Earlier we saw how to remove the AutoRun Virus that abuse the autorun.inf file, to spread itself. Now, let us see how to turn off AutoRun.inf and thus protect your PC from AutoRun viruses and malware.
Windows had a bug in the way it handled AutoRun related Registry entries. When AutoRun is disabled, Windows operating system should not go past the Registry check. However, Windows continued to parse autorun.inf found on the removable media and did everything except the final action to invoke AutoPlay.
How to Disable AutoRun.inf?
Nick Brown came up with a solution to prevent AUTORUN.INF files from being used on a PC, from any medium. This method involved using an initialization file mapping, to create a mapping between the AUTORUN.INF initialization file and the Registry. “IniFileMapping” is a key which tells Windows how to handle the .INI files which those applications typically used to store their configuration data (before the registry existed).This procedure relied on the fact that an autorun.inf file is a standard Windows INI file and so the appropriate API calls are used by Windows when fetching its settings. These API calls can be redirected using the INI file mapping method. In this case, it says “whenever you have to handle a file called AUTORUN.INF, don’t use the values from the file. You’ll find alternative values at HKEY_LOCAL_MACHINE\SOFTWARE\DoesNotExist.” How is this done?
Create a Registry file with the following contents and save it as “DISABLEAUTORUN.REG”.
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf] @="@SYS:DoesNotExist"
Double click “DISABLEAUTORUN.REG” to make the relevant changes to Windows Registry. Whenever Windows tries to read a file called “autorun.inf” using the INI programming calls, it is forbidden to read from the actual file. Instead, all settings are read from the HKEY_LOCAL_MACHINE\Software\DoesNotExist Registry key. As this key does not exist, it is as if the autorun.inf file contains no settings information. This applies to any autorun.inf in any location and on any drive.
The only drawback with this approach is you need to manually trigger the setup program in any inserted CD or USB Stick. But isn’t it better to live with this than with AutoRun viruses?