TROJ_KILLAV.AXP
ALIASES:
Rootkit.Win32.Agent.dihr (Kaspersky)
PLATFORM:
Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit)
OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:
INFORMATION EXPOSURE:
Threat Type: Trojan
Destructiveness: No
Encrypted: No
In the wild: Yes
OVERVIEW
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
TECHNICAL DETAILS
File Size:
36,736 bytes
File Type:
SYS
Memory Resident:
Yes
Initial Samples Received Date:
09 Sep 2013
Arrival Details
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Process Termination
This Trojan terminates the following processes if found running in the affected system's memory:
- ASDCli.exe
- ASDCr.exe
- ASDSvc.exe
- ASDUp.exe
- AYAgent.exe
- AYAgent.exe
- AYRTSrv.exe
- AYRTSrv.exe
- AYUpdSrv.exe
- AYUpdSrv.exe
- AhnSD.exe
- AhnSDsv.exe
- AvastSvc.exe
- AvastUI.exe
- HFACSvc.exe
- MUpdate2.exe
- MonSvcNT.exe
- MonSysNT.exe
- Nsavsvc.exe
- Nsvmon.exe
- SpiderNT.exe
- V3IMPro.exe
- V3LNetdn.exe
- V3LRun.exe
- V3LSvc.exe
- V3LTray.exe
- V3Light.exe
- V3LiteExp.exe
- V3Medic.exe
- V3P3AT.exe
- ashUpd.exe
- avp.exe
- avsx.exe
- hUpSvc.exe
- hVrCommandSvc.exe
- hVrMalSvc.exe
- hVrTray.exe
- hpcsvc.exe
- monsvcnt.exe
- monsysnt.exe
- v3impro.exe
- v3p3at.exe
- vcrmon.exe
- vrfwsvc.exe
- vrmonnt.exe
- vrmonsvc.exe
- vrptsvc.exe
- vrscan.exe
- NVCAgent.exe
- NVCUpgrader.exe
- NaverAgent.exe