What is “Dropped:Trojan.AutorunINF.Gen”?

Malware Removal

The Dropped:Trojan.AutorunINF.Gen is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Dropped:Trojan.AutorunINF.Gen virus can do?

  • Creates RWX memory
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Creates an autorun.inf file
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself
  • Created a service that was not started
  • Anomalous binary characteristics

How to determine Dropped:Trojan.AutorunINF.Gen?


File Info:

crc32: BB53813C
md5: 252bc3080a451a6ebee279b6e418cae2
name: 252BC3080A451A6EBEE279B6E418CAE2.mlw
sha1: 2607f268310e1c28672b702d623f061299c6a969
sha256: 7d91a340e0f56c4d62321ad9872e4d43d77c3acaed12992eff22a806778267fa
sha512: 9f7a61a3986f06a97d2a6c2c27903d2354cc00d485836519ac468e0e79985db2912073b8a89015761f04de94842348e9ff049426164c4aa0fedb7f18e11b8911
ssdeep: 196608:ytd2tdn/izLsuNtdn/izLsu83ElN2jYmeDP3b:ytd2td/sIuNtd/sIu83CareDvb
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:

0: [No Data]

Dropped:Trojan.AutorunINF.Gen also known as:

Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.252bc3080a451a6e
Qihoo-360HEUR/QVM19.1.5984.Malware.Gen
McAfeeArtemis!252BC3080A45
CylanceUnsafe
K7AntiVirusP2PWorm ( 004d02611 )
K7GWP2PWorm ( 004d02611 )
CrowdStrikewin/malicious_confidence_100% (D)
CyrenW32/DelfInject.E.gen!Eldorado
SymantecTrojan.Gen.6
TotalDefenseWin32/Otran.F
APEXMalicious
KasperskyVirus.Win32.Renamer.a
BitDefenderDropped:Trojan.AutorunINF.Gen
NANO-AntivirusVirus.Win32.Renamer.bwvun
MicroWorld-eScanDropped:Trojan.AutorunINF.Gen
Ad-AwareDropped:Trojan.AutorunINF.Gen
SophosTroj/Otran-A
ComodoTrojWare.Win32.Trojan.Agent.Gen@6vg3r
DrWebWin32.HLLW.Autoruner.26228
VIPREPacker.NSAnti.Gen (v)
InvinceaML/PE-A + Troj/Otran-A
McAfee-GW-EditionBehavesLike.Win32.Autorun.wc
EmsisoftDropped:Trojan.AutorunINF.Gen (B)
IkarusTrojan-Dropper.MSWord.1Table
GDataDropped:Trojan.AutorunINF.Gen
JiangminTrojan/Agent.aepk
AviraTR/Renamer.fupp
ArcabitTrojan.AutorunINF.Gen
ZoneAlarmVirus.Win32.Renamer.a
AhnLab-V3Win-Trojan/Autorun.Gen
Acronissuspicious
BitDefenderThetaAI:Packer.2D0576F520
MAXmalware (ai score=84)
VBA32BScope.Trojan.AVKill
MalwarebytesWorm.AutoRun
PandaW32/Cosne.A
ESET-NOD32a variant of Win32/AutoRun.Delf.ET
RisingWorm.Wswhacker!1.9A86 (CLASSIC)
YandexTrojan.GenAsa!FvHimHZrzmM
SentinelOneStatic AI – Suspicious PE
FortinetW32/Generic.AC.39C8!tr
Cybereasonmalicious.80a451

How to remove Dropped:Trojan.AutorunINF.Gen?

Dropped:Trojan.AutorunINF.Gen removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment