New AntiUSBWorm :: AutoIt3.exe, Skype.lnk, Google.lnk are in circulation

This worm gets downloaded from the Internet, Dropped by other malware, Propagates via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

Creates two Folder on the Sysem
C:\Skypee
C:\Google

These are the following files inside the Skypee and Google folder:
-AutoIt3.exe
-Google.lnk
-Skypee.lnk
-googleupdate.a3x

It also creates shortcut (.LNK) files using folder names as filenames in folders in all drives.

This worm adds the registry entries to enable its automatic execution at every system startup.
AutoStart Entries :

AntiUsbWorm
AntiWormUpdate

It drops the files in the Windows Common Startup folder to enable its automatic execution at every system startup.

It also use internet to send and receive commands from a remote malicious user and the Stolen data is sent to the hackers location.

Detection and Cleaning by Net Protector Total Security :

Net Protector Total Security successfully detects and cleans this virus.

Sharing is caring!
Share

Tweet LinkedIn