Windows use a text file call autorun.inf to automatically trigger setup.exe program.

Virus writer use this feature to auto trigger their virus. If your USB pendisk is infected.

The moment you plug in, you will be infected.



Tips to immune your PC against autorun virus without help from antivirus program.



create autorun.inf FOLDER at c:\



c:\autorun.inf



if you have 2 partitions

d:\autorun.inf



if your USB pen drive is at f:

d:\autorun.inf



The virus think that it have already infected your PC because a folder with the same name as autorun.inf exist.

So your PC will be immune.



Another method is to disable the autorun at the windows registry.



You can use the following batch file to clean your PC.

copy and paste to a notepad file and save as killauto.bat

Then click and run.

It will remove the autorun.inf and create folder with same name to prevent it from coming back.



===========DOS batch file ===================



ECHO off

ATTRIB -r -s -h A:\autorun.inf

DEL /Q A:\autorun.inf

MKDIR A:\autorun.inf

ATTRIB +r +s +h A:\autorun.inf

ATTRIB -r -s -h B:\autorun.inf

DEL /Q B:\autorun.inf

MKDIR B:\autorun.inf

ATTRIB +r +s +h B:\autorun.inf

ATTRIB -r -s -h C:\autorun.inf

DEL /Q C:\autorun.inf

MKDIR C:\autorun.inf

ATTRIB +r +s +h C:\autorun.inf

ATTRIB -r -s -h D:\autorun.inf

DEL /Q D:\autorun.inf

MKDIR D:\autorun.inf

ATTRIB +r +s +h D:\autorun.inf

ATTRIB -r -s -h E:\autorun.inf

DEL /Q E:\autorun.inf

MKDIR E:\autorun.inf

ATTRIB +r +s +h E:\autorun.inf

ATTRIB -r -s -h F:\autorun.inf

DEL /Q F:\autorun.inf

MKDIR F:\autorun.inf

ATTRIB +r +s +h F:\autorun.inf

ATTRIB -r -s -h G:\autorun.inf

DEL /Q G:\autorun.inf

MKDIR G:\autorun.inf

ATTRIB +r +s +h G:\autorun.inf

ATTRIB -r -s -h H:\autorun.inf

DEL /Q H:\autorun.inf

MKDIR H:\autorun.inf

ATTRIB +r +s +h H:\autorun.inf

ATTRIB -r -s -h I:\autorun.inf

DEL /Q I:\autorun.inf

MKDIR I:\autorun.inf

ATTRIB +r +s +h I:\autorun.inf

ATTRIB -r -s -h J:\autorun.inf

DEL /Q J:\autorun.inf

MKDIR J:\autorun.inf

ATTRIB +r +s +h J:\autorun.inf

ATTRIB -r -s -h K:\autorun.inf

DEL /Q K:\autorun.inf

MKDIR K:\autorun.inf

ATTRIB +r +s +h K:\autorun.inf

ATTRIB -r -s -h L:\autorun.inf

DEL /Q L:\autorun.inf

MKDIR L:\autorun.inf

ATTRIB +r +s +h L:\autorun.inf

ATTRIB -r -s -h M:\autorun.inf

DEL /Q M:\autorun.inf

MKDIR M:\autorun.inf

ATTRIB +r +s +h M:\autorun.inf

ATTRIB -r -s -h N:\autorun.inf

DEL /Q N:\autorun.inf

MKDIR N:\autorun.inf

ATTRIB +r +s +h N:\autorun.inf

ATTRIB -r -s -h O:\autorun.inf

DEL /Q O:\autorun.inf

MKDIR O:\autorun.inf

ATTRIB +r +s +h O:\autorun.inf

ATTRIB -r -s -h P:\autorun.inf

DEL /Q P:\autorun.inf

MKDIR P:\autorun.inf

ATTRIB +r +s +h P:\autorun.inf

ATTRIB -r -s -h Q:\autorun.inf

DEL /Q Q:\autorun.inf

MKDIR Q:\autorun.inf

ATTRIB +r +s +h Q:\autorun.inf

ATTRIB -r -s -h R:\autorun.inf

DEL /Q R:\autorun.inf

MKDIR R:\autorun.inf

ATTRIB +r +s +h R:\autorun.inf

ATTRIB -r -s -h S:\autorun.inf

DEL /Q S:\autorun.inf

MKDIR S:\autorun.inf

ATTRIB +r +s +h S:\autorun.inf

ATTRIB -r -s -h T:\autorun.inf

DEL /Q T:\autorun.inf

MKDIR T:\autorun.inf

ATTRIB +r +s +h T:\autorun.inf

ATTRIB -r -s -h U:\autorun.inf

DEL /Q U:\autorun.inf

MKDIR U:\autorun.inf

ATTRIB +r +s +h U:\autorun.inf

ATTRIB -r -s -h V:\autorun.inf

DEL /Q V:\autorun.inf

MKDIR V:\autorun.inf

ATTRIB +r +s +h V:\autorun.inf

ATTRIB -r -s -h W:\autorun.inf

DEL /Q W:\autorun.inf

MKDIR W:\autorun.inf

ATTRIB +r +s +h W:\autorun.inf

ATTRIB -r -s -h X:\autorun.inf

DEL /Q X:\autorun.inf

MKDIR X:\autorun.inf

ATTRIB +r +s +h X:\autorun.inf

ATTRIB -r -s -h Y:\autorun.inf

DEL /Q Y:\autorun.inf

MKDIR Y:\autorun.inf

ATTRIB +r +s +h Y:\autorun.inf

ATTRIB -r -s -h Z:\autorun.inf

DEL /Q Z:\autorun.inf

MKDIR Z:\autorun.inf

ATTRIB +r +s +h Z:\autorun.inf

Autorun.inf is the primary instruction file associated with the Autorun function. Autorun.inf itself is a simple text-based configuration file that tells the operating system which executable to start, which icon to use, and which additional menu commands to make available. In other words, autorun.inf tells Windows how to deal open the presentation and treat the contents of the CD.



The entire sequence is initiated when the "disk change notifcation" polling discovers a new disk in the CD or DVD ROM drive. Then, if the "Auto insert notification" feature is enabled (it is by default), Windows checks in the new disk's root directory for the existence of an "autorun.inf" file. If found, Windows then reads and follows the specific instructions this file defines. If no autorun.inf file is found, then Windows refers to the new disk by its serial number and executes the default actions associated with the (data or audio) content on the disk.



The Autorun.inf file defines the following:

Autorun.inf Defines the following: The process or application that will automatically run when a disk is inserted

Automatically run when CD is inserted Optionally, one can define the process or application that will run for specific Operating environments.

Icon Representing CD or DVD The icon that will represent your application's CD or DVD when the drive is viewed with My Computer or Explorer.

Menu Commands when CD-ROM is clicked Menu commands displayed when the user right-clicks the CD-ROM icon from My Computer or Explorer.

autorun.inf

can be used to call any program including a virus, a worm, a trojan,

even a malicious html doc



the only way to avoid this is to disable autorun either by group policy, security policy, registry edit, or for XP there is tweakui



as soon as I set up a machine that's the first thing I do is disable autorun completely



autorun / autoplay was one of the stupidest additions to windows ever



which makes me wonder if M$ has a virus etc. writing staff



(-_-)

cheers