A simple way to protect removable drives from malware

You don’t need a lot of time or knowledge to execute the few changes that Trend Micro suggests protecting your drive against the Autorun feature.

To be able to do this, you must first format the drive using NTFS (if you haven’t already), because only this type of formatting allows you to execute the wanted procedure.

Create inside the root directory of the drive a file or folder named Autorun.inf. As worms are known to bypass this simple solution by replacing the legitimate file with the malicious one, use file permissions and restrict possible changes.

Additionally, create (also in the root directory) 4 more file or folders and name them “recycle”, “recycler”, “recycled” and “setup”. Why? Because these are the names malware uses more often.

The next steps require you to open a command prompt and do the following:

1. Go to the root directory of the drive
2. By using the command attrib autorun.inf /s /d -a +s +r set folder or file attributes for Autorun.inf:

3. By using the command cacls autorun.inf /c /d administrators set the privilege level of the file or folder:

4. Confirm the changes – press Y when prompted about your decision

5. To check if everything works as it should, try to copy, delete, modify, rename or even open the autorun.inf file or folder. If you can’t (access to the folder is denied), that malware won’t be able to do it either.

Share this