What is autorun.exe?
autorun.exe is a legitimate executable file developed by Microsoft. This process is known as AutoPlay Application and it belongs to AutoPlay Media Studio. It is commonly stored in 'C:\DOCUME~1\roger\LOCALS~1\Temp\ir_ext_temp_0\' folder. Cybercriminals find a way out to mimic malicious programs in the name of autorun.exe to spread malware infection.
Affected Platform: Windows OS
How to detect whether your system is affected by autorun.exe?
Viruses can easily affect and corrupt “.exe” files causing several system malfunctions. Below are the symptoms to check if your system is infected with the malware:
- Problem during computer start-up.
- Problem during program start-up.
- Errors while running specific functions.
- Damaged and missing link files.
- Conflict in the process.
- Missing or corrupted driver files.
- Invalid Windows registry.
- Hardware malfunction.
To further establish the infection of malware, take the following steps:
- Go to Task Manager by pressing the combination of keys CTRL+ALT+DEL.
- Go to the process tab and right-click on the autorun.exe file and open its location.
If the file is located outside 'C:\DOCUME~1\roger\LOCALS~1\Temp\ir_ext_temp_0\' folder, then you should perform an antivirus scan to get rid of the malware infection.
How does Comodo Antivirus help you to protect your system from autorun.exe malware?
Comodo Antivirus protects your system from malware attacks and also removes any existing infections. Following are the steps to effectively purge out the autorun.exe malware from your system.
Step 1: Download and install Comodo Antivirus.
Step 2: Installation configuration frames will be displayed. Select the configuration you would like to apply.
Step 3: Select Customize Configuration option and arrange installers, configuration, and file location.
Step 4: Restart your PC.
Step 5: Wait until the Comodo Internet Security updates the antivirus.
Step 6: Initiate a quick scan that instantly begins after the update.
Step 7: If the system is infected with autorun.exe malware or any other threats, you will be prompted with an alert screen upon scanning.
Step 8: Comodo Antivirus will remove the computer virus including all other malware!
| No. | Company | File Type | SHA1 | MD5 | Malware Name |
Digitally Signed |
File Version |
Product Version |
Submitted From |
Malware Behavior |
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | N/A | Executable | ab4a3e38efbf51c3 fed5c2b9ec1b0840 59108255 |
442f1c2b44b56478 406f07cbe78332f2 |
TrojWare.Win 32.VB.QOTY |
No | 1.00 | 1.00 |  103.39.139.18/32 |
N/A |
| 2 | N/A | Executable | 93f952bbcaab0427 575c5b97d3e37135 f440d9ec |
06bafc8b80e71f87 23c8f84f726873ed |
TrojWare.MSI L.Injector.L CE |
No | 1.0.0.0 | 1.0.0.0 | 105.112.102.177/32 |
N/A |
| 3 | N/A | Executable | 39d8e673c15b3e92 f96493a88e4f3f08 7f7bfdbd |
9912dea229fbc671 fdfb10c4f0c86307 |
Virus.Win32. Sality.gen |
No | N/A | N/A |  Brazil |
N/A |
| 4 | Linasoft | Executable | c3976ee8f0edb6b0 ba1819b39268e159 cee45207 |
e4f4d9fc63e2296c 8e0d65171ef94ec3 |
Virus.Win32. Sality.gen |
No | 5.1.0.341 | 5.1 |  Saudi Arabia |
N/A |
Indonesia
Russian Federation
Turkey
Ukraine| No. | Company | File Type | SHA1 | MD5 | Digitally Signed |
File Version |
Product Version |
Submitted From |
|---|---|---|---|---|---|---|---|---|
| 1 | Hewlett-Packard | Executable | 9745f868badede50 010351eda9166b59 f27ee20c |
62f073f88ceb064d 9f428aa31043113f |
Yes | 4.0.4.6684 | 4.0.4.6684 |  United States |
| 2 | - | Executable | f2dd293df20bab48 fc8f42381dfb8f2c ae571efa |
0fb5ce89f6e51c26 4293ac7a35a9262e |
Yes | 3, 1, 0, 200 |
3, 1, 0, 200 |
Internal Submission |
| 3 | N/A | Executable | df7917d575caa272 781c09bbfd106641 9cf51815 |
db22252f694af09b 1630a78b1f58af14 |
No | N/A | N/A | Internal Submission |
| 4 | Diskeeper Corporation | Executable | fc3040ac000be2fd 8444fe65825452e0 82a0fa83 |
e48d89137c8d7d90 63b0f6092a012a83 |
Yes | 14.0.0.0 | 14.0.0.0 | Internal Submission |
Germany
