Follow:

 

Trojan:Win32/WebToos.B


Microsoft security software detects and removes this threat.

This threat can perform a number of actions of a malicious hacker's choice on your PC.

Find out ways that malware can get on your PC.



What to do now

The following free Microsoft software detects and removes this threat:

Even if we've already detected and removed this particular threat, running a full scan might find other malware that is hiding on your PC.

Get more help

You can also see our advanced troubleshooting page for more help.

If you’re using Windows XP, see our Windows XP end of support page.

Threat behavior

Installation
Trojan:Win32/WebToos.B copies itself to %programfiles%\dbsecurityspt\dbsecurityspt.exe.
 
The malware creates the following files on your PC:

  • %programfiles%\dbsecurityspt\bill.exe
  • %programfiles%\dbsecurityspt\svch0st.exe
Payload
Stops processes
 
Trojan:Win32/WebToos.B can stop the following processes:

  • Bill.exe
  • DbSecuritySpt.exe
 
Contacts remote host
 
The malware might contact a remote host at tools.google.com using port 80. Commonly, malware does this to:
  • Report a new infection to its author
  • Receive configuration or other data
  • Download and run files, including updates or other malware
  • Receive instructions from a remote hacker
  • Upload data taken from your PC
This malware description was produced and published using automated analysis of file SHA1 59ea6a5558e258db8e516b60c534a670ab44063d.

Symptoms

System changes
The following could indicate that you have this threat on your PC:

  • You have these files:

    %programfiles%\dbsecurityspt\bill.exe
    %programfiles%\dbsecurityspt\dbsecurityspt.exe
    %programfiles%\dbsecurityspt\svch0st.exe
 

Prevention


Alert level: Severe
First detected by definition: 1.179.348.0
Latest detected by definition: 1.179.348.0 and higher
First detected on: Jul 18, 2014
This entry was first published on: Jul 21, 2014
This entry was updated on: Jul 22, 2014

This threat is also detected as:
No known aliases