|Short Description||This particular threat downloads various unwanted programs on the user PC|
|Symptoms||Slow PC, unknown programs, antivirus starts blocking different threats|
|Distribution Method||Via spam mail or by careless online clicking. Redirects by adware PUPs are possible|
|Detection tool||Download SpyHunter, to See If Your System Has Been Affected By TrojanDownloader:AutoIt/Fadef|
A new type of trojan going by the name of TrojanDownloader:Autoit/Fadef has been reported to infect numerous PCs worldwide. This particular trojan horse is a downloader type, meaning that it modifies individual permissions that allow it to download and install several different programs on your computer in the background without your consent. The Trojan may use process migration to deceive your average antivirus program by transferring the hidden processes it runs to other executables. Experts recommend isolating the threat and automatically removing it with an advanced anti-malware scanning tool.
How Did TrojanDownloader:AutoIt/Fadef infect my PC?
Attackers have two types of strategies when they affect user PCs. One of them is targeted attack that is designed for a particular computer or a network of computers in an organization. It is usually done with a particular purpose this is why it is performed by MiTM attacks or Spoof emails. Given that this type of trojan is ‘Downloader’ we cannot rule out the fact that since it is believed to download numerous unwanted programs on the user PC, it may be distributed via massive spam mail campaigns that may resemble famous websites, like PayPal, eBay, Amazon, Alibaba and others. The threat may also be administered via social networks, like Facebook, Google+, Twitter and others, mainly via spam bots that post on users’ behalf. Also, you may have been infected by being redirected to a malicious site. This can happen if you have a browser hijacker or another PUP(Potentially Unwanted Programs) on your machines. Some PUPs cause redirects to client sites that may be dangerous to the user.
How Dangerous is TrojanDownloader:AutoIt/Fadef?
There are numerous possibilities of how this vile threat can influence your machine. One detail is that it is a trojan horse after all, and this means that it can undermine critical processes and may download applications that do different devious deeds:
- Encrypt user files and extort him for their unlocking (Ransomware).
- Delete user files (Depending on the cyber-criminal).
- Track the user’s typing key by key to steal passwords and other credentials. (Keyloggers)
- Send copies of user data to the attacker.
- Crash the operating system.
- Lock the user out of their PC.
- Conduct cyber-attacks from this computer (Common in botnets known as zombie networks).
- Control the PC hardware (Activate the camera, CD/DVD, etc.)
- Install a rootkit in the firmware of the computer, which is very difficult to remove and may be present even after a complete memory wipe-out and a freshly installed operating system.
More to it than that the Trojan is believed to created several different files in the %temp% and %appdata% locations in Windows, as well as keys and entries in the Registry Editor (RegEdit). This is done with the purpose of modifying different OS settings hence make itself harder to erase from the system.
TrojanDownloader:AutoIt/Fadef – How To Detect And Remove It?
When it comes to trojan horses, you have to implement different removal tactics in comparison to other malware. Since a Trojan has an active connection to a foreign server and has FTP enabled, it is important to isolate the cyber threat by disconnecting from the web. Then you should download an anti-malware program from a safe device that will detect all of the files affected and downloaded by this menace. The program should be with the latest definitions to remove every associated objects. To safely scan your PC, it is recommended to boot it in safe mode without networking to run it only with the essential Windows components and drivers. After scanning your computer with the anti-malware, a simple restart should be all that is necessary.
Bear in mind to backup your important data before removing any malicious files that may change critical windows elements which when quarantined may crash your operating system. It is recommended to use an external flash drive or other memory carrier device. Also, experts recommend to backup your files, using a live operating system, from a live cd or an USB stick. For more information and instructions about cleaning up the threat, refer to the instructions after this article.
Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter