
  • ICSUPPNT.EXE
  • IFACE.EXE
  • IFACE.EXE
  • IOMON98.EXE
  • ISRV95.EXE
  • JEDI.EXE
  • LOCKDOWN2000.EXE
  • LUCOMSERVER.EXE
  • MCAGENT.EXE
  • MCAGENT.EXE
  • Mcshield.exe
  • MCUPDATE.EXE
  • MCUPDATE.EXE
  • MINILOG.EXE
  • MONITOR.EXE
  • MOOLIVE.EXE
  • NAVAPW32.EXE
  • NAVAPW32.EXE
  • NAVAPW32.EXE
  • NavLu32.exe
  • NAVW32.EXE
  • Navw32.exe
  • NDD32.EXE
  • NeoWatchLog.exe
  • NeoWatchTray.exe
  • NISSERV
  • NISUM.EXE
  • NMAIN.EXE
  • NORMIST.EXE
  • notstart.exe
  • NPROTECT.EXE
  • NSCHED32.EXE
  • NTXconfig.exe
  • Nupgrade.exe
  • NVC95.EXE
  • NWService.exe
  • outpost.exe
  • PCCIOMON.EXE
  • PERSFW.EXE
  • POP3TRAP.EXE
  • POPROXY.EXE
  • REALMON95.EXE
  • Rescue.exe
  • RTVSCN95.EXE
  • Smc.exe
  • SPHINX.EXE
  • SPYXX.EXE
  • SPYXX.EXE
  • SS3EDIT.EXE
  • SS3EDIT.EXE
  • SWNETSUP.EXE
  • SymProxySvc.exe
  • SYNMGR.EXE
  • TAUMON.EXE
  • TC.EXE
  • tca.exe
  • TCA.EXE
  • TCM.EXE
  • TDS-3.EXE
  • TFAK.EXE
  • TFAK.EXE
  • TRJSCAN.EXE
  • VetTray.exe
  • VPTRAY.EXE
  • VSECOMR.EXE
  • VSHWIN32.EXE
  • VSHWIN32.EXE
  • VSMON.EXE
  • VSSTAT.EXE
  • VSSTAT.EXE
  • WATCHDOG.EXE
  • WebScanX.exe
  • WEBSCANX.EXE
  • WEBTRAP.EXE
  • WGFE95.EXE
  • WRADMIN.EXE
  • WrAdmin.exe
  • WRCTRL.EXE
  • WrCtrl.exe
  • WrCtrl.exe
  • ZATUTOR.EXE
  • ZAUINST.EXE
  • ZONEALARM.EXE

Please enable Javascript to ensure correct displaying of this content and refresh this page.