Carey

August 31, 2009 at 4:43pm

It's about time, I've had this useles and unsafe feaute disabled on every machine I've ever used.

d_sellers1

August 31, 2009 at 4:33pm

I'm currently deployed to Afghanistan and a good majority of the people out here have contracted some form of USB transmitted virus. On an infected PC, the virus will copy itself to the drive and set the autorun.inf to automatically run or when the drive is double-clicked from My Computer (which in turn runs the autorun). 

 The viruses that I have found like to sit in C:\Users\<your_username>\ and is set to system and hidden. Using ATTRIB in a command prompt will show the hidden system files (or setting your view in Explorer to show hidden file and not hide system files will do the same). Kill the offensive program in Task Manager; delete the virus (there shouldn't be any .exe or .vbs files in the \<your_username>\ folder); use MSConfig to remove the startup entry.

Same basic steps on a USB drive (thumbdrive, hard drive, digital camera memory card, iPod Classics, etc.). The autorun.inf will be system and hidden along with one or more .exe or .vbs files. The most common is start.exe which would appear to be harmless. Delete them.  

Better yet, edit the autorun.inf and delete everything in it (make it blank) and save. Right click on the autorun.inf and go to Properties and then the Security tab. Click the Advanced button and uncheck the Inherit permission from parent. Click Remove followed by OK as many times as you need to close all the windows. This takes away your permissions to edit the file even if you are an administrator. This will prevent other infected systems from giving your drive the virus. You will still get the hidden executable file on the drive but without the autorun.inf to run it, it won't automatically run. Also note that the drive must be formatted to NTFS and not FAT/FAT32.

 To protect your PC, you can disable the autorun feature with a registry. Open notepad and copy the text below and save as "noautorun.reg" (be sure to use the quotation marks). Double click the file that you just created and click Yes when asked if you want to add it to the registry. Reboot just to be safe. No more autorun. (This is useful for soldiers like myself that are deployed that won't be able to download the Windows Update.)

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"

Even with current anti-virus definitions, Norton seems to let about 95% of the infections go undetected. Of all the drives and systems that I have checked, Norton has only alerted me to three...

 Derek

Techrocket9

August 31, 2009 at 2:44pm

Portableapps is/are doomed!

 

_____________________________________________________ 

An army of pacifists can be defeated by one man with the will to fight.

Elric

August 31, 2009 at 11:52am

Autorun has always been a misfeature, so I don't mind seeing it go at all. I think this was a good move.

MeTo

August 31, 2009 at 11:20am

Auto play/Auto run Should have never been introduced IMO. It was something to make it easy to install programs and run games. It also runs bad stuff easy. What is so hard about clicking on a icon to start a program.

MRrelabled

August 31, 2009 at 10:16am

First why don't you describe the difference between autorun and autoplay. autorun and autorun.inf files are what malware uses. autorun has been a pain in the rear ever since it began, and personally I have no problem with USB key not being able to autorun there crapware and sometimes malware straight from the factory. 

We're talking computers here people if you want one specific usb key, card or drive to run this can be done, each drive is different, each connection is different, 

If you want a security program to check autorun.inf file before they run this could be done too. 
Maybe it's time to get people with experience with computers working on security rather than teenagers.

To0nces

August 31, 2009 at 10:10am

I prefer to have auto-run off anyway, as I don't like a pop up when I insert a disc.