Worm.Autorun Description

Worm.Autorun is a family of worms that spread through systems by altering the present autorun.inf file on any removable media sources, such as USB drives, DVDs and the like. It is made with the intent to infect any system where such media sources are connected.

Autorun worms are often distributed through the use of executable files. The file may be a copy created in a previous worm infection or it may have been dropped on a device or the computer by exploit kits or trojans. The executables are often saved to the root directory on a computer or a disk drive, USB flash drives, mobile devices and more.

Creation of copies and infection spread

When the worm file is initially launched, it makes a copy of itself onto one or several drives on the device or computer it's present on. Some of the Autorun worms may also create copies of themselves over a shared network. As this keeps going on, the worm also creates an autorun.inf file in the root directory of any affected drive. The .inf file has the name and the location of the worm copy, and it also happens to be responsible for making more copies, even if the original file of the worm is never started up again.

If the affected drive or device gets opened, such as File Explorer, the .inf file is run automatically, which activates the worm copy, which makes more copies, repeating the cycle on and on again.

If the drive is a removable USB flash drive, then every time it is inserted in a clean computer or a device, that .inf file will launch the worm copy stored inside it, spread the infection onto the newly connected device or computer.

Autorun worms may also have a malicious payload that is used to distribute harmful software such as trojans and backdoors.

Do You Suspect Your Computer May Be Infected with Worm.Autorun & Other Threats? Scan Your Computer with SpyHunter

SpyHunter is a powerful malware remediation and protection tool designed to help provide users with in-depth system security analysis, detection and removal of a wide range of threats like Worm.Autorun as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover*
Free Remover allows you, subject to a 48-hour waiting period, one remediation and removal for results found. Read our EULA, Privacy Policy & Special Discount Terms. See more Free SpyHunter Remover details.

Related Posts

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.