AutoRun and the companion feature AutoPlay automatically runs software automatically upon insertion of a properly configured a removable device. AutoRun and AutoPlay have been have been so widely abused by malware authors that Microsoft has over time chipped away at these features. The default behavior of Windows Seven is to ignore an autorun.inf file unless it is on a CD or DVD, and in February 2011 Microsoft released an update making this behavior the norm for patched copies of Windows XP and Vista as well.

Even this behavior I consider overly promiscuous, and my advice is to deactivate AutoRun entirely. Computers should not be running external programs without the user's knowledge, period. To do this, save the following code (courtesy US-CERT) in Notepad or a text editor with the name deactivate_autorun.reg:

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionIniFileMappingAutorun.inf]

Note that the above consists of three unwrapped lines of code followed by a blank line. Do not wrap any lines nor omit the final blank line.

From an administrative account, in the Windows explorer right click the file and choose Merge. Confirm any warning prompts to add the information to the Registry. Reboot. Test afterward to confirm that autorun has been disabled.


