USB Flash won't let go

  • Thread starter Thread starter vjp2.at
  • Start date Start date
V

vjp2.at

I've had two different DANE-ELEC 3Systems flash drives which refuse to let go
and end up messing their formats because they keep trying to autoplay. THis
is not a virus and there are no visible autoplay files.

What is this? Any clues/fixes,comiserations?


- = -
Vasos Panagiotopoulos, Columbia'81+, Reagan, Mozart, Pindus, BioStrategist
http://www.panix.com/~vjp2/vasos.htm
---{Nothing herein constitutes advice. Everything fully disclaimed.}---
[Homeland Security means private firearms not lazy obstructive guards]
[Urb sprawl confounds terror] [Phooey on GUI: Windows for subprime Bimbos]
 
I've had two different DANE-ELEC 3Systems flash drives which refuse to let go
and end up messing their formats because they keep trying to autoplay. THis
is not a virus and there are no visible autoplay files.

What is this? Any clues/fixes,comiserations?
Click to expand...

"refuse to let go". There are actually metal porcupine fingers that
spring out of the USB drive to permanently affix it inside the USB port?
What really happens? What did you mean by that?

Auto-play and auto-run are actually two different behaviors but get
confused with each other, especially since Microsoft mixes up the terms
in their own documentation.

Auto-play pops up a dialog asking which handler to use based on what was
found on the removable media. If there are video and audio folders with
filetypes under them that are consistent with the structure for movie
CDs then auto-play will list those handlers that added themselves to the
registry to handle that media.

Auto-run requires an auto.inf file be present which lists the executable
that gets started when you insert the removable media. This is a
security hazard as it means something runs on your host without your
permission (i.e., YOU didn't decide to run the program). Infected USB
drives is how malware spreads across computers and why many companies,
libraries, kiosks, and other hosts get configured to disable the ports
to the removable media devices. Alternatively, the autorun function can
be disabled for all devices or for particular device types. Although it
provides convenience, autorun is a security risk and should be disabled.

"keep trying to autoplay". That happens only on new discovery of
removable media (media change detection) to have Windows, if enabled,
load the autorun.inf file and to also load and execute whatever program
that inf file specifies. Normally there would be only one execution of
the autorun.inf-specified program unless, of course, it were malware or
perhaps an installation program (where the install has failed and keeps
retrying). Hard to know what is actually happening on your host.
Vasos Panagiotopoulos ...
Click to expand...
<snipped the SPAM fake signature block>

If you want to add off-topic fluff to your posts, make sure they are
AFTER the sigdash line ("-- \n"); else, it is not a signature and
instead spam fluff you added into the *body* of your post.

Keep signatures down to 4 lines maximum (and that includes any blank
lines) or don't even bother to add a signature since it rarely is
on-topic to your post and often obvious fluff.

If you're using a Usenet provider that is appending this spam crap to
your posts, find another Usenet provider that doesn't. Their spam
results your posts being spam. Stop being their spam affiliate; else,
expect to get treated as a spammer.
 
Ok, so setting no autorun won't help? How'bout if I create an autorun that
says "don't autoplay"? Yes, the confusion between autorun and autoplay (the
latter is my problem) is nasty. It isn't a virus as this happened twice with
shrink wrapped versions of the same drive bought from different verndors.
Unless the mfgr had the virus. Much Obliged.

In <[email protected]> by VanguardLH <[email protected]> on Mon, 12 Sep 2011 15:27:15 -0500 we perused:
*[email protected] wrote:

*+-> I've had two different DANE-ELEC 3Systems flash drives which refuse to let go
*+-> and end up messing their formats because they keep trying to autoplay. THis
*+-> is not a virus and there are no visible autoplay files.
*+->
*+-> What is this? Any clues/fixes,comiserations?

*+-"refuse to let go". There are actually metal porcupine fingers that
*+-spring out of the USB drive to permanently affix it inside the USB port?
*+-What really happens? What did you mean by that?

*+-Auto-play and auto-run are actually two different behaviors but get
*+-confused with each other, especially since Microsoft mixes up the terms
*+-in their own documentation.

*+-Auto-play pops up a dialog asking which handler to use based on what was
*+-found on the removable media. If there are video and audio folders with
*+-filetypes under them that are consistent with the structure for movie
*+-CDs then auto-play will list those handlers that added themselves to the
*+-registry to handle that media.

*+-Auto-run requires an auto.inf file be present which lists the executable
*+-that gets started when you insert the removable media. This is a
*+-security hazard as it means something runs on your host without your
*+-permission (i.e., YOU didn't decide to run the program). Infected USB
*+-drives is how malware spreads across computers and why many companies,
*+-libraries, kiosks, and other hosts get configured to disable the ports
*+-to the removable media devices. Alternatively, the autorun function can
*+-be disabled for all devices or for particular device types. Although it
*+-provides convenience, autorun is a security risk and should be disabled.

*+-"keep trying to autoplay". That happens only on new discovery of
*+-removable media (media change detection) to have Windows, if enabled,
*+-load the autorun.inf file and to also load and execute whatever program
*+-that inf file specifies. Normally there would be only one execution of
*+-the autorun.inf-specified program unless, of course, it were malware or
*+-perhaps an installation program (where the install has failed and keeps
*+-retrying). Hard to know what is actually happening on your host.
 
vjp2.at said:
Ok, so setting no autorun won't help? How'bout if I create an autorun that
says "don't autoplay"? Yes, the confusion between autorun and autoplay (the
latter is my problem) is nasty. It isn't a virus as this happened twice with
shrink wrapped versions of the same drive bought from different verndors.
Unless the mfgr had the virus. Much Obliged.
Click to expand...

Depends on what "won't let go" means.

If it is the program specified in autorun.inf that keeps restarting or
whatever "won't let go" means then disabling autorun will eliminate that
problem. You can edit the registry (although deciphering Microsoft's KB
articles can be confusing because they contradict the settings between
their KB articles) but easier would be to get the TweakUI powertoy for
Windows XP to disable autorun. Go to the My Computer -> AutoPlay node
in the tree pane (yep, they used AutoPlay to reference both auto-run and
auto-play settings) and go to the Types node. Disable (uncheck)
auto-run on whatever media types you want.

If it's somehow related to auto-play (the dialog that pops up to show
you the handlers that have registered for the media type found on the
disc), you can use TweakUI to disable some or all autoplay handlers or
to disable autoplay on some or all drives.

If you get the autoplay popup and you select a handler but it "won't let
go" then you could use TweakUI to disable (remove) that autoplay handler
so you don't accidentally select it again. Then uninstall the defective
software that provides that autoplay handler and reinstall it or find a
better alternative.

Since "won't let go" does actually describe what is happening, another
possibility is that you cannot eject the tray, it keeps spinning when it
should spin down when it's been idle for awhile, or putting in a new
disc still sees the old disc's contents in Windows Explorer, or ... The
list can be long of guessing of "won't let go" means. Some optical
drives came with software to change when the drive goes into a low-power
state or how long after going idle when it spun down. I remember
Creative Labs including software with their drives that did this but it
conflicted with other apps that used the drive. It also intereferred
with ejecting the disc (either from software or using the drive's eject
button) because it locked the drive. Uninstalling the superfluous
Creative software resolved that problem. Not seeing a disc change could
be a defective optical drive.
 
Thanks, these are solid clues to follow up on


- = -
Vasos Panagiotopoulos, Columbia'81+, Reagan, Mozart, Pindus, BioStrategist
http://www.panix.com/~vjp2/vasos.htm
---{Nothing herein constitutes advice. Everything fully disclaimed.}---
[Homeland Security means private firearms not lazy obstructive guards]
[Urb sprawl confounds terror] [Phooey on GUI: Windows for subprime Bimbos]
 
Back
Top