Virus:TR/Killav.OG
Type:Trojan
In the wild:No
Reported Infections:Low
Distribution Potential:Low
Damage Potential:Low to medium
Static file:Yes
File size:115.527 Bytes
MD5 checksum:403d6f3b21f56845e317df78ea625234
IVDF version:7.00.30.132

 General Aliases:
   •  Kaspersky: Trojan.Win32.KillAV.og
   •  F-Secure: Trojan.Win32.KillAV.og


Platforms / OS:
   • Windows 95
   • Windows 98
   • Windows 98 SE
   • Windows NT
   • Windows ME
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows CE


Side effects:
   • Disable security applications
   • Drops files
   • Registry modification

 Files The following files are created:

– %program files%\Rising\Rav\Def\20.26.31.rp
– %program files%\Rising\Rav\Def\20.26.32.rp
– %program files%\Rising\Rav\Def\20.26.40.rp
– %program files%\Rising\Rav\Def\20.26.41.rp
– %program files%\Rising\Rav\Def\20.26.42.rp
– %program files%\Rising\Rav\Def\engine.so
– %program files%\Rising\Rav\Def\libwnd.so
– %program files%\Rising\Rav\Def\nvlib.def
– %program files%\Rising\Rav\Def\pa.26.22.def
– %program files%\Rising\Rav\Def\pa.28.22.def
– %program files%\Rising\Rav\Def\posttrt.def
– %program files%\Rising\Rav\Def\sysmem.def
– %program files%\Rising\Rav\Def\virboot.def
– %program files%\Rising\Rav\Def\vircom.def
– %program files%\Rising\Rav\Def\virelf.def
– %program files%\Rising\Rav\Def\virinfo.def
– %program files%\Rising\Rav\Def\virmacr.def
– %program files%\Rising\Rav\Def\virmz.def
– %program files%\Rising\Rav\Def\virnorm.def
– %program files%\Rising\Rav\Def\virpe.def
– %program files%\Rising\Rav\Def\virsct.def
– %program files%\Rising\Rav\Def\wl.35.20.def

 Registry The following registry key is added:

– [HKCU\Software\WinRAR SFX]
   • "C%%Program Files%Rising%Rav%Def"="%PROGRAM FILES%\Rising\Rav\Def"

Description inserted by Irina Diaconescu on Wednesday, April 9, 2008
Description updated by Irina Diaconescu on Friday, April 18, 2008

Back . . . .