Welcome to the Virus Encyclopedia of Panda Security.
It carries out several modifications in the Windows Registry, which prevent the computer from working properly and uses several techniques in order to make its detection more difficult. It spreads through removable, shared and mapped drives.
|First detected on:||May 29, 2008|
|Detection updated on:||May 29, 2008|
|Yes, using TruPrevent Technologies
Autocrat.A is a worm that carries out several modifications in the Windows Registry, which prevent the user from carrying out the following actions, among others:
- Viewing the processes that are being run through the Task Manager.
- Accessing the Windows Registry Editor.
Additionally, it hides the files and folders with hidden attributes and the extensions of the files, in order to make its detection more difficult.
Autocrat.A spreads through removable, shared and mapped drives, making copies of itself in them.
Autocrat.A is easy to recognize once it has affected the computer, as when it is run, it attempts to open the folder C:\Documents. If it is not found, Windows displays an error message which says that the folder does not exist. This folder does not exist in the computer by default.