[SOLVED] MS Windows question

[Segfault]

I'm not a Windows user. One of many reasons is I do not understand how it works. The registry strings are a mystery for me.

However, I need to do something that would be so simple in Linux in Windows. I need to copy the contents of a USB stick to the HD when it is plugged in, automatically.
How can I do it?

[rcgreen]

By default, the usb stick will automatically be detected
and appear in windows explorer. A file window may automatically
pop up. If not, just open windows explorer, or My Computer

[jr0sco]

Google keywords "autorun usb batch script" top search result

Use an autorun file to run a batch script to copy the files

Not sure if it will work, but its a starting point

[Segfault]

Thanks for replies. I assume this autorun file has to be on the stick? This is out of question. Copy must be triggered by mount event.

[jr0sco]

I assume this autorun file has to be on the stick? This is out of question. Copy must be triggered by mount event.

Yes the autorun.inf file must be on the usb stick. I'm not sure if you can trigger an event when a device is connected in windows. I suppose this shows the limitations of windows systems.

[Segfault]

Well, the thing here is we have a specialized PC in our office. It runs Windows and is supposed to do only one task - display certain logs for casino communications troubleshooting.
Some moron does something with this PC at nights, it has Word installed and I can see E:\ drive has been in use. Not many people have access to this office. I'd like to identify this person by looking at the contents of his USB stick.

[jr0sco]

I'd like to identify this person by looking at the contents of his USB stick.

There a nice program called "simple python keylogger" on sourceforge.net. It records key stokes and takes screenshots in the background. Its complied into an .exe, so it should run on a window system without python installed. This may help you.

[Segfault]

Thanks, this may do it.

[MikeTbob]

Thanks for replies. I assume this autorun file has to be on the stick? This is out of question. Copy must be triggered by mount event.

I'm not much of a Windows user either, but that would be a nightmare to deal with on a security level and quiet frankly I am glad Windows (Or Linux) does not have a built-in feature any where close to what you are asking for.

I second the keylogger, it's probably your best best.

[Freston]

I'm not much of a Windows user either, but that would be a nightmare to deal with on a security level and quiet frankly I am glad Windows (Or Linux) does not have a built-in feature any where close to what you are asking for.

It would be a 'simple' udev event in Linux. And I think Windows has something similar, I came across some related features in the server 2008 event scheduler IIRC. So I think it is not unheard off in the Windows world, although it may not be build in to the particular version that workstation is running.

Some moron does something with this PC at nights, it has Word installed and I can see E:\ drive has been in use. Not many people have access to this office. I'd like to identify this person by looking at the contents of his USB stick.

-1, and also for the keylogger.



I'm not a lawyer, but you are on thin ice with these kinds of solutions. Events that copy content from an USB stick in order to be used in identifying someone goes against the 'expectation of privacy' someone has. As does the taking of screenshots. Essentially you are spying on someone.

If in my company I would want to do this, this is true, I need to get permission from both the president of the company and the chairman of the 'workers representatives' (not a good translation, but this is a mandatory legal body in any Dutch business with more that 35 employees) and permission is only given when both are convinced illegal activities may be taken on that machine. Chances are 99% that a proposal on these grounds would be rejected.


I strongly advice you to get clearance from a higher person in your company before you do anything like this.


But anyway, is there a reason, because I understand you want someone off that machine, not to use less technical solutions?
Like:
changing password
de-installing Word
putting a note on the monitor 'this computer may not be used'

Or:
Since the list of people who have access is limited, sending them all an email/snale mail explaining this machine may not be used for anything (cuz it is in fact a server), and perhaps threaten that you can see whether that machine is used and disciplinary action may be taken.

And inform the person responsible for the staff with access to that room. I don't know the situation, but there's always the hierarchical approach, a team leader or manager that you can address.

I also wonder, would that person know he's doing something wrong? In my experience most people don't read, so putting a note on the monitor that no one should touch the computer may not be enough (despite my advice above). They might think "oh well that note is there for so long I thought it didn't apply any more, besides the machine works so there's no problem". Grrrr indeed



Because your point is clear, no one should touch that machine. But I think it's not illegal (enough) in the sense of the law to warrant an invasion into a sphere where the person involved may expect privacy. At least under Dutch law, you sooner than the other would be in trouble. Remember that some who go to the market for wool come home shaven