Tuesday, October 27, 2009

Block Attacks By Blocking Autorun File

If you recollect,some months back i had posted on Panda USB vaccine. Similarly i have come across another tool which i feel is better than Panda USA Vaccine.

Autorun.inf is the primary instruction file associated with the Autorun function. Autorun.inf is a simple text-based configuration file that tells the operating system which executable to start, which icon to use, and which additional menu commands to make available.

1. How does this File Look ?

Line 1: [autorun]
Line 2: open=autorun.exe
Line 3: icon=autorun.ico

Kindly Note that Line N ( N=1,2,3) is used just for simplification.

Line 2 Means that when started,autorun.exe file will get executed and Line 3 means the autorun file will have autorun.ico as its File Icon.

In reality autorun.inf files are more complex than this but for now,i am limiting myself to simple examples only.

2.What is Autorun Protector

Autorun Protector is a two way protection .Net application which was released in April this year,prevents PC from infecting with autorun worms and also protecting your removable device from being infected from other sources.

Since I said it is developed in .Net,it requires 2.0 Framework pre installed.Kindly note that it doesn't clean all the worms so i would suggest to use good antivirus to scan the PC to ensure maximum protection.

Autorun worm infects your PC through removable device such as USB Drive. It has a file called autorun.inf which contains code to run malicious program. If PC failed to block this autorun file,it can cause serious damage to the PC.

As mentioned earlier,it has 2 way protection i.e PC Protection & Device Protection. But there is also another feature "The MountPoints2" which is a registry key that contains cached information about every removable device. Clearing this key might solve the problem on opening drive problem issue.

One feature that i really appreciated in the new release was the mean to create own autorun.inf files. It can also fix the drive opening issues.


Please don't copy this article to your website and this act is strictly NOT allowed. However, if you like this article, contact me before publishing this to any other blog/website/etc.


Being Pramoda... said...

hey... i used to get this error with my pendrive..is it a virus or what? i use to open this auto run inprndrives..any probs with thaT? whr do i get the settings in my lapi?

Hemanth Potluri said...

i always got this virus and my norton always saved me :)...thanks for the info bro :)..


Anonymous said...

Can anyone recommend the top Network Management utility for a small IT service company like mine? Does anyone use Kaseya.com or GFI.com? How do they compare to these guys I found recently: N-able N-central network management
? What is your best take in cost vs performance among those three? I need a good advice please... Thanks in advance!