Hello!

You’re about to visit our web page in English
Would you like to continue?

Yes, I want to visit the web page in English No, I want to visit the web page in

If this is not what you’re looking for,

Visit our Welcome Page!

My Account

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Autorun.INF
Threat LevelLow threat
DamageHigh
DistributionNot widespread

At a glance

Common name:Autorun.INF
Technical name:W32/Autorun.INF.worm
Threat level:Medium
Type:Worm
Effects: It spreads and affects other computers. It spreads , via mapped drives, through shared network resources, by infecting files that are then distributed.
Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:Feb. 4, 2009
Detection updated on:Sept. 21, 2009
StatisticsNo

Brief Description

Autorun.INF is a worm that spreads by copying itself, without infecting other files.

Autorun.INF uses the following propagation or distribution methods:

  • Exploiting vulnerabilities with the intervention of the user: exploiting vulnerabilities in file formats or applications. To exploit them successfully it needs the intervention of the user: opening files, viewing malicious web pages, reading emails, etc.
  • Computer networks (mapped drives): it creates copies of itself in mapped drives.
  • Computer networks (shared resources): it creates copies of itself in shared network resources to which it has access.
  • File infection: it infects different types of files, which are then distributed through any of the usual means: floppy disks, email messages with attachments, Internet download, files transferred via FTP, IRC channels, P2P file sharing networks, etc.

Tech details

Effects

The main objective of Autorun.INF is to spread and affect other computers.

Means of transmission


Propagation via mapped drives:

Autorun.INF checks if the infected computer is connected to a network.

If so, it makes an inventory of all mapped drives and creates a copy of itself in each of them.

Propagation through shared network resources:

Autorun.INF checks if the infected computer is connected to a network. If so, it tries to spread to the shared network drives.

To do this, it tries to gain access to these shared drives, using typical or easily guessed passwords.

Distribution of infected files:

Autorun.INF does not spread automatically using its own means, but infects files of the following types:

    They reach computers when previously infected files are distributed, entering computers through any of the usual channels: floppy disks, email messages with attachments, Internet download, files transferred via FTP, IRC channels, P2P file sharing networks, etc.

    Further Details

    Autorun.INF has the following additional characteristics:

    • It is 128 bytes in size.

Solution

See solution

Anytech logo

Call us 24/7 and get a FREE DIAGNOSIS

+1 (323) 395 2630

logo

Panda Security, a WatchGuard Technologies brand, offers the most advanced protection for your family and business. Its Panda Dome range provides maximum security against viruses, ransomware and computer espionage, and is compatible with Windows, Mac, Android and iOS.

    About Panda
    Company Info Reviews Awards and certifications Panda Worldwide Blog Security Info
    Home Users
    Panda Dome portfolio Customer Login Page Online Antivirus Downloads Free Antivirus Free VPN Offers
    Business - WatchGuard Technologies
    WatchGuard Endpoint Security Network Security Authpoint MFA Secure Wi-Fi Partners
    Visa Master Card Maestro Pay Pal Apple Pay
    Bank Transfer iDeal Klarna
    Privacy Policy Legal Notice Cookie Policy Return Policy