A

Disable USB Autorun to Save PC from USB Viruses

Pen drives are very common these days. Everybody has them for their daily data transfer needs and since these are connected to different computers very often, they become a easy carrier of malicious codes (virus, trojans, spywares etc). How viruses spread from USB/Thumb/Pen drive? Whenever a USB drive is plugged into a infected computer, virus […]

Pen drives are very common these days. Everybody has them for their daily data transfer needs and since these are connected to different computers very often, they become a easy carrier of malicious codes (virus, trojans, spywares etc).

How viruses spread from USB/Thumb/Pen drive?

Whenever a USB drive is plugged into a infected computer, virus copies itself to the pen drive and sets it to execute itself when pen drive is accessed by making changes in the autorun.inf. Whenever pen drive is accessed, the autorun.inf calls the executable file of the virus upon which the system gets infected.

How to save your computer from viruses from USB/Thumb/Pen drive?

The most effective method of preventing your system from getting infected is to disable autorun feature of USB devices. DJ tells us about disabling autorun feature on Sizlopedia. He tells us a method in which he uses gpedit.msc and disable autorun feature but the problem is that gpedit.msc is not available under Windows XP Home Edition.

So, I am going to explain how to disable USB autorun feature through registry editing which not only works for WinXP Home but also for any other edition of Windows.

UPDATE : There is a tool for vaccinating against autorun feature too. You better use it. It works far much better than this registry hack.

  • Browse to the following key HKEY_CURRENT_USER\Software\Microsoft\Windows\ CurrentVersion\Policies\Explorer
  • Modify the value of NoDriveTypeAutoRun to ff (hexadecimal)

disable_autorun

Although I must warn you that playing with the registry can be harmful for your system and you might end up re-installing your OS. Before making any changes, I recommend reading How to backup your registry?

disable_autorun_reg

And if you don’t want to edit the registry then you can download this registry entry.

Download Disable_autorun.reg.

Right Click > Save it on your computer > Run it on your computer.

Press Yes when it asks for confirmation for adding the entry into the registry.

This will now prevent any virus from auto executing itself through a USB drive. In addition to this, you must have a good anti virus installed on the system as this method just stops the virus from infecting the system automatically.

40 responses to “Disable USB Autorun to Save PC from USB Viruses”

  1. Quiz_Master says:

    This trick will help me a lot. My friend’s PCs get infected by these kinda viruses almost 3-4 times in a month…

    Thanks for this.

  2. Ebook says:

    Thanks for this nice tips :mrgreen:

  3. Ashfame says:

    @Quiz_Master, Ebook
    You are welcome.

  4. Rakshit says:

    This is very useful. You don’t know when your system will get infected with viruses. I already implemented it long before.

  5. Oscar says:

    Really useful!! What a tip!

  6. joshuatly says:

    yaya, this is what im searching for!

  7. Thnx for the tip man!

  8. Ashfame says:

    @Rakshit, Oscar, Joshuatly, Nikolai
    You are welcome.

  9. ggg says:

    This is nice… Just to explain the registry key. The binary value (8 digits) represent 8 kinds of drives (floppy, CD/DVD ROM, removable…). 1 = don’t allow autorun, 0 = allow autorun, CD/DVD ROM is third from the left, therefore 11011111 (bin) = df (hex) = allow autorun only for CD/DVD ROM. Consequently 11111111 (ff) = forbid autorun for all type of drives. Just to say, HKEY_LOCAL_MACHINE has privilege over HKEY_CURRENT_USER, so check if there is the same key, and if there is, change the value to “df” or “ff”, or add the same key and value to the location as well if you want…

  10. maxrioseco says:

    a bit about what we are doing 😉

    nice trick =)

  11. zplits says:

    Hi, thanks for this great info. It helped me a lot.

  12. Amani says:

    How can I enter a site which is blocked by the server manager?

  13. Stefan says:

    thank you for the reg key, Ashfame! you have really helped me a lot. greetings from Slovakia!

  14. Alessi says:

    It worked even with my strange laptop version of Home Edition, thanks a lot!

  15. […] updates or subscribe to my RSS feeds. Thanks for visiting! Earlier I have written about how to disabe USB autorun to save the computer from being infected with various sort of malware which adds action in the […]

  16. Ashfame says:

    The tutorial has been updated to prevent the infection from spreading through optical drives also. Thanks to ggg for the explanation in the comment. Moreover, there is a tool for doing this in a better way. I recommend using that tool instead of this hack now. You can find the link to the tool in the post only.

  17. GAURAV VERMA says:

    IT’S A VERY NICE TRICK

  18. GAURAV VERMA says:

    It worked even with my strange laptop version of Home Edition,
    Really useful!! What a tip!
    Thanks

  19. PC_MAC says:

    It looks like it will only work for the current user that is logged in. Will this work for the Local Machine also.

  20. Jaya Motwani says:

    Hi Ashish ! ur work is really appreciable…really!!!! U hv done a gr8 job by launchin dis website…i wish u al d bst 4 ur future in dis field….keep it up!

  21. shivansh says:

    reallyy gud advice….
    thankss fr d useful info….

  22. Fred says:

    works very well..i used your tool to instal it…But now i plug my usb key and she wont appear at all.. no where to be seen. i thauhgt that tool would just stop prog to auto run from it, not even let her show as as an external device..
    What do i have to do to go back before i instal your tool. What reg to i have to put back.
    Thank you very much for your haelp.

  23. fred says:

    Thanks for your answer, i think the key is dead..that’s all. i should have try with anotherone before posting.
    Thanks.

  24. eric b says:

    Is there a way to password prompt when a USB device is installed once I disable the autorun for all users/groups.

  25. Underscore says:

    Hi Ashish,
    Is there a way we can undo this?? I used the .reg file you have here. IT works great but my plug and play internet doesnt work. Do you think it is related?

    • Ashfame says:

      Hi,

      Surely we can change it but I doubt if it has something to do with your plug and play device. May be the autorun tries to start the installation of its drivers and application.

      Read this comment above.

      Decide what you want to do and enter the value in registry as shown in the post.

      Hope that helps! 🙂

  26. Mark says:

    Thanks,

    you can also check this out

    {moderated}

  27. aggy100 says:

    This is an useful article . I was really having a hard time with these USB viruses. They screw me a lot. I couldnt help plugging in different USB’s also . that is part of the work . anyways thanx dude.
    {MODERATED}

  28. lisa says:

    hey ashish… i want to disable pen drive on linux operating system.
    how do i do that..
    plz help me.

  29. Kamlesh Acharya S. says:

    Ashfame I saw ur blog today, it was really helpful. Indeed, I would like to get one more suggestion from you. I am facing a problem everytime I log into my computer showing an error msg “windows cannot find ‘and.’…I believe this has been generated since I used my friend’s pendrive. Can you suggest how to overcome this.

    • Ashfame says:

      Hi,
      You can most probably try to remove if its something from the startup or some file that went missing (reinstalling to which that file belongs).
      Exact Google search will lead you to results where people posted about the exact same thing and hopefully you can find a solution from there.

      But sometimes, one has to live with them. I don’t use Windows anymore, shifted to Ubuntu long time back.

      • Kamlesh says:

        Thanks a lot for your reply. I would definitely search for it and see if I can get rid of this problem. Once again, thanks.

  30. Bijan says:

    it works nicely

  31. maxrexfax says:

    To stop USB virus- 1 unmount HDD, 2 turn on view of hidden files, 3 mount usb drive and check it. How to do it? Top secret!