Worm.Autorun is a family of worms that spread through systems by altering the present autorun.inf file on any removable media sources, such as USB drives, DVDs and the like. It is made with the intent to infect any system where such media sources are connected.
Autorun worms are often distributed through the use of executable files. The file may be a copy created in a previous worm infection or it may have been dropped on a device or the computer by exploit kits or trojans. The executables are often saved to the root directory on a computer or a disk drive, USB flash drives, mobile devices and more.
Creation of copies and infection spread
When the worm file is initially launched, it makes a copy of itself onto one or several drives on the device or computer it's present on. Some of the Autorun worms may also create copies of themselves over a shared network. As this keeps going on, the worm also creates an autorun.inf file in the root directory of any affected drive. The .inf file has the name and the location of the worm copy, and it also happens to be responsible for making more copies, even if the original file of the worm is never started up again.
If the affected drive or device gets opened, such as File Explorer, the .inf file is run automatically, which activates the worm copy, which makes more copies, repeating the cycle on and on again.
If the drive is a removable USB flash drive, then every time it is inserted in a clean computer or a device, that .inf file will launch the worm copy stored inside it, spread the infection onto the newly connected device or computer.
Autorun worms may also have a malicious payload that is used to distribute harmful software such as trojans and backdoors.
Do You Suspect Your PC May Be Infected with Worm.Autorun & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Worm.Autorun as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your PC. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.