Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Security / Virus alerts

Virus alerts

Trojan Horse Shutting Down Important Windows Functions

Only Task Manager and Automatic Windows Update for now

By Bogdan Popa, Security and Search Engines Editor

13th of December 2007, 07:06 GMT

Adjust text size:


Computers should be always protected by an antivirus solution
Enlarge picture
TROJ_KILLAV.LW is a new type of Trojan that attempts to modify important changes of a Windows machine, in order to infect the computer and be sure that nobody ever manages to detect or stop it. Dream on, kid! The Trojan horse has already been identified by the security companies and most antivirus technologies have
already provided protection against it. But, let's see what it is able to do. First of all, TROJ_KILLAV.LW affects most Windows versions including 98, ME, NT, 2000, XP or Server 2003 after it arrives on the computer without users' approval. "This Trojan may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites", security company Trend Micro wrote in an advisory rolled out today.

Just like many other Trojan horses, TROJ_KILLAV.LW attempts to modify the Windows Common Startup folder in order to be sure that it is automatically started every time the operating system is loaded. "It creates and modifies registry entries to enable its automatic execution at every system startup", Trend Micro wrote.

And now, the juicy part: it disables both 'Automatic Windows Update' and 'Task Manager' functions in order to remain unidentified and be able to exploit other system vulnerabilities. By disabling the automatic updates, the Trojan horse tries to keep the computer away from the latest patches powered by Microsoft, which obviously means unpatched system and more vulnerabilities to be exploited. The 'Task Manager' modification is supposed to block the users from discovering the Trojan horse running on the system.

In addition to these changes, the infection also modifies the HOSTS files to block users from visiting certain websites. The HOSTS file is located in WINDOWSsystem32driversetc for the Windows XP users. Although Trend Micro set a high damage potential, I don't think this Trojan horse should be a problem if you have an updated antivirus solution.

TAGS:

 trojan | infection | windows | security


Rating:
Fair (2.2/5) 7 vote(s) so far    

Read by 1,267 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Download Internet Explorer 7 Beta 2 Now!

Dangerous Trojan Delivered by Emails

Windows Vista Safe from Windows Deactivation Trojan

Skype Defender Stealing Your Passwords

Fake Samsung Emails Aiming To Infect Computers

Mac OS X Malware Already Defeated

Fake Windows Update Serving Trojan Horse

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive