Trojan.Win32.Killav.br

tag:Trojans

0 0

This Trojan will terminate a range of legitimate programs on the victim machine. The Trojan itself is a Windows PE EXE file 4608 bytes in size.

Installation

Once launched, the Trojan creates a file called mserv.exe, 6656 bytes in size, in the Windows root directory:

%Windir%/mserv.exe

The Trojan then creates the following entries in the system registry:

[HKLM\System\CurrentControlSet001\Enum\Root\LEGACY_ANEM]
Service="anem"
Legacy="dword:00000001"
Class="LegacyDriver"
DeviceDesc="mserv.exe" Payload

previous:Trojan.Win32.Killav.k
previous:Trojan.Win32.Killav.bl

Virus Source from:

New articles

TROJ_FAKEAV.WKAThis Trojan may be downloaded from the following remote sites: http://{BLOCKED}ogle.info/tre/lena.exe/{random characters} This Trojan adds the foll...TROJ_RANSOM.QOWAThis Trojan may be unknowingly downloaded by a user while visiting malicious websites. This Trojan drops the following copies of itself into the affected sys...TapSnake.ATapSnake.A is a Trojan that affects mobile phones with an Android operating system. Once installed in the phone, it carries out the following actions: ...Trojan.Win32.FraudPack.bkheOnce launched, the program will display a message stating that the computer has been infected by malicious programs: The message is displayed even if there a...Trojan-Dropper.Win32.Agent.cxdOnce activated, the Trojan copies its body and saves it to the Windows system directory as "fvfj.sxo": %System%fvfj.sxo In order to ensure that th...

Hot Articles

Trojan.Win32.Killav.br

Computer Virus Clounds