Trojan.Win32.Killav.at

· Overview ·
· Origins ·
· Operation ·
· Detection and Removal ·
· Research ·

Overview

Vendor Notes:

 from the doc: 'TechKiller reinvented the way of AV/FW killing. It wont be looping and killing the programs every time they are found running, it will *just* avoid then to start. So no memory leeching :) Also is the first AV/FW killer that is hidden from 2k/NT/XP machines task manager. Can hide itself using cloak tech.'

Alias:

 TechKiller v1.1, Trojan Horse [Panda], Win32/Killav.at!Trojan [Computer Associates]

See Also:

 Trojan.Win32.Killav

Category:

AV Killer: Any hacker tool intended to disable a user's anti-virus software to help elude detection. Some will also disable personal firewalls.

Trojan: Any program with a hidden intent. Trojans are one of the leading causes of breaking into machines. If you pull down a program from a chat room, new group, or even from unsolicited e-mail, then the program is likely trojaned with some subversive purpose. The word Trojan can be used as a verb: To trojan a program is to add subversive functionality to an existing program. For example, a trojaned login program might be programmed to accept a certain password for any user's account that the hacker can use to log back into the system at any time. Rootkits often contain a suite of such trojaned programs.

Similar Pests:

 AV Killer · Trojan

Origins

Author:

 Caesar2k

Group:

 Nuclear Winter Crew

By This Group:

 Backdoor.Delf.li ·

URL:

 http://www.nuclearwinter.mirrorz.com

Date of Origin:

 September, 2003

Operation

Storage Required:
  • Trojan.Win32.Killav.at: at least 513 KB
    		•

    Detection and Removal

    Automatic Removal:

    PestPatrol detects this.

    PestPatrol removes this.

    Manual Removal:

    		 Follow these steps to remove Trojan.Win32.Killav.at from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake.
    Stop Running Processes:

    Kill these running processes with Task Manager:

    Remove Files:

    Remove these files (if present) with Windows Explorer:

    Research

    File Analyses:

    More Info:
  • AllTheWeb, AltaVista, AOL Search, Ask Jeeves, Google, HotBot, Lycos, LookSmart, MSN, Yahoo!
    		•

    Research By:
  • PestPatrol's Pest Research Center
    		•

    Last Revised:

    		 April 05, 2005