Selected viruses, spyware, and other threats: sorted alphabetically
Short descriptionWin32/Autoit.GR is a worm that spreads by copying itself into certain folders.
InstallationWhen executed, the worm copies itself into the following location:
"SVCHO5T.EXE" = "%system%SVCHO5T.EXE"
SpreadingThe worm searches local drives for files with the following file extensions:
The worm also searches for folders on local drives.
When the worm finds a folder matching the search criteria, it creates a new copy of itself.
The name of the new file is based on the name of the folder found in the search.
The filename has the following extension:
- %foundfolder%, %system%%foundfolder%
Spreading on removable mediaThe worm copies itself into the root folders of removable drives using the following filename:
Other informationThe worm may set the following Registry entries:
"NoFolderOptions" = 1