A Trojan currently spreading using USB drives, social networks and Skype and USB drives has its own antivirus module to remove other malware on infected systems. According to Russian anti-virus vendor Dr. Web the antivirus module of the Trojan performs pretty well. 
The Tofsee Trojan automatically posts messages to Skype, Twitter and Facebook that supposedly point to shocking videos, once users click the links they receive a message that they require a 'DivX plugin' to view the video. In reality they install the malware. Once the Trojan is installed it authenticates itself to the social networks, using cookies stored on the system and starts posting on the users' accounts.
The installed Trojan also activates a module that scans the infected system for malware. The module scans the HDDs for a specific list of files, entries in the Windows registry and active processes on the system. Once malware is detected the module removes it.
Cybercriminals are using infected systems to send spam, which appears to be the real purpose of the Trojan. The developers of the Trojan uses a proprietary templating engine that uses its own scripting language to generate spam messages efficiently.
