Video Screencast Help

"autorun.ini"

Created: 11 Mar 2011 | 5 comments

Hi,

 

"Autorun.ini." is a virus, torgan or malicious.. Plz explain ..

Comments 5 CommentsJump to latest comment

.Brian's picture

Autorun.inf is not a virus....it aids in the propagation of a virus

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

riva11's picture

Autorun.ini is no a virus as already replied , read info below :

An autorun.inf file is a text file that can be used by the AutoRun and AutoPlay components of Microsoft Windows Operating systems. For the file to be discovered and used by these components, it must be located in the root directory of a volume. As Windows has a case-insensitive view of filenames, the autorun.inf file can be stored as AutoRun.inf or Autorun.INF or any other case combination.

The AutoRun component was introduced in Windows 95 as a way of reducing support costs. AutoRun enabled application CD-ROMs to automatically launch a program which could then guide the user through the installation process. By placing settings in an autorun.inf file, manufacturers could decide what actions were taken when their CD-ROM was inserted. The simplest autorun.inf files have just two settings: one specifying an icon to represent the CD in Windows Explorer (or "My Computer") and one specifying which application to run.

(Wikipedia)

but due to the potential risk to execute automatically unknown applications , Microsoft in the latest patches disabled the autorun.

Fatih Teke's picture

Hello

riva11 is rigth. it is not a virus. But some people write a code in autorun.inf. Therefore when you click your Flash Disk or CD or anything can use autorun, the code is working in it. it is diffrent to click D drive and write address bar "D:\"

Best Regards.

Fatih.

 Everything works better when everything works together.

Mick2009's picture

Hi KP,

The "autorun.inf" file in and of itself, is not malicious. It is just a text file. However, many threats have been successful in using the Autorun features of the operating system as a vector of attack. To limit this vector, disable the Autorun feature in the Operating System.

Ther is more info available in these articles:

Security Best Practices for Protecting a Business Environment from Common Threats http://www.symantec.com/docs/TECH105236

How to prevent a virus from spreading using the "AutoRun" feature http://www.symantec.com/docs/TECH104447

Preventing viruses using "autorun.inf" from spreading with "Application and Device Control" policies in Symantec Endpoint Protection (SEP) 11.x http://www.symantec.com/docs/TECH104909

Hope this helps!

Mick

 

 

 

With thanks and best regards,

Mick