At present, the U disk virus is very serious. Almost all U disk with virus, there is an autorun.inf in the root directory, and the right-click menu has more items such as "auto play", "Open", "Browser". Since we are used to double-clicking to open the disk, but now we double-click, usually not open the U disk, but let the program set in autorun.inf play automatically. Just right-clicking on the mouse will not activate the virus. However, if you have a lot of people on your machine and can't guarantee that they won't double-click to open the USB flash drive, you can use the following method.
recruit a group policy turn off AutoRun feature (for those who are not familiar with computers)
all at once if you want to disable the Windows XP AutoPlay feature, then please follow the steps below:
1, Click Start→Run, in the Open box, type gpedit.msc, click the OK button to open the Group Policy window;
2. Local Computer Policy in the left pane Next, expand Computer Configuration→Administrative Templates→System, and then in the right pane, under the Settings heading, double-click Turn off AutoPlay;
3. Click the Settings tab and select Enabled "Check button, then click "All Drives" in the "Close AutoPlay" box, click the "OK" button, and finally close the "Group Policy" window.
NoDriveTypeAutoRun", this key determines whether to execute the AutoRun function of the CDROM or hard disk.
Double-click "NoDriveTypeAutoRun", in the default state (that is, you have not disabled the AutoRun function), in the pop-up window you can see the default key value of "NoDriveTypeAutoRun" is 95,00,00,00, and the attachment uploads the screenshot. The first value "95" is a hexadecimal value, which is the sum of all devices that are prohibited from running automatically. Converting "95" to binary is 10010101, where each bit represents a device, and different devices in Windows will be represented by the following values:
Device name The first value device indicates the device name with the following values
DKIVE_UNKNOWN 0101h Identifyed device type
DRIVE_NO_ROOT_DIR 1002h Drive without root directory
DRIVE_REMOVABLE 2104h Removable drive
DRIVE_FIXED 3008h Fixed drive
DRIVE_REMOTE 4110h Network Drive (
DRIVE_CDROM 5020h Optical Drive (CD-ROM)
DRIVE_RAMDISK 6040h RAM Disk (RAM Disk)
Reserved 7180h Unspecified Drive Type
The value in the table listed above is " 0" means the device is running. A value of "1" means that the device is not running. (By default, Windows prohibits 80h, 10h, 4h, 01h from automatically running. These values are exactly hexadecimal 95h, so NoDriveTypeAutoRun" Default key value 95,00,00,00).
招三, Modify the privilege method
1. Click Start -> Run regedit.exe Enter
2. Open the Registry Editor and expand the item. Go to [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerMountPoints2]
3. Right click on MountPoints2 Select Permissions
4. Click on "Users and Groups in Security" and change to Deny in the following permissions.
5. Refresh again, even after U If there is a virus on the disk, it will not be activated. Double-clicking the USB disk will normally enter the USB disk.
Trick 4, hidden drive method (suitable for U disk use, such as print studio)
If the above methods are not thorough enough, Another trick is to hide the drive, and use a batch file to open the U disk.
1, open the registry editor, or enter HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPolicIEsExplorer, create a new binary value "NoDrives", the default value is 00000000, indicating no Hide any drive. The key value consists of 4 bytes. Each bit of each byte corresponds to a disk from A to Z. When the corresponding bit is 1, the corresponding drive in "My Computer" is hidden. The first byte represents eight disks from A to H, ie 01 is A, 02 is B, 04 is C... and so on, the second byte represents I to P; the third byte represents Q To X; the fourth byte represents Y and Z. The drive letter of the U disk is then pushed down the existing drive letter. If you have used C, D, E, and F, then the U disk uses the G: drive letter, and then inserts a U disk to use H:. At this point, just hide G: and H:, then insert the USB flash drive will not be displayed in "My Computer". Of course, using the registry editor to modify the registry is more complicated. Now there are a lot of software that specifically modify the registry. For example, in Windows Optimizer, expand "System Performance Optimization /System Security Optimization /More Settings /Select Drives to Be Concealed" , "将" in the "□" before the drive letter to be hidden, OK.
2, create a new text file on the desktop, enter "start (your drive letter):", such as: "start f:", save as "enter U disk. bat", then double-click the batch file To open the U disk, not only anti-virus, but also very convenient to use.
5, prohibit the creation of autorun.inf (protect your own U disk)
Create a folder in the root directory, the name is called autorun.inf. Since Windows is specified in the same directory, files and folders with the same name cannot coexist, so the virus cannot create the autorun.ini file, even if you double-click the drive letter.