Dangerous Trojan Activity This Week

August 04, 2008

Promo Protect all your devices, without slowing them down.
Free 30-day trial

The first e-threat we are going to look at is Win32.Worm.Autoit.AL, which is a worm that impersonates a friendly malware removing application. It copies itself into %programfiles%FlashGuardFlashGuard.exe and creates a readme.txt file which contains the following lines:

“This tiny software is used to protect removable storage devices from worms that are spread from one PC to another. ”

It creates registry keys to execute at system startup. It checks for the existence of various processes that are supposed to be malware and kills them. It also removes all files from

Author

Bogdan BOTEZATU

Bogdan is living his second childhood at Bitdefender as director of threat research.

View all posts

Dangerous Trojan Activity This Week

Author

Bogdan BOTEZATU

Right now Top posts

Spam trends of the week: Crypto giveaways, false prophets, Fintech phishing scams and more hit user inboxes worldwide

Start Cyber Resilience and Don’t Be an April Fool This Spring and Beyond

Spam trends of the week: Cybercrooks phish for QuickBooks, American Express and banking accounts

Protecting your important: Stick to these 8 cybersecurity tips for safe Black Friday and Cyber Monday deal hunting

FOLLOW US ON SOCIAL MEDIA

You might also like

How to keep your Android device immune to malicious vaccine themed apps

Facebook Takes Down Two Hacking Groups Operating out of Palestine

Ransomware attack causes supermarket cheese shortage in the Netherlands

Bookmarks