UXDE dot Net

How to keep your USB safe from AUTORUN.INF

By -

Secured USB
image-3635
These days USB is being used by everyone for data transferring due to it’s affordable price and portability, but it also became the fastest and major source for malware infection. Worms used it to replicate faster, once your external drive(pen drive) come in contact with an infected system it gets infected automatically by the malicious services running in that infected system, one of the first task done by malicious services is to create AUTORUN information file(AUTORUN.INF) into removable drive for further propagation of the worm.

How it does?
Actually AUTORUN file contains the code for executing the infected file or worm instantly as soon as it is connected to a healthy system through USB.
[ad#Google Adsense 728]
The code in AUTORUN information file looks something like this:

[AUTORUN]
OPEN=example/setup.exe
In the above script ‘example’ is a folder in removal drives which contain infected executable file that uses AUTORUN file for it’s propagation.

How to play safe?

  • Step1: Create four folders in the root directory of your Removable drive(USB) with names Autorun.inf, Recycle, Recycler and Recycled(these folders are created by viruses to complete their process in every drive).
  • Step2: Go to Start>Run and type cmd to open Command Prompt. If USB drive is ‘G‘ then type G: and press Enter or if you are trying this on any disk partition then specify that drive letter in place of ‘G
  • Step3: Now type the following commands one after the other.While you are executing these commands console may ask you like this “Are you sure(Y/N)” then type Y and press Enter.

G:\>attrib -h -a -r -s G:\autorun.inf
G:\>cacls autorun.inf /c /d administrators

image-3636

  • Step4: Repeat above Step for Recycle, Recycler and Recycled also.

Here in the above procedure attrib command is used to set the folder attributes and cacls is used to set the privilege label to deny access for members of administrators group.
[ad#Google Adsense 468]
Once you have completed this task successfully you won’t be able to delete, rename, modify, copy or open these folders and this also prevent Malicious services running in any system to modify or copy infected files into Removable Drives.

image-3637

Tips:-

  1. To avoid autorun menu when USB is inserted, hold shift key while it is being detected by the system.
  2. Always use safely remove option while removing pen drive.
  3. If you are not sure about the condition of the pen drive then don’t take chances scan it using a good antivirus before accessing the data inside it.

9 Comments to How to keep your USB safe from AUTORUN.INF

  1. type the following in command prompt
    if u are checking C drive then
    C:\>ATTRIB Autorun.inf -H -S -R
    if the file is found in the Drive then give.
    C:\>DEL Autorun.inf
    the file will be deleted….
    But it is not 100% accurate…So as everyone say prevention is better that cure follow the post and keep your USB and PC safe from autorun.inf

  2. Yo man Sundeep I have tried it and this one is really working well thanq for posting such a tricky post keep posting the new things….Thanq once again

Leave a Reply

Your email address will not be published. Required fields are marked *