Autorun Virus
Solved/Closed
Related:
- Autorun virus removal tool
- Goose virus - Download - Other
- Bios password removal tool - Download - Other
- Redirecting virus removal tool - Guide
- Ntuser.dat virus - Guide
- Software reporter tool - Guide
3 responses
Mattie
Posts
26
Registration date
Friday July 23, 2010
Status
Member
Last seen
April 26, 2011
12
Sep 21, 2010 at 11:25 PM
Sep 21, 2010 at 11:25 PM
1.Install autorun virus removal tool
2.Now Press Win+R and enter cmd open Windows command prompt .
Now we are about to list hard disk files from command prompt .
for C drive type dir c: /a/w
If Autorun virus is present , It will get listed as shown above . There would be many other files like onlinegames , kavo.exe,.vbs , Heap41a , newfolder.exe,.com, ppt.exe etc .
These files include read only, archive, system and hidden file attributes associated with them.
So in next step we will remove these restrictions from the above suspicious files .
attrib -s -h -r c:autorun.inf
or attrib -s -h -r c:autorun.vbs ( Change the hard disk partitions as required)
Now remove all those files associated with autorun virus using del instruction .
Del autorun.inf or Del kavo.exe (repeat the procedure for all the files and hard drives)
Add the necessary hard disk partitions and files as per requirement ). Now copy the completed document in notepad and save as remove.bat . This file will remove all the autorun virus traces on execution .
After removing all the infected autorun virus files from hard drives , execute autorun virus removal tool on step 1 to remove further traces .
3. Repair registry to enable hidden files and folders .
Press Win+R and enter regedit . Now this will open the Windows registry . Move on to the following registration entries .
Autorun virus usually alter this registration entry . Double click on CheckedValue and enter value data as 1 . Now you would be able to enable hidden files and folders .
4. Turn off autorun feature in Windows .
This will avoid the execution of existing autorun worms in a PC and also one on USBs and CDs .
Copy the following command in notepad and save as removeautorun.reg
5. Restart your PC for the complete removal of Autorun virus .
2.Now Press Win+R and enter cmd open Windows command prompt .
Now we are about to list hard disk files from command prompt .
for C drive type dir c: /a/w
If Autorun virus is present , It will get listed as shown above . There would be many other files like onlinegames , kavo.exe,.vbs , Heap41a , newfolder.exe,.com, ppt.exe etc .
These files include read only, archive, system and hidden file attributes associated with them.
So in next step we will remove these restrictions from the above suspicious files .
attrib -s -h -r c:autorun.inf
or attrib -s -h -r c:autorun.vbs ( Change the hard disk partitions as required)
Now remove all those files associated with autorun virus using del instruction .
Del autorun.inf or Del kavo.exe (repeat the procedure for all the files and hard drives)
Add the necessary hard disk partitions and files as per requirement ). Now copy the completed document in notepad and save as remove.bat . This file will remove all the autorun virus traces on execution .
After removing all the infected autorun virus files from hard drives , execute autorun virus removal tool on step 1 to remove further traces .
3. Repair registry to enable hidden files and folders .
Press Win+R and enter regedit . Now this will open the Windows registry . Move on to the following registration entries .
Autorun virus usually alter this registration entry . Double click on CheckedValue and enter value data as 1 . Now you would be able to enable hidden files and folders .
4. Turn off autorun feature in Windows .
This will avoid the execution of existing autorun worms in a PC and also one on USBs and CDs .
Copy the following command in notepad and save as removeautorun.reg
5. Restart your PC for the complete removal of Autorun virus .
jack4rall
Posts
6428
Registration date
Sunday June 6, 2010
Status
Moderator
Last seen
July 16, 2020
Sep 22, 2010 at 10:00 AM
Sep 22, 2010 at 10:00 AM
Hello,
If you did not format your flash drive, then check whether the files are not in
hidden mode. Follow the following steps.
Step 1:
Click on the below link and download the file "AutorunExterminator"
https://ccm.net/downloads/security-and-maintenance/5911-autorun-exterminator/
Extract it --> Double-click on "AutorunExterminator" --> Plug your pendrive now.
This will remove the autorun.inf files from your flash drive and also from drives.
Step 2:
Click on "Start" -->Run --> type cmd and click on OK.
Here I assume your flash drive letter as G:
Enter this command.
attrib -h -r -s /s /d g:\*.*
You can copy the above command --> Right-click in the Command Prompt and
paste it.
Note : Replace the letter g with your flash drive letter.
Now check for your files in Flash Drive.
Step 3:
After that, download the Malwarebytes' Anti-Malware from the below link
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/
Update it --> Perform "Full Scan"
Note : Default selected option is "Quick Scan".
Good Luck.
If you did not format your flash drive, then check whether the files are not in
hidden mode. Follow the following steps.
Step 1:
Click on the below link and download the file "AutorunExterminator"
https://ccm.net/downloads/security-and-maintenance/5911-autorun-exterminator/
Extract it --> Double-click on "AutorunExterminator" --> Plug your pendrive now.
This will remove the autorun.inf files from your flash drive and also from drives.
Step 2:
Click on "Start" -->Run --> type cmd and click on OK.
Here I assume your flash drive letter as G:
Enter this command.
attrib -h -r -s /s /d g:\*.*
You can copy the above command --> Right-click in the Command Prompt and
paste it.
Note : Replace the letter g with your flash drive letter.
Now check for your files in Flash Drive.
Step 3:
After that, download the Malwarebytes' Anti-Malware from the below link
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/
Update it --> Perform "Full Scan"
Note : Default selected option is "Quick Scan".
Good Luck.