Disable USB Drive Autorun

23 October 2007 5 Comments

Windows provided Autorun features for quick software response to inserted media or connected drives. The moment USB is inserted; Autorun begins reading from it whether it contains music, video or executable file. Autorun commands are typically kept on a file called autorun.inf. These commands provide an automatic start for applications and media files. Most software manufacturers are utilizing this function to start the installation of their program right after the media is inserted. Since it is a general functionality, there is a risk that the feature is utilized in a malicious approach.

AutoPlay Function in Windows 7

In this age of Internet and USB devices, Autorun is being misuse by computer thefts and hackers. A Trojan called Downloader.Agent effectively exploited this function to harm countless computers globally. That is one reason why most users wanted this feature disabled. Another basis why people wish to halt this action is for security reason, possibly to avoid execution of codes without their consent.

Below is a guide to help you disable Autorun function for USB and other devices. Please note that removing Autorun.inf from any device can resolve certain issues.

Disable Autorun in Windows XP, Windows Vista and Windows 7 without Group Policy

Group Policy is probably the simplest way to disable the Autorun feature. However, Group Policy is not available in some versions of Windows particularly on Home Edition. This is the reason why disabling Autorun using the registry is on top of the list. You must have an administrative privilege to execute this.

1. Click on Start > Run. Alternatively, you can use [Windows Key]+[R] on your keyboard.

2. Type regedit in the box. Click OK or press Enter on keyboard.

3. When User Account Control prompts if you want the allow the program to make changes on computer, click Yes.

4. Locate the registry entry:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion
\policies\Explorer\NoDriveTypeAutorun

5. Double-click on NoDriveTypeAutoRun.

6. In the Value data box, type 0×4 to disable Autorun on removable drives including USB. Refer to the list below to disable specific drives.

If the value “NoDriveTypeAutoRun” is not present:

There is a chance that the value NoDriveTypeAutoRun do not exists. Follow these steps to add the value in the registry.

1. Navigate to the following entry:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\

2. On right pane, right-click then New > DWORD (32-bit) Value. Name the value NoDriveTypeAutoRun.

Creating NoDriveTypeAutoRun value.

3. After creating the value. Double-click on it. In the Value data box, type 0×4 to disable Autorun on removable drives including USB. Refer to the list below to disable specific drives.

4. Exit registry editor and restart the computer.

List of Settings for NoDriveTypeAutoRun
0×1 or 0×80 – Disables AutoRun on drives of unknown type 
0×4 – Disables AutoRun on removable drives 
0×8 – Disables AutoRun on fixed drives 
0×10 – Disables AutoRun on network drives 
0×20 – Disables AutoRun on CD-ROM drives 
0×40 – Disables AutoRun on RAM disks 
0xFF – Disables AutoRun on all kinds of drives 

How to Disable Autorun with Group Policy:

Please take note that Group Policy is not available on some versions of Windows. To access this feature, you must login with Administrative account.

1. Click on Start > Run. Alternatively, you can use [Windows Key]+[R] on your keyboard.

2. Type Gpedit.msc in the box. Click OK or press Enter on keyboard.

3. It will prompt for Administrator password. Please continue by providing the password and click on Continue.

4. Local Group Policy Editor will open.

5. Go to Computer Configuration, click on Administrative Templates, click on Windows Components and then click on Autoplay Policies.

6. Click Enabled.

7. Select specific drive on Turn off Autoplay to disable Autorun on that drive.

Two methods to disable Autorun

8. Another method is to set Default behavior for Autorun. Click Enabled and select Do not execute any autorun command. This will generally disable Autorun command on all drives.

8. Restart the computer.

Unable to Find mswbar.dll – MyWebSearch

13 September 2007 0 Comment

My Web Search or sometimes called as MyWebSearch Tool Bar is an adware program that that brings excessive advertisements on the compromised computer. MyWebSearch also monitors victims Internet browsing habits and serve pop-up advertisements based on the gathered data. It also hijacks Internet search and point users to unknown web sites. MyWebSearch also modified Internet Explorer settings and modifies the default homepage. A Toolbar is integrated to the same web browser even without proper authorization from user.  

Most people who got contaminated with this adware thought that they have successfully removed it through simple add/remove program of Windows. This method is insufficient to totally take out all files and system components created by MyWebSearch. For this reason, incomplete removal will cause an error “Unable to Find mswbar.dll.”

Mswbar.dll is a major component of MyWebSearch. Some security programs will automatically quarantine or remove this file from the system leaving other components behind. Thus, it give an error messages every time you start your computer: More

Error loading C:\progra~1\mywebs~1\bar\1.bin\MSWBAR.dll

13 September 2007 9 Comments

Mswbar.dll is a toolbar file that installs with the MyWebSearch toolbar. This toolbar add-on is bundled with various freeware applications that can be donwloaded from the internet for free. More