This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi,
I have create a custom autorun.inf which sets the icon and device label for the USB device.
The contents of the autorun.inf are following
[AutoRun]
ICON = .\tS1_img.ico
label=myDevice
It is being detected as a virus with the following information :
Name: Trojan:Script/Wacatac.H!ml
ID: 2147814524
Severity: Severe
Category: Trojan
Path: file:_D:\autorun.inf
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
User: DESKTOP-F0R6SVI\gg
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.385.1434.0, AS: 1.385.1434.0, NIS: 1.385.1434.0
Engine Version: AM: 1.1.20100.6, NIS: 1.1.20100.6
Windows Version: Windows 10 Build 19045
Is there any way to make autorun.inf safe or genuine to keep it in the drive.
I don't want it to be deleted by the Defender without making it as an exclusion in Windows Defender.
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.
Hi Kunal,
I am Dave, I will help you with this.
In general Windows does not trust Autorun.inf files, they are disabled in Windows these days because it was a major source of spreading Tojans from PC to PC, using USB flash drives.
Are you using .\ to navigate to a folder on the drive, the only hope you ay have is replacing the .\ with the actual folder name you have the icon stored in, that may stop the Autorun file being flagged, and it may not
