As per a study by Pandalabs 25% of worms are specially targeted to spread through USB storage devices.I think in India, scenario is worse,most of the cybercafés and home computers are inadequately secured.USB connected devices spread virus and worm from one computer to another.
How it works
autorun.inf is text file in Windows that is used by autorun and autoplay feature of the Windows. The file should be kept in root of the volume.This file specifies which file to run automatically when volume is available on Windows machine.Crooks modify this file to automatically run malware on USB drive and corrupt the computer.
What to do?
- disable auto-run feature on system to stop being infected from USB virus.This is useful just in case your computer is not up-to-date with antivirus and antimalware software
- create a blank directory named autorun.inf on your USB drive, this will help in case you use your USB drive on multiple computers like cybercafe,home and office.
How to disable auto-run feature on Windows XP professional
Microsoft have a group policy editor in Windows XP professional.Group policy editor can be used to disable auto run feature.Login as a user who has administrative privileges.
- At “start” –> “Run” –> gpedit.msc .It will open group policy editor.
- Under Computer Configuration, expand “Administrative Templates”-> Double click on “System” – > In the right pane look for setting “Turnoff auto play”.Double click it.
- Now choose “Enabled” and from drop down “Turn of autoplay on:”, choose “All drives”.Click okay.All done.
How to disable auto-run feature on Windows 7 or Windows XP home
You will need to edit registry settings of these operating system.Follow Microsoft directions.
Disabling auto run feature will prevent your computer from being corrupted by USB malwares, which rely on auto run feature.However, Its good idea to secure your USB drive as well so that autorun.inf based malware may not use your USB drive to spread these viruses and malwares.
On a good Windows system,which is virus free, insert your USB drive.Explore your USB drive and look for any autorun.inf file.If found,delete it.Now create a blank folder and name it to autorun.inf in root of USB drive file system. Now, whenever you will take your USB drive to cyber cafe , the infected computers may still copy malware on USB drive but they can’t write to autorun.inf. Hence, your USB drive will be not used to spread autorun.inf based virus and malware.