Worm.Win32.AutoIt.yd

Worm.Win32.AutoIt.yd is a worm that launches itself without your permission and makes contact with websites, while pretending to be an anti-virus application. This behavior is often associated with infections that allow remote criminals to access your PC or infections that install other harmful programs. Worms like Worm.Win32.AutoIt.yd will often distribute themselves through networks and removable devices, and network security should be considered of paramount importance while removing Worm.Win32.AutoIt.yd.

Worm.Win32.AutoIt.yd, the Fake Anti-Virus Updater

Worm.Win32.AutoIt.yd is a recent 2011 worm that goes by several aliases, including W32/Tiotua-CO, and Worm.Win32.AutoIt. Some standard components of a Worm.Win32.AutoIt.yd infection may also be identified as separate worms – for example, W32/Tiotua-CO and Worm.Win32.Murtinda are both aliases for a file that's part of an overarching Worm.Win32.AutoIt.yd infection. When possible, all components of a Worm.Win32.AutoIt.yd infection should be deleted in a single clean sweep, to insure that Worm.Win32.AutoIt.yd will not return after a reboot.

As an unusually clever but restrained worm, Worm.Win32.AutoIt.yd will use file names like avupdate.exe and make contact with the Avira.com website to look like a normal anti-virus update utility. However, Worm.Win32.AutoIt.yd may alter your port connections without permission and create security vulnerabilities that can be exploited by remote attackers.

Remote attackers may exert control over your PC, disable security and force your computer to become part of a DDoS network, install password-stealing spyware or other harmful programs or even directly damage your computer.

Worm.Win32.AutoIt.yd may also not be limited to contacting one particular website, and may serve as a gateway for downloading other harmful programs or transferring private information from your PC and into criminal hands. The default functions of a Worm.Win32.AutoIt.yd infection are mild, but allowing Worm.Win32.AutoIt.yd to remain on your PC strongly increases the risk of more serious attacks occurring at a later date.

The Stealth UK Worm That Keeps Going Even If You Want It to Stop

By exploiting the Windows Registry Worm.Win32.AutoIt.yd can start without your permission and will do so whenever Windows loads. Due to the above file-naming tactic, you may assume that Worm.Win32.AutoIt.yd is a harmless process even while it's visible.

Worm.Win32.AutoIt.yd and similar worms are capable of copying themselves to network-shared locations and removable devices to be installed on other computers. Most worms will exploit Autorun.inf techniques to install themselves automatically, although Registry comments from Worm.Win32.AutoIt.yd indicate that the criminal behind Worm.Win32.AutoIt.yd prefers to let victims install Worm.Win32.AutoIt.yd of their own accord.

The majority of Worm.Win32.AutoIt.yd attacks have originated from the United Kingdom. Being cautious around suspicious file sources and websites from that area may help you avoid being attacked by Worm.Win32.AutoIt.yd. Since worms like Worm.Win32.AutoIt.yd can duplicate themselves indefinitely you should try to remove Worm.Win32.AutoIt.yd with an anti-virus scanner that can detect all copies of a Worm.Win32.AutoIt.yd infection.