{
	"id": "cee21d39-42a8-446c-8b91-1d1f14703b43",
	"created_at": "2026-04-06T00:19:24.79217Z",
	"updated_at": "2026-04-10T03:21:02.269702Z",
	"deleted_at": null,
	"sha1_hash": "0928480519796339dab2a2ba1300dc48a240f83d",
	"title": "PC Users Threatened by Conficker Worm and new Internet-browser Modifier",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 42918,
	"plain_text": "PC Users Threatened by Conficker Worm and new Internet-browser Modifier\r\nArchived: 2026-04-05 16:24:36 UTC\r\n05 Aug 2009\r\nConficker most widespread in Eastern Europe\r\nNew Threat, Win32/FlyStudio most widespread in China\r\nHigh share of threats exploiting MS Windows autorun.inf function\r\nFor the month of July, ESET’s statistical threat evaluation system - ThreatSense.Net has evaluated the variant of\r\nWin32/Conficker worm as the single most widespread form of malware with a share of 10.67% globally. Other\r\nforms of malware still spreading on a mass scale include the types such INF/Autorun , exploiting the MS\r\nWindows autorun.inf function. Their share of 8.39% places them second on ESET‘s threat list. Third place\r\n(7.92%) went to a family of Win32/PSW.OnLineGames Trojans and their variants especially targeting online\r\ngamers.\r\nWin32/Agent designed to steal information from PCs placed fourth with 2.59%. The newcomer -\r\nWin32/FlyStudio closes the top 5 list with 2.38% share of threats detected. The Win32/FlyStudio threat is\r\ndesigned to modify information inside the victim's Internet browser. This threat will modify search queries, with\r\nthe intention of delivering advertisements to the user. Win32/FlyStudio uses a scripting language popular among\r\nmalware writers and ranks among the most widespread threats China. USA, Mexico and Argentina are also among\r\ncountries with high occurrence rates of this type of malware.\r\nGlobal Threats as tabulated by ESET ThreatSense.Net® (July 2009)\r\nEUROPE, MIDDLE EAST, AFRICA (EMEA)\r\nhttps://www.eset.com/int/about/newsroom/press-releases/announcements/press-threatsense-report-july-2009/\r\nPage 1 of 2\n\nConficker remains top threat in Easter Europe, on rise in UK and Italy. For the month of July, Slovakia and the\r\nCzech Republic remain among regional exceptions where Win32/TrojanDownloader.Bredolab.AA is the most\r\nwidespread threat, with a share of 5.89% and 6.48%, respectively. This kind of malware has the capability to copy\r\nitself into the system files and executing itself with every boot-up. At the same time, it establishes communication\r\nwith a remote server via HTTP protocol. In other words, when this trojan horse is in the PC system, its only\r\nmission is downloading additional malware – especially adware, spyware or other threats out from different\r\nservers and places on the internet.\r\nAlso afflicting other European countries, Win32/TrojanDownloader.Bredolab.AA ranks lower to Win32/Conficker\r\nthat remains top threat in Ukraine (32.55%); Russia (23.02%); Bulgaria and Lithuania (15.43%); Romania\r\n(15.4%); South Africa (12.22%); Italy (10.4%); Great Britain (7.97%); Austria (5.31%), and Germany (4.46%).\r\nFor the month of July, Poland and France were dominated by a mixture of Trojans of the\r\nWin32/PSW.OnLineGames family targeting the virtual identities of online gamers. The share of intercepted\r\ninfiltrations of this type of threat reached 14.12% in Poland and 11.23% in France.\r\nAs far as the region of Northern Europe is concerned, it is dominated by an array of malware grouped under the\r\nWMA/TrojanDownloader.GetCodec category. The same applies for the countries of Benelux. These Trojans are\r\nengineered to go through all the digital music files, modifying their format in such a way that upon execution, a\r\nmalicious content is downloaded from a pre-defined web-site. The share of occurrence of this form of malware\r\nhas reached 4.01% in Sweden, 12.66% in Norway; 12.46% in Estonia and 15.53% in Belgium.\r\nINF/Autorun remains a top threat in the United Arab Emirates (9.55%) and Israel (4.64%).\r\nAbout ESET\r\nFounded in 1992, ESET is a global provider of security solutions for corporate customers and households. From a\r\nsmall family-sized venture, ESET has evolved into a leader in proactive malware detection and is in the front lines\r\nof combating emerging cyberthreats. Its flagship solutions - ESET NOD32 Antivirus and ESET Smart Security,\r\nbuilt on the award-winning ThreatSense® engine are trusted by millions of users to protect their computers\r\nagainst a host of Internet-borne malware, such as viruses, trojans, worms, adware, spyware, phishing, rootkits.\r\nESET has headquarters in Bratislava, Slovakia with branch offices in Prague, Czech Republic; San Diego, USA;\r\nand Buenos Aires, Argentina. ESET‘s security solutions are available in more than 160 countries worldwide. In\r\n2008, ESET opened its new development center in Krakow, Poland and was ranked by Deloitte Technology Fast\r\n500 as one of the fastest growing technology companies in the EMEA region.\r\nThreatSense.Net® collects anonymous statistical information packets about the types of infiltrations detected on\r\nthe users' workstations. Thanks to this information, the ESET Virus Lab has access to real-time accurate and\r\nrelevant information about the most wide-spread infiltrations. The infiltrations detected by the heuristic analysis\r\nare then tabulated, with the update against malware issued before it can spread or mutate into a different variant.\r\nSource: https://www.eset.com/int/about/newsroom/press-releases/announcements/press-threatsense-report-july-2009/\r\nhttps://www.eset.com/int/about/newsroom/press-releases/announcements/press-threatsense-report-july-2009/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"references": [
		"https://www.eset.com/int/about/newsroom/press-releases/announcements/press-threatsense-report-july-2009/"
	],
	"report_names": [
		"press-threatsense-report-july-2009"
	],
	"threat_actors": [],
	"ts_created_at": 1775434764,
	"ts_updated_at": 1775791262,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/0928480519796339dab2a2ba1300dc48a240f83d.pdf",
		"text": "https://archive.orkl.eu/0928480519796339dab2a2ba1300dc48a240f83d.txt",
		"img": "https://archive.orkl.eu/0928480519796339dab2a2ba1300dc48a240f83d.jpg"
	}
}