How to Remove the autorun.exe virus from PC

What is autorun.exe?

autorun.exe is a legitimate executable file developed by Microsoft. This process is known as AutoPlay Application and it belongs to AutoPlay Media Studio. It is commonly stored in 'C:\DOCUME~1\roger\LOCALS~1\Temp\ir_ext_temp_0\' folder. Cybercriminals find a way out to mimic malicious programs in the name of autorun.exe to spread malware infection.

Affected Platform: Windows OS

How to detect whether your system is affected by autorun.exe?

Viruses can easily affect and corrupt “.exe” files causing several system malfunctions. Below are the symptoms to check if your system is infected with the malware:

Problem during computer start-up.
Problem during program start-up.
Errors while running specific functions.
Damaged and missing link files.
Conflict in the process.
Missing or corrupted driver files.
Invalid Windows registry.
Hardware malfunction.

To further establish the infection of malware, take the following steps:

Go to Task Manager by pressing the combination of keys CTRL+ALT+DEL.
Go to the process tab and right-click on the autorun.exe file and open its location.

If the file is located outside 'C:\DOCUME~1\roger\LOCALS~1\Temp\ir_ext_temp_0\' folder, then you should perform an antivirus scan to get rid of the malware infection.

How does Comodo Antivirus help you to protect your system from autorun.exe malware?

Comodo Antivirus protects your system from malware attacks and also removes any existing infections. Following are the steps to effectively purge out the autorun.exe malware from your system.

Step 1: Download and install Comodo Antivirus.

Step 2: Installation configuration frames will be displayed. Select the configuration you would like to apply.

Step 3: Select Customize Configuration option and arrange installers, configuration, and file location.

Step 4: Restart your PC.

Step 5: Wait until the Comodo Internet Security updates the antivirus.

Step 6: Initiate a quick scan that instantly begins after the update.

Step 7: If the system is infected with autorun.exe malware or any other threats, you will be prompted with an alert screen upon scanning.

Step 8: Comodo Antivirus will remove the computer virus including all other malware!

Malware Entries

Safe Entries

First Seen: 07 October 2011 at 5:49 pm

No.	Company	File Type	SHA1	MD5	Malware Name	Digitally Signed	File Version	Product Version	Submitted From	Malware Behavior
1	N/A	Executable	39d8e673c15b3e92 f96493a88e4f3f08 7f7bfdbd	9912dea229fbc671 fdfb10c4f0c86307	Virus.Win32. Sality.gen	No	N/A	N/A	Brazil	N/A
2	Indigo Rose Corporation	Executable	e781eebe755f1fa0 f1bb091bbbaa4c43 468f96f7	dc1d8e75da983060 64af2d9a7a523b4f	Virus.Win32. Alman.A	No	3.0.0.7	3.0.0.7	Turkey	N/A
3	CANON INC.	Executable	3fef17eef496d4f7 bdd39766888a7e16 294b41e4	794ed531bcd5592b ed49ab2bc5786614	Virus.Win32. Sality.gen	No	1.02.0.004	1.02.0.004	37.238.214.35/32	N/A
4	Longtion	Executable	4832d95e099dcbb1 4a671bc9f4bb84dc 144e778c	16be63391ac48e65 3e72dcc2b343ec04	Virus.Win32. Alman.A	No	6.0.1.40	6.0.0.0	Turkey	N/A
5	Linasoft	Executable	c3976ee8f0edb6b0 ba1819b39268e159 cee45207	e4f4d9fc63e2296c 8e0d65171ef94ec3	Virus.Win32. Sality.gen	No	5.1.0.341	5.1	Saudi Arabia	N/A
6	N/A	Executable	d8f0d8dc18a2b8b4 019d453f0131557a a7221acf	db993fb8db8afc7f 78a13dfbac7eae35	Virus.Win32. Ramnit.K	No	N/A	N/A	Turkey	N/A
7	Anemeros Software	Executable	9d5edea8a296c408 0e42ed027126b96a 775ed7ac	bc06701bbbbcc4f7 8c9df4ab23da5b94	Virus.Win32. Sality.gen	No	0.9.0.0	0.9.0.0	185.135.108.203/32	N/A
8	Linasoft	Executable	b1698566c2d5cab1 00593ecabd2d5409 d90e7cc1	2d56b72b1e299bf0 c28ba234e75e4217	TrojWare.Win 32.P2P-Worm. Bacteraloh.~ BAAA	No	4.3.0.288	4.3	Russian Federation	N/A
9	Indigo Rose Corporation	Executable	9829cd144f452f8d a7d7e65af76f4a64 8235c0fe	2cdefa50b04c3a42 b2aa37b5db95cb43	Virus.Win32. Alman.A	No	3.0.0.7	3.0.0.7	Turkey	N/A
10	Synaptics	Executable	0e1acefcc414480f d5c05190a5ddba48 a028b5fb	7f04cf167bfbcdb5 47fde91c2f89ae0e	Virus.Win32. Agent.DE	No	1.0.0.4	1.0.0.0	Turkey	N/A
11	Macromedia, Inc.	Executable	11fba2df62d63afb d6e6412515fe05b9 40dec9f2	e249b0a5584e3e74 fe2619f96943cb1f	Virus.Win32. Sality.gen	No	10.1r11	10.1	156.211.80.165/32	N/A
12	N/A	Executable	126b5dda0189b58e ed65a1d195a490ce 043e5e5a	1165f0bb6f5ecdd4 767fdd9f31380520	Virus.Win32. Virut.CE	No	7.5.1000.0	7.5.1000.0	156.211.80.165/32	N/A
13	ugur	Executable	99a2134d378e9557 3d88645079f253cc b728a85c	ef90fc7ba836d47c 0f67a01e8f8ddd59	Virus.Win32. Sality.gen	No	1.00	1.00	Turkey	N/A
14	Macromedia, Inc.	Executable	c64c796313bbc11a edbcb34a52b9d47a 13a770ad	e3890187d5c30d9a ebe5284f7fc2b329	Virus.Win32. Sality.gen	No	10.0r188	10.0	156.211.80.165/32	N/A
15	Macromedia, Inc.	Executable	c2e1c8a0fc018f23 aad1e256782af70c 571a9266	67af7c43ce3e959b d1e248cc4a5a49e4	Virus.Win32. Sality.gen	No	10.0r188	10.0	156.211.80.165/32	N/A
16	N/A	Executable	00c6939e0dcdf02b 22eb6c73c53864f1 0d88917b	74bf0b6e1295322f 522a195053bd96ac	Virus.Win32. Induc.A0	No	N/A	N/A	Ukraine	N/A
17	N/A	Executable	b43d1f2d5c747fcc 8ca96188b8baeae7 746dcad3	0f8d7d492a4f98b5 1717e6f43a846a4a	Virus.Win32. Virut.Ce	No	5.0.2.0	5.0.2.0	Russian Federation	N/A
18	N/A	Executable	4f516d50d0181a3a 6caee9b282f7dbfa cd95a49f	4706bb7c40d7af2e 52d666ad39eb69d7	Virus.Win32. Sality.gen	No	N/A	N/A	156.211.80.165/32	N/A
19	Indigo Rose Corporation	Executable	4c0f58f05cf2cf4c e8abdd11a558f4bc 32464641	c29bb375622f29f9 2ad6956b3655e0c9	Virus.Win32. Alman.A	No	3.0.0.7	3.0.0.7	Turkey	N/A
20	Macromedia, Inc.	Executable	fd41191efe58725d 790ea73df5c42dde a21d76c4	628d0c2593a6280b 0d9702123337837d	Virus.Win32. Sality.gen	No	8.5r321	8.5	156.211.80.165/32	N/A
21	N/A	Executable	70122d4ebfdb01ba 4b7f61c0818d4db9 e5608946	0d903f48a79ec495 f371e81f37449bd9	Virus.Win32. Virut.CE	No	1.0.0.1	1.0.0.1	156.211.26.204/32	N/A
22	General Electric Company	Executable	0357e198af8101ab b0c66ec86708a91f e14f4d1a	f72b89b675019859 e3194909aa99939e	Virus.Win32. Sality.gen	No	1, 0, 0, 5	1, 0, 0, 5	Algeria	N/A
23	N/A	Executable	1b83905b3a0b9ca0 fa462794f969ce3f d9f8e107	71c0abbe140b109a e1670db39562e704	Virus.Win32. Ramnit.K	No	N/A	N/A	Turkey	N/A
24	NULL	Executable	d9d50a99f2d8765c addee954c6526c0d 2640aeb1	fdd7b5a67a8723f7 567eec1731ba5b3c	Unclassified Malware	No	3.7.4.6	3.7.4.6	197.210.8.114/32	N/A
25	N/A	Executable	d59743b854e16a7d 7823adbc9904987d 22d8abee	792484cd3751ee07 84d9bbdd94603ef5	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	170.245.217.156/32	N/A

Prev 1 2 3...7 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Safe Entries

First Seen: 10 January 2009 at 1:34 am

No.	Company	File Type	SHA1	MD5	Digitally Signed	File Version	Product Version	Submitted From
1	Hewlett-Packard	Executable	9745f868badede50 010351eda9166b59 f27ee20c	62f073f88ceb064d 9f428aa31043113f	Yes	4.0.4.6684	4.0.4.6684	United States
2	-	Executable	f2dd293df20bab48 fc8f42381dfb8f2c ae571efa	0fb5ce89f6e51c26 4293ac7a35a9262e	Yes	3, 1, 0, 200	3, 1, 0, 200	Internal Submission
3	N/A	Executable	df7917d575caa272 781c09bbfd106641 9cf51815	db22252f694af09b 1630a78b1f58af14	No	N/A	N/A	Internal Submission
4	Diskeeper Corporation	Executable	fc3040ac000be2fd 8444fe65825452e0 82a0fa83	e48d89137c8d7d90 63b0f6092a012a83	Yes	14.0.0.0	14.0.0.0	Internal Submission
5	UPEK Inc.	Executable	585a653b2629498f 3621d1b03b8386f5 13c1439f	468e3c4cc1e08957 db3f3ba8817e94f6	Yes	5.6.0.3283	5.6.0	Internal Submission
6	N/A	Executable	8d83808174efee90 918d9d0606056b84 abdb4366	24ea6967ed6206a7 ee4c3612ba02edb1	No	1,0	1, 0, 0, 1	Internal Submission
7	N/A	Executable	975822cc712e1e7e 27543a680b80f03f d06fbca4	a5cb341b3974d50e b00597b7f6278351	No	1, 0, 0, 1	1, 0, 0, 1	Internal Submission
8	FNet Co., Ltd.	Executable	cf7e5971b7b536f5 2f4bfc823fde7be3 70a248d6	327db11419f3fa00 084b6e5d084b51ee	No	1.6.0.0	1.0.0.0	Internal Submission
9	Cygnion Corporation	Executable	d5e5b8f224e53c7a 17eda5cfe3e7e50c 5986e827	649fc992185d270d 66a2fb85c46ae45e	No	2.0	2.0	Internal Submission
10	-	Executable	677c61523d5cc62d 877e7e1192ee82d1 75da75c2	9e3e5e2ea081fe92 2741dea6ec31f2ac	No	3, 1, 0, 200	3, 1, 0, 200	Internal Submission
11	N/A	Executable	7828eeadffa717c1 cf341e18da126918 d3452dda	3396c7043af8d782 0c651681489f7196	Yes	1, 0, 0, 1	1, 0, 0, 1	United States
12	N/A	Executable	4b31c9dde5ee5362 9ecb814590df1c5a f830e480	882116aebaf6c11f e716fcaea53dc971	No	N/A	N/A	Internal Submission
13	Techland Publishing	Executable	6f66903d0e5fde5f 276f6b2ea8f362fc dd9a288d	014c199e253bb67f c9a3e225ab3471cd	Yes	3.0.1.2	3.0.1.2	Germany
14	N/A	Executable	d153e68d2b57fcf7 e16a276fb52379e1 6f742e36	240f77330c2e555a 6b8c0b5a295e4ec2	No	1, 0, 0, 1	1, 0, 0, 1	Internal Submission
15	ABBYY Production LLC.	Executable	1db7f8863bcc0e5f 44922f025f96d5bb d33ade64	593908fea70a7542 3296a8a5d2a27190	Yes	15.0.516.6 786	15.0.516.6 786	10.224.25.207/32
16	Ashampoo	Executable	4b60e4b79e00b9e7 5afbeb88443c47ed afe611e0	5d2cc2a1d0425ac4 69ff002d5924d350	Yes	0.0.0.0 (0)	0.0.0	10.224.25.207/32
17	N/A	Executable	1890ae96b0b17746 df0caed8a6e1140d edfb1322	b5c5980c5c630a37 a924ef63dd98739c	No	1.0.0.0	1.0.0.0	Russian Federation
18	N/A	Executable	32c84a07307bd8db fca089a5feae6009 245b12c5	5309a7a6fb5eed51 4a3eee4230ad63e4	No	N/A	N/A	Internal Submission
19	DynaPoint	Executable	55557f02a3d91a56 cb2b8c266d7a2541 434bacc2	de237cba2cb09cfb c6ea90d6d404ad77	Yes	1, 0, 0, 1	1, 0, 0, 1	Internal Submission
20	UPEK Inc.	Executable	bd47604ac0d89abe cfcd77b254a2dcc3 3907baa2	9655eb4e8a4580fd c778251157cac4ce	Yes	5.6.0.3283	5.6.0	Internal Submission

Prev 1 2 3...5 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Malware Search Engine

How to Remove “AUTORUN.EXE”

What is autorun.exe?

How to detect whether your system is affected by autorun.exe?