Last week I was asked to check a Windows 7 x64 laptop due an extremely poor performances, so as first step I run a complete scan with AntiMalwareBytes free and Avira Antivirus. This two great free software made a great works cleaning more than 170 infected objects!! After the reboot another scan has been started just to be sure that everything was fine and the results confirmed the clean status.
Two days ago the same laptop starts to create strange links on every USB stick plugged so I start a manual analysis of the behavior (unfortunately my Cuckoo Sandbox is building up and not ready yet): using a clean just formatted pen-drive I copied a test folder on the USB and after few seconds that folder was hidden and replaced by a link with the same folder name addressing the following command:
C:\Windows\system32\cmd.exe /c start mmpifmxnth..vbs&start explorer <folder_name>&exit
[Read more…]
The right place for a safer Net
Latest Tweets
- The latest FantaGhost Daily! https://t.co/TUvT7SUurR Yesterday at 9:02 am
- The latest FantaGhost Daily! https://t.co/EddO5eEyFu August 17, 2019 9:02 am
- The latest FantaGhost Daily! https://t.co/eJv9LR2ZYl August 10, 2019 9:02 am
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
