Dr.Web Anti-virus - Innovative IT-Security Solutions
Global Sites
Russia (Headquarter)
Estonia Finland France Germany Greece Hungary Italy Iran Israel Japan Kazakhstan Lithuania Poland Portugal Slovakia Spain Taiwan Ukraine


Latest Released Update : (HKT) 2014-04-18 23:01
Virus Database Total Records : 5124213
Home About Dr.Web Products Downloads Purchase FAQ Contact Us  
Dr.Web Anti-virus Video Channel  

‹ How To Remove Virus "Embedded.Trojan.Win32.KillAV.cn" ›

Brief Information
Virus Name : Embedded.Trojan.Win32.KillAV.cn
Named By : VirusBlokAda
Known Aliases : BackDoor.ProRat.19 (Dr.Web), TROJ_SMALL.NL (Trend Micro), Dropper.Generic.CQH (AVG), Backdoor:Win32/Prorat.Y (Microsoft), Download.Trojan (Symantec), Backdoor.Win32.Prorat.19.l (Kaspersky), Trojan.Generic.1558905 (BitDefender), W32/Prorat.AI@bd (F-Prot), DR/Delphi.Gen (Avira), BackDoor-DVL (McAfee), BackDoor.Iam (VirusBlokAda), Win32/Prorat.19.A!Trojan (Computer Associates)
Full List
Characteristics :
(based on aliases)
Trojan
  • Trojan horses may allow a hacker remote access to a target computer system, and perform various operations. The types of operations are limited by user privileges on target computer, which normally includes data theft, modification or deletion of files, keystroke logging, and use of machine as part of a botnet to perform mass spamming or to distribute Denial-of-service attacks.
  • Trojan horses can be installed through software bundling (included as part of a software application available downloaded from file sharing network), email attachments, instant-messaging network, websites containing executable content (such as ActiveX control), etc. It can also be self-replicated by spreading itself through the use of application exploits.
Trojan-Backdoor
  • Backdoor is a Trojan which contains a Remote Administration Tool inside. This tool can bypass normally authentication to secretly control a program, computer or even a network. Sometimes, a Remote Administration Tool is used for legitimate reasons by authorized administrators, but it may also be misused by attackers. A backdoor may take the form of an installed program, or may subvert the system through a rootkit.
  • Many computer worms install a backdoor on infected computer. Such backdoors appear to be installed so that spammers can send junk email from infected machines. Modern backdoors usually send a notification to specific email when they are activated. They report IP address of infected computer together with other information, and wait silently for attacker's command.
Malware that drops other malware
  • A dropper itself is normally not a virus, but it contains other files compressed inside its body. It may also contain legitimate files to disguise malicious activities. When it is run, it produces viruses and installs them into the infect system.
Viruses written for specific platforms
  • The virus is designed to infect Windows 32-bit executable programs, and works in different Win32-environments.

Steps to remove "Embedded.Trojan.Win32.KillAV.cn" automatically
  • Download Dr.Web CureIt! and save it in desktop.
  • Download Security Space Pro 7.0 (32/64-bit), save it in desktop.
  • Reboot computer to Safe Mode (press F8 before any Microsoft logo appears).
  • Double click "cureit.exe" on desktop, follow on screen instructions to scan hard disk.
    (Wait patiently, it may take 20-60 minutes to perform an express scan.)
  • After scanning is done, select all viruses found and choose "Cure".
    (If some files are not suitable to be cured, choose "Quarantine" or "Delete".)
  • When all viruses found are cured, quarantined, or deleted, reboot to Normal Mode.
  • Uninstall existing anti-virus software which cannot kill the viruses, and then reboot again.
  • Locate the setup file of Security Space Pro on desktop, double click to run it.
    (For step-by-step procedures, please refer to installation video guide.)
  • During setup, choose to obtain a demo key.
  • After first time update, the scanner will be launched again, quit the scanner at this point.
  • Complete the setup by rebooting computer.
  • When time is allowed (may need several hours), perform a full scan in Dr.Web Scanner.

Note :
  • If it is unable to start Windows due to virus infection, try Dr.Web LiveCD or Dr.Web LiveUSB instead of Dr.Web CureIt!
  • Time needed for express scan or full scan relies on many factors, such as system performance, available memory, running processes, number of drives and files, etc.

‹ Dr.Web CureIt! › Select Download Source

Dr.Web Global Servers Google Drive SkyDrive
Released :
2013-11-10 14:43
Released :
2013-08-16 03:25
Released :
2013-11-10 14:43
Download Dr.Web CureIt! from Dr.Web Global Servers Download Dr.Web CureIt! from Google Drive Download Dr.Web CureIt! from SkyDrive

‹ Dr.Web Security Space Pro › Select Download Source

Dropbox Google Drive SkyDrive
Released :
2013-02-07 16:02
Released :
2013-02-07 16:02
Released :
2013-02-07 16:02
Download Dr.Web Security Space Pro from Dropbox Download Dr.Web Security Space Pro from Google Drive Download Dr.Web Security Space Pro from SkyDrive

WINDOWS 7, VISTA, XP
MAC OS X 10.4 OR ABOVE

TOP 5 EMAIL VIRUSES (24HR)
23:01
 
Trojan.Fraudster.778
Trojan.Fraudster.778
 
Trojan.PWS.Panda.6971
Trojan.PWS.Panda.6971
 
Win32.HLLM.MyDoom.33808
Win32.HLLM.MyDoom.33808
 
Win32.HLLM.MyDoom.54464
Win32.HLLM.MyDoom.54464
 
BackDoor.Paper.56
BackDoor.Paper.56

TOP 5 FILE VIRUSES (24HR)
23:01
 
SCRIPT.Virus
SCRIPT.Virus
 
Trojan.InstallMonster.51
Trojan.InstallMonster.51
 
Adware.Spigot.9
Adware.Spigot.9
 
Trojan.Packed.24524
Trojan.Packed.24524
 
Adware.Downware.2095
Adware.Downware.2095

FREE ANTI-VIRUS TOOLS
  » Dr.Web CureIt!
  » Dr.Web LiveCD
  » Dr.Web LiveUSB
  » Dr.Web Light for Mac OS X
  » LinkChecker for Google Chrome
  » LinkChecker for Internet Explorer
  » LinkChecker for Mozilla Firefox
  » LinkChecker for Opera
  » LinkChecker for Safari

Member of CHKCI

|

Click to Verify Domain Originator
:: Privacy Policy Statement ::