Last week I was asked to check a Windows 7 x64 laptop due an extremely poor performances, so as first step I run a complete scan with AntiMalwareBytes free and Avira Antivirus. This two great free software made a great works cleaning more than 170 infected objects!! After the reboot another scan has been started just to be sure that everything was fine and the results confirmed the clean status.
Two days ago the same laptop starts to create strange links on every USB stick plugged so I start a manual analysis of the behavior (unfortunately my Cuckoo Sandbox is building up and not ready yet): using a clean just formatted pen-drive I copied a test folder on the USB and after few seconds that folder was hidden and replaced by a link with the same folder name addressing the following command:
C:\Windows\system32\cmd.exe /c start mmpifmxnth..vbs&start explorer <folder_name>&exit
[Read more…]
The right place for a safer Net
Latest Tweets
- The latest FantaGhost Daily! https://t.co/GfZOf7Bawd April 20, 2019 9:02 am
- The latest FantaGhost Daily! https://t.co/ekMp10Fp4h April 13, 2019 9:02 am
- The latest FantaGhost Daily! https://t.co/meqU7nG4jk April 6, 2019 9:02 am
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
