WHAT IS AUTORUN.INF FILE

What exactly is an autorun.inf file?

Hi, first of all I'd like to state that autorun.inf is NOT a virus

autorun.inf is the primary instruction file associated with the Autorun function. Autorun.inf itself is a simple text-based configuration file that tells the operating system which executable to start, which icon to use, and which additional menu commands to make available.

When a new drive(CD drive or harddisk drive or pendrive) is detected, Windows checks in the new disk's root directory for the existence of an "autorun.inf" file. If found, Windows then reads and follows the specific instructions this file defines. If no autorun.inf file is found, then Windows takes default actions.

The Autorun.inf file defines the following:

1)The process or application that will automatically run when a disk is inserted or when the drive is double clicked

2)Which Icons to show

3)Menu Commands when CD-ROM is clicked

A simple Autorun.inf example:

[autorun]
open=filename.exe
icon=autorun.ico

Lets create our own autorun file

First create a file "autorun.inf" and copy the contents shown above.

Instead of filename.exe, mention the name of the file(along with the path) which should automatically be executed when u double click on the drive

Instead of icon.ico, mention the icon(along with path) which u'd like to have on the drive

Copy this file to any of your drives(C/ D ....etc )

Now, lets say that you want to open a file named A.exe when you click on your C drive

In this case, first copy A.exe to your C drive(otherwise mention the full path in the file) and then the contents of the autorun.inf file (which should also be in the C drive) should be as follows

[autorun]
open=A.exe

Note: If you dont need any icon, no need to mention that.

Now, whenever you double click on drive C, A.exe will be automatically run.(You may have to restart your computer for these settings to take effect)

Now, how does a virus use the autorun.inf file to spread virus??...Its simple. The virus just does the foll trick



[autorun]
open=virusname.exe

Ie. whenever you open the drive, the virus gets executed.(Here, the file virusname can be anything)

Now, When you scan your system for virus, the antivirus will delete the virus(say "virusname.exe"), but the autorun.inf file will remain, as this file is actually not a virus, but is being used by the virus.

when this happens, The next time, you click the drive, windows will try to run the file "virusname.exe", but as this file is not present, you wont be able to open the drive. Usually the "open with windows will come"

In this case, just delete the autorun.inf file (This file will usually be hidden and so, its better to use DOS commands)

Note: This autorun.inf file is used by many games and installation CDs in which the game or installation will automatically begin when you insert the CD.Just go through any such CD and you will see the autorun.inf file. Open it in notepad and see the contents