Welcome to Process-info.org library
Process-info.org is an online library of Computer Operating System's Processes, which helps you to identify processes running at background of computer operating system or at remote computers on your network.
Process-info.org contains a growing database of executable processes (mostly with .EXE extension) and DLL libraries. You can search for processes through search box or navigate alphabeticaly by starting letter of process name.
It is assumed that users are familiar with computer operating system they're using and agree with suggested changes. Process-info.org will not be held responsible, if changes you make cause a system failure.
rpcclient.exe
Codbot-L Worm
Warning! Potential Security Hazard!
System process “rpcclient.exe” is reported as a Virus and Trojan!
Brief description of process
“rpcclient.exe” process is reported as a Trojan, also known as a Trojan Horse. Trojan is a part of software, called malware (Malicious software). Trojan appears to be a friendly, relative secure application, for example a screensaver, but the main goal of Trojan application is performing hidden background tasks, especially installing a virus or backdoor application into operating system of victim. It can result, for example, into enabling remote access to computer, stealing data like bank account access, passwords stored in computer etc. Trojan can be received by email as an attachment (screensaver, multimedia postcard) or can be downloaded from internet (keygen, software for free, etc.).
“rpcclient.exe” process is reported to be a virus. Virus is computer application, which can infect computer, replicate, modify (morph) and distribute itself to another computer (by internet, CD, DVD, Blueray, USB Flash disks, etc.) – it all can be happened without approval or knowledge of user. When virus is executed, it may cause damage to data stored in computer, it can change operating system settings, change performance of computer (it can eat free memory), it can modify networks settings and slowdown network connections. Viruses are mainly distributed over internet, as attachment in e-mails, downloaded from not trusted web sites, you can receive a virus from somebody in your contact list on your favorite instant messenger (ICQ, AOL, Yahoo messenger) as a file.
What to do with this process?
rpcclient.exe
Reported as Virus
Yes!
Reported as Trojan Horse
Yes!
Reported as Spyware, Adware
Process status unknown
Developer
Part of
Codbot-L Worm
Related news
Showing news related to process “rpcclient.exe”
October 5, 2009 3:55:41 PM CEST
I-Worm/Nuwar – We have a new wave of spammed mail messages containing link directing users to website where the worm could be downloaded. Emails contains short text and IP address of currently working pages with worm. In this case downloaded filename is withlove.exe and it's about 115kB in size. Websites and worm files changes every few minutes. AVG detects withlove.exe as I-Worm/Nuwar.L.
March 12, 2009 5:36:00 PM CET
Email-Worm.Win32.Merond.a – This worm spreads as an attachment to infected emails and also via file-sharing networks and removable media. The worm itself is a Windows PE EXE file. The worm’s executable file can vary between 150KB to 400KB in size. Installation The worm copies its executable file to the Windows system...
September 28, 2009 1:21:14 PM CEST
I-Worm/Stration downloader – Latest Stration downloader spreads by email in messages with randomly generated subject and body with one EXE and one PDF file attached. EXE file is 20992B in size and it`s downloader itself which is detected by AVG as I-Worm/Stration.FJA. The file downloader tryes to download is already detected as I-Worm/Stration. More information about Stration worm familly can be found in the Virus Encyclopedia.
September 28, 2009 1:21:14 PM CEST
I-Worm/Nuwar – Propagation method of new Nuwar variant is still similar to its precedessors. Spammed mails with link in IP format directs users to the worm web pages where the users are prompted to download one of the worm files with the name funny.exe. Names of other downloadable files are kickme.exe and foolsday.exe. AVG detects this threat as I-Worm/Nuwar.R.
October 5, 2009 3:55:41 PM CEST
I-Worm/Nuwar – New Nuwar variant spreading method is similar to Nuwar.L last month propagation. Spammed emails are brief containing link in IP format to currently working pages with worm. Compromised page code is changed and as a result user is prompted to download file with worm. Downloaded filename is valentine.exe it's about 110 - 130kB long and it's detected by AVG as I-Worm/Nuwar.N.
