Virus writers have created a Trojan that deletes illicit files from compromised Windows PCs in addition to harvesting data from infected machines.

Erazer-A is spreading (albeit modestly) across P2P networks, where it poses as useful program files, or through chat programs.

If executed, the malware scours folders used for P2P apps for AVI, MP3, MPEG, WMV, GIF, ZIP and other files. It then erases any porn, warez, music or any other matching file type found in P2P directories before dropping copies of itself (using names such as names such as game.exe, goporn.exe, nero7.exe and officexpcrack.exe) in the shared folders of peer-to-peer (P2P) applications.

Erazer-A also turns off security applications running on the compromised machine. More information on the malware, and how to defend against it, can be found in an analysis by UK-based anti-virus firm Sophos here. ®

Related stories

US warez sitemaster jailed for 30 months (1 May 2008)
Kid's 'new' MP3 player was preloaded with smut (31 December 2007)
Worm eats music on infected PCs (31 July 2007)
Adware poses as ActiveX control (17 April 2007)
'Spyware' teacher found guilty of exposing kids to smut (11 January 2007)
Germany jails €12m porn Trojan scam duo (22 December 2006)
Korean police break phone sex scam (14 November 2006)
VXers target online video (1 November 2006)
Spyware dominates malware production efforts (12 June 2006)
Top of the sops (8 June 2006)
Japanese power plant secrets leaked by virus (17 May 2006)
Trojan uses smut to filch bank details (5 May 2006)
Webcam Trojan suspect arrested in Spain (20 January 2005)
Trojans exploit Windows DRM loophole (13 January 2005)
Corporate PCs 'riddled with spyware' (2 December 2004)