May 12, 2006, 1:57 PM — A "vigilante" Trojan, that attempts to protect infected PCs from the effects of malware caught while using peer-to-peer file-sharing networks, has been discovered.
The Windows Trojan/Erazer-A Trojan looks at default folders for downloading MP3, AVI, MPEG, WMV, Gif, Zip graphic and video files, and wipes anything it finds with these extensions in the target locations.
The assumption is that because the Trojan is only deleting certain file types in specific download directories used by P2P programs -- one of the main sources of inadvertent malware infection -- it is attempting to protect those it manages to infect.
The catch is that the program also attempts to subvert certain security programs to aid its activities, which opens the user to a more general risk of infection or program instability. It also appears to steal information.
The company that first uncovered it spreading among its customers, Sophos, has dubbed it as a
