How to remove autorun virus from pc manually (not using any app)

The infamously known “autorun viruses” or “autorun organizers” are actually a pretty serious malware which were developed by hackers to infect external data storage devices, like USB flash drive, Micro SD card, even External HDD, in a way that infecting a victim’s PC indirectly while trying to open an infected flash drive, SD card or HDD through the Windows Explorer.

  • This kind of malware exploits an inf file in the mainly Windows platform devices, which is used to launch directly and automatically on schedule to autoplay some unauthorized programs and files which are stored in an infected external device.
  • This can end up with a serious system malfunction, data loss, data breach, security breach and etc. Hackers do use this technique to destroy files and footprints secretly or even to steal your data. Stealing data can even end up with the credit card pin or email account’s password, so yes this is a pretty serious problem in a very small package.
  • If any of your USB Drive is infected with any kind of (as there are many kinds of them already developed) autorun.inf virus, whenever you connect the USB device to the PC the virus infected files start to execute and infect your PC automatically, the worst part is it further replicates itself automatically to make many copies of it which make the removing process more complex.
  • Also, If the pc is infected enough, the malware secretly keeps directing the user to various malicious websites. Another scary part is that it may also install a key logger malware (keeps tracks of your key presses on the keyboard, this malware is used to track down your passwords by the third party while you type it) which may steel any login credentials like usernames, passwords, financial details like account numbers, credit card pins and other sensitive or confidential information may be related to your personal life as well as your profession.

To make sure your pc is safe you must remove any type of autorun virus from your PC.

Here is how you can remove autorun.inf virus from the USB drive manually,

  • Insert the infected USB drive onto your PC, when the auto open window appears, click
  • Go to command prompt, by typing the “cmd” after pressing the Window button.
  • In the command prompt type in the USB drive letter. You can check the drive letter from My Computer/This PC explorer.
  • Now type in “dir/w/a” and press enter, this will show you a list of the files in which are stored in your flash drive. Now check for the files named exe, New Folder.exe, ntdelect.com, kavo.exe, svchost.exe, autorun.inf, remove these files ASAP.
  • To delete any file in command prompt as an example if the name of the virus is autorun.inf, then type in F:del autorun.inf and press enter to delete the file.
  • After all the above steps are done, disconnect the drive and reconnect it and check again, and also perform an antivirus scan on the USB drive to make sure you have removed the viruses in it.

 

Deleting autorun.inf from hard disc drive of a PC,

  • Switch on and start the PC in safe mode
  • Open the command prompt in it
  • Now check for the file name and keep a close for these files below to delete them.

%System%configcsrss.exe

%WinDir%mediaarona.exe

%System%logon.bat

%System%configautorun.inf

C:autorun.inf

D:autorun.inf

E: autorun.inf

F:autorun.inf

Make sure you have checked all the drives of your HDD as by default it will be showing you the result of C drive only.

Now Open the registry editor to delete all of the parameters which are mentioned below:

[HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]

DisableTaskMgr = 1

[HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer]

NoFolderOptions = 1

[HKLMSOFTWAREMicrosoftWindowsCurrentVersionRunOnce]

“Worms” = “%System%logon.bat”

 


Restart your computer and check again by following the previous steps. Then use an Antivirus app to scan the pc carefully to make sure of the result.

Now, remember that this manual method shown here to remove autorun virus can be implemented but only for some simple type of autorun viruses. The rechecking has been advised to make sure there are no Virus left anymore, but if you do find traces or files related to autorun virus even after the above shown manual removal, that means the Autorun Virus in your PC is a mutant version or upgraded version of autorun virus, which are strong enough to protect themselves even after manual removal. To remove that type of autorun virus special third party Autorun remover tools available over the internet. These apps can help you to remove and solve other mutant variants of autorun virus.

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.