2010/04/23

Defend your drives from AUTORUN.INF Malware


Salam Anak IT.
Today I would like to share some useful information on protecting your any secondary storage drives (pendrive, harddrive) from being infected with malware which uses AUTORUN.INF service.
Sebagai mukaddimah, AUTORUN.INF ialah satu fail yang diberi "permission" secara khas untuk membuka apa saja "executable" files yang tersenarai didalamnya. Autorun.inf sering digunakan untuk membuka program melalui CD ataupun DVD. Biasanya "Installation CD" tedapat ne fail ane...
Masalahnya... Ianya sering dipersalah gunakan oleh sebilangan "kaum" dimana mereka menggunakan "permission" tersebut untuk membuka "virus" mahupun "malware" yang bisdia buat supaya infecting other computers, biasanya melalui PENDRIVE...
Have you ever come across where your friend told you that your pendrive is carrying virus/malware/spyware into it? I am pretty sure you have heard of such things especially in college or university. So... Miana gayanya tue? Dibiarkan saja?... Ofcourse the best way is to have an antivirus/antispyware/antimalware implemented on your system and scan your pendrive regularly but what I am going to write is how to minimise the virus/malware impact on your drive which most of these "liau" uses AUTORUN.INF for their operation.
First, open up the drive's folder
Next, we will be creating new folder by Right-clicking anywhere on the white space, go to "New" and choose "Folder"
Rename the folder to "autorun.inf"
After that try to test it on any infected machines which will transfer the virus/malware into any removable drives. It might still copying certain files but it will not run it AUTOMATICALLY and so you have a control whether to delete the file or just let it be there.
If you see the "autorun.inf" folder's Properties (right click on the folder then click on "Properties"), you will see that the folder is automatically set to "Read-only" by the operating system.
That is it for today. I hope you could gain useful information from it. Until then, Assalamu'alaikum W.B.T... Wassalam...

P/S : Please use only GENUINE antivirus. Bukan antivirus main be"cr4ck3d".