Hacking Autorun.inf virus attack Is autorun.inf virus? When i studied second year(cse), my friends told that autorun.inf is virus. I thought so. Because my antivirus blocks autorun.inf files. In third year when i search about autorun.inf file in net, i realize about the auto run file. Today i bring some files from my college system. When i insert the pen drive in my system, there are lot of exe files.They are viruses. I delete all of them. Finally i opened the autorun.inf file in notepad and saw the instructions. Then only i remembered that i forget to post about autorun file. This article will give you complete details about the autorun.inf file. This is the instructions that saved in the infected(call virus programs) autorun.inf file: [Autorun] Open=RECYCLER\QqFvXcB.exe Explore=RECYCLER\QqFvXcB.exe AutoPlay=RECYCLER\QqFvXcB.exe shell\Open\Command=RECYCLER\QqFvXcB.exe shell\Open\Default=1 shell\Explore\command=RECYCLER\QqFvXcB.exe shell\Autoplay\Command=RECYCLER\QqFvXcB.exe is autorun.inf virus file? no. Then why antivirus block the autorun.inf files? Go ahead to know the full details about auto run file. Introduction to Autorun.inf File: Auto run is file that triggers other programs,documents ,other files to be opened when the cd or pen drives are inserted. Simpy triggers. When cd or pen drives are inserted, windows will search for the autorun.inf file and follow the instructions of autorun.inf file(instructions have written inside the autorun.inf file). How to create Autorun file? Open notepad type this command: [Autorun] save the file as "autorun.inf" (select all files, not text ) Complete Syntax and instructions inside the Autorun file: Basic syntax must be inside the autorun.inf file is : [Autorun] This will be used to identify the the file as autorun. OPEN= This will specify which application should be opened when the cd or pen drive is opened Example: open=virus.exeThis will launch the virus.exe file when cd or pen drive is opened. The file should be in root directory. if the file is in any other sub directories ,then we have to specify it. Open=RECYCLER\Virus.exe Explore= Nothing big difference. if you right click and select explore option in cd or pen drive. This command will be run. AutoPlay= Same as the above , but it will launch the the program when auto played. SHELL\VERB = The SHELL\VERB command adds a custom command to the drive's shortcut menu. This custom command can for example be used to launch an application on the CD/DVD. Example:shell\Open\Command=RECYCLER\QqFvXcB.exe shell\Open\Default=1 shell\Explore\command=RECYCLER\QqFvXcB.exe shell\Autoplay\Command=RECYCLER\QqFvXcB.exe Use a series of shell commands to specify one or more entries in the pop-up menu that appears when the user right-clicks on the CD icon. (The shell entries supplement the open command.) Icon= Change the icon of your pen drive or cd. you can use .ico,.bmp images(also .exe,.dll) Example: icon=breakthesecurity.icoLabel= Specifies a text label to displayed for this CD in Explorer Note that using the LABEL option can lead to problems displaying the selected ICON under Windows XP. Example: Label=Ethical hacking Why Antivirus Block Autorun.inf file? From above ,you come to know that autorun.inf file is not virus. But why antivirus blocks it? Because as i told autorun file call or launch any application or exe files. It will lead to virus attack. If the autorun.inf is blocked,then there is no way to launch the virus code. Autorun is not virus but it can call virus files.