Win32/SillyAutorun.FTW
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 4,504 |
Threat Level: | 10 % (Normal) |
Infected Computers: | 2,548 |
First Seen: | June 13, 2013 |
Last Seen: | September 20, 2023 |
OS(es) Affected: | Windows |
There have been recent reports of a dangerous Autorun worm that is used to infect removable drives in order to spread from one computer to another. This worm, identified as Win32/SillyAutorun.FTW, uses several advanced techniques to infect computers while avoiding detection. Like most worms, Win32/SillyAutorun.FTW copies itself to the targeted drive and then makes changes to the infected computer's settings that allow Win32/SillyAutorun.FTW to run automatically during each start-up. Win32/SillyAutorun.FTW detects whether there are any removable drives connected to the infected computer and then makes a copy of itself on these drives.
Table of Contents
The Win32/SillyAutorun.FTW Infection Process
While worms that target removable drives are quite common, Win32/SillyAutorun.FTW uses two simple techniques that allow Win32/SillyAutorun.FTW to trick computer users into ignoring its presence. First, Win32/SillyAutorun.FTW will not copy itself to removable drives connected to the infected computer immediately. Rather, Win32/SillyAutorun.FTW will wait a while before doing this. Win32/SillyAutorun.FTW will also overwrite infected files one by one rather than all at once. Both of these simple techniques mean that a computer user connecting a removable drive to the infected computer will not notice an immediate change, making it more likely that they will not become aware of the Win32/SillyAutorun.FTW worm's presence, which will start the infection process only after the victim's guard is down. Win32/SillyAutorun.FTW hides its files from view, using Windows Explorer's own settings to do this. Once installed, Win32/SillyAutorun.FTW is designed to send out messages through social media and an email containing an attachment with the Win32/SillyAutorun.FTW and a message claiming that the attachment is actually a photo.
Protecting Your Computer from the Win32/SillyAutorun.FTW Worm
Some simple measures can prevent a Win32/SillyAutorun.FTW infection on your computer. First of all, ensure that your file system allows you to see hidden files so that you can observe the contents of all removable drives immediately. Also ensure that all removable drives are fully scanned with a reliable anti-malware program before opening any of their files. Always avoid opening email attachments and embedded links if they are unsolicited, even if they were sent by a friend or acquaintance. Taking these simple measures can prevent Win32/SillyAutorun.FTW from being installed on your computer. These kinds of malware threats can be used to distribute malware used to steal important personal information or to spy on your online activity, so it is extremely important to prevent them from entering your computer.
File System Details
# | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|
1. |
C:\Documents and Settings\ |
Registry Details
URLs
Win32/SillyAutorun.FTW may call the following URLs:
search.mapsrch-site.net |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.