W32/AutoRun-AOG

By Domesticus in Worms

Translate To:

W32/AutoRun-AOG is a computer worm for the Windows platform. W32/AutoRun-AOG spreads via removable storage devices, copying itself to these shared drives and then executing once the drives are connected to an uninfected computer. W32/AutoRun-AOG may also attempt to spread through network shares by cataloging existing network drives on the computer and copying itself as True_Love.exe.

File System Details

W32/AutoRun-AOG may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	\MsRun32.exe
Name: \MsRun32.exe Type: Executable File
2.	\autorun.ini
Name: \autorun.ini

Registry Details

W32/AutoRun-AOG may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\SystemDisableRegistryTools 1

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Shell Explorer.exe MsRun32.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ExplorerNofolderOptions 1

HKCU\Software\Microsoft\Windows\CurrentVersion\Run MSN Messengger \MsRun32.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\WorkgroupCrawler\Shares shared\True_Love.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\SystemDisableTaskMgr 1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL CheckedValue 0

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

W32/AutoRun-AOG

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen