Uncategorized

Save Yourself: Disable Autorun/Autoplay

October 4, 2008
Warning: this life-saving article is very geeky in nature.

Have you ever got the autorun.inf file in your USB flash drive?

I had several encounters with this annoying autorun. Here’s a piece of advice to all USB drive users: PLEASE DISABLE “AUTORUN” or “AUTOPLAY”.

MY method of disabling AUTORUN is very simple. 😀 I just make it a habit not to double-click the icon of any removable media (e.g. USB flash drive) in the My Computer window. Instead, I type the drive letter (e.g. F:) of the removable media I want to explore/open on the address bar of my Windows Explorer. 😀

Here’s an article I’ve read which posts several other methods on disabling autorun.

The flash drive is a smart invention and provides good assistance for users. You can just bring along your compact flash drive around for any data/file transferring – fast, easy and convenient. Having said that, users must also be aware that the flash drive is a potential breeding ground for viruses.

It all boils down to a simple text file called: autorun.inf with a simple script like “[autorun] open=virus.exe icon=virus.ico”. “Open” is the command to execute the file upon having the drive detected by Windows while “icon” is optional and is merely to give an “icon” to the drive letter the USB drive resides on. It is quite easy for virus to infect an executable file especially the viruses which reside in the flash drives while being executed.

Few ways to overcome this problem:

1. A tried-and-tested remedy that dates back to Windows 9x is to simply hold down the SHIFT key every time you insert a USB flash drive. But how often you can remember to do this step?

2. Of course you can always turn-off AUTOPLAY thru Local Policy
* Click Start —> Run
* Type “gpedit.msc” (w/o quotes) and hit enter
* From the Local Group Policy Window, expand “computer configuration” —> “Administrative Templates”
* Click System folder and look for “turn-off autoplay”
* Double click this feature and select “ENABLED” then “ALL DRIVES”
* CLick OK to finish

3. or use Tweak UI under Microsoft’s Power Toy section. Tweak UI gives you access to a number of setting that are hidden away in Windows XP default user interface, including mouse settings, Explorer settings, taskbar settings, and more. In this context, it allows you to enable /disable Autoplay for CD/DVD and removable drives by just unchecking the check boxes.

Download site: http://www.microsoft.com/windowsxp/down … rtoys.mspx

4. or use Regedit but I wil not suggest it if you are not knowledgeable enough in editing registry.

Anyway, to really reiterate the trouble Autorun brings us, here’s an article on how NASA got infected with a virus.

August 27, 2008 10:41 PM PDT
Be safer than NASA: Disable autorun
Posted by Michael Horowitz

NASA confirmed this week that a computer on the International Space Station is infected with a virus. (See “Houston, we have a virus” at The Register.)

The malicious software is called W32.TGammima.AG, and technically it’s a worm. The interesting point, other than how NASA could let this happen, is the way the worm spreads–on USB flash drives.

Randy Abrams, director of technical education at ESET, alerted me about this. Touching on both interesting points, he said: To start with, no computer going into space should have autorun enabled. Simply disabling autorun would have almost certainly rendered the worm inert. Given that age of the worm, and its low risk ranking, it is probable that current (antivirus) software was not being used either.

Malicious software spread by USB flash drives and other removable media takes advantage of a questionable design decision by Microsoft. Windows is very happy to run a program automatically when a USB flash drive is inserted into a PC. How convenient, both for end users and for bad guys.

Abrams blogged about this back in December, and I wrote about it in March. In that posting, I described how to disable autorun for Windows XP and Windows 2000 and I just revised it to include Vista.

In his December blog, Abrams writes, “Fundamentally, there are two types of readers here. The first type will disable autorun and be more secure. The second type will eventually be victims.”

Don’t be a victim, disable autorun (also known as autoplay) for all devices. It may be a bit inconvenient going forward, but to me, the added safety is well worthwhile.

References: http://forum.philboxing.com/viewtopic.php?f=38&t=108978

So now you see… Save yourself, disable autorun. 😀

7 Comments

  • Jean Monique Sanchez
    October 4, 2008 at 8:48 pm Reply

    Yeah. Virus yun! 🙁 Basta don't click on it…Tapos minsan nagiging hidden yung autorun.inf. Then, if you tried double-clicking the drive icon on My Computer, an error script will appear. Hassle talaga. :(Nagkaron din ng ganyang virus sa USB ko… Yung may Sex Scandal. Kahiya nga eh… Kasi sinaksak yung USB ko sa laptop ni Sir Bang. Tapos sabi niya, "Uy. May sex scandal ka pa dito." Tapos ako, super shocked! Galing pala sa E-Jim yung virus na yun. 🙁 Naku, buti na lang talaga at nadelete na yun. Nadetect naman siya ng Antivirus na ginagamit ko, which is Avira.Buti na lang may Windows Online Live Care no? 😀 Hehe.Kung hindi, lagot talaga. :PHindi naman nawala yung files sa USB mo?

  • selg javellana
    October 4, 2008 at 5:15 pm Reply

    ah.. i've encountered "autorun" icon before.. lalo na pag after ko ilagay ung usb ko from someone's laptop.. hehe!pero the worst that happened to me recently, nagkaroon ng "SSG Sex scandal" icon sa usb ko.. SoWar virus pala!! parang Trojan virus daw!! di nga madetect ng AVG eh.. buti nalang naayos na ng windows online livecare ata un.. kundi patay talaga ako sa dad ko..=)

Leave a Reply

Your email address will not be published. Required fields are marked *