Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
500 entries found. Displaying page 3 of 25.
Updated on May 17, 2014
Alert level: severe
Updated on Nov 22, 2013
Alert level: severe
Updated on Dec 02, 2013
Alert level: severe
Updated on Apr 11, 2011
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Autorun.QF is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new machines. Commonly, worms may spread directly by copying themselves to removable or network drives, or by attempting to exploit particular vulnerabilities on targeted machines. Worms also often attempt to spread via platforms that require user interaction in order to run. They may send themselves as an attachment to an email or an instant message, or send a link to a copy of themselves in the body of a message. In these cases the message needs to be convincing enough to encourage the victim to click on the link or attachment and run or download a copy of the worm.
Alert level: severe
Updated on Feb 29, 2012
Worm:Win32/Autorun.AEU is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Variants of Worm:Win32/Autorun usually spread using methods that include, but may not be limited to, copying themselves to removable or network drives, and placing an autorun.inf file in the root directory of each affected drive in an attempt to ensure that the worm is run when the removable drive is attached, or the network drive is visited from a remote system supporting the Autorun feature.
Alert level: severe
Updated on Feb 09, 2012

Worm:Win32/Autorun.gen!AED is the worm component of Backdoor:Win32/Poison.E. Variants of Worm:Win32/Autorun usually spread using methods that include, but may not be limited to, copying themselves to removable or network drives, and placing an autorun.inf file in the root directory of each affected drive in an attempt to ensure that the worm is run when the removable drive is attached, or the network drive is visited from a remote system supporting the Autorun feature.

In the wild, Worm:Win32/Autorun.gen!AED has been observed to be packaged with two components: a clean application (usually a program called "Resource Hacker") and Backdoor:Win32/Poison.E. The package containing all three components is usually created by a tool detected as Virtool:Win32/Obfuscator.C.

Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Autorun.AAW is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Variants of Worm:Win32/Autorun usually spread using methods that include, but may not be limited to, copying themselves to removable or network drives, and placing an autorun.inf file in the root directory of each affected drive in an attempt to ensure that the worm is run when the removable drive is attached, or the network drive is visited from a remote system supporting the Autorun feature.
Alert level: severe
Updated on Apr 19, 2011
Worm:Win32/Autorun.ZJ is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Variants of Worm:Win32/Autorun usually spread using methods that include, but may not be limited to, copying themselves to removable or network drives, and placing an autorun.inf file in the root directory of each affected drive in an attempt to ensure that the worm is run when the removable drive is attached, or the network drive is visited from a remote system supporting the Autorun feature.
Alert level: severe
Updated on Oct 10, 2013

Windows Defender Antivirus detects and removes this threat.

This is a detection for a file, called autorun.inf, that can be used by worms when they spread to local, network, or removable drives.

The file has instructions to launch the malware automatically when the removable drive is connected to a PC with the Autorun feature turned on.

This is a common way for malware to spread. However, autorun.inf files on their own are not necessarily a sign of infection; they are also used by legitimate programs.

See our infographic to the right which shows how these worms can spread. 

Alert level: severe
Updated on Sep 19, 2011
Worm:Win32/Autorun.ADB is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Variants of Worm:Win32/Autorun usually spread using methods that include, but may not be limited to, copying themselves to removable or network drives, and placing an autorun.inf file in the root directory of each affected drive in an attempt to ensure that the worm is run when the removable drive is attached, or the network drive is visited from a remote system supporting the Autorun feature.
Alert level: severe
Updated on Jul 20, 2011
Worm:Win32/Autorun.ACS is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Variants of Worm:Win32/Autorun usually spread using methods that include, but may not be limited to, copying themselves to removable or network drives, and placing an autorun.inf file in the root directory of each affected drive in an attempt to ensure that the worm is run when the removable drive is attached, or the network drive is visited from a remote system supporting the Autorun feature.
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Autorun.AAZ is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Variants of Worm:Win32/Autorun usually spread using methods that include, but may not be limited to, copying themselves to removable or network drives, and placing an autorun.inf file in the root directory of each affected drive in an attempt to ensure that the worm is run when the removable drive is attached, or the network drive is visited from a remote system supporting the Autorun feature.
Alert level: severe
Updated on Apr 16, 2011

Worm:VBS/Autorun.BN!inf is an "autorun.inf" file that is dropped by Worm:VBS/Autorun.BN and used by the worm to propagate through removable drives.

Alert level: severe
Updated on Nov 12, 2012
Worm:Win32/Autorun.AGQ is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Variants of Worm:Win32/Autorun usually spread using methods that include, but may not be limited to, copying themselves to removable or network drives, and placing an autorun.inf file in the root directory of each affected drive in an attempt to ensure that the worm is run when the removable drive is attached, or the network drive is visited from a remote system supporting the Autorun feature.
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Autorun.VV!inf is a detection for an Autorun configuration file named "autorun.inf" that attempts to run Worm:Win32/Autorun.VV.
Alert level: severe
Updated on Apr 11, 2011
Worm:AutoIt/Autorun.U is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Variants of Worm:Win32/Autorun usually spread using methods that include, but may not be limited to, copying themselves to removable or network drives, and placing an autorun.inf file in the root directory of each affected drive in an attempt to ensure that the worm is run when the removable drive is attached, or the network drive is visited from a remote system supporting the Autorun feature.
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Autorun.TB is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Variants of Worm:Win32/Autorun usually spread using methods that include, but may not be limited to, copying themselves to removable or network drives, and placing an autorun.inf file in the root directory of each affected drive in an attempt to ensure that the worm is run when the removable drive is attached, or the network drive is visited from a remote system supporting the Autorun feature.
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Autorun.RH is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Variants of Worm:Win32/Autorun usually spread using methods that include, but may not be limited to, copying themselves to removable or network drives, and placing an autorun.inf file in the root directory of each affected drive in an attempt to ensure that the worm is run when the removable drive is attached, or the network drive is visited from a remote system supporting the Autorun feature.
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Autorun.XR is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Commonly, worms may spread directly by copying themselves to removable or network drives, or by attempting to exploit particular vulnerabilities on targeted computers. Worms also often attempt to spread via platforms that require user interaction in order to run. They may send themselves as an attachment to an email or an instant message, or send a link to a copy of themselves in the body of a message. In these cases the message needs to be convincing enough to encourage the victim to click on the link or attachment and run or download a copy of the worm.
Alert level: severe