Disable Autorun.ini – Malwares Loveliest file

Autorun.INI…….Most Loveliest file for malwares. It is the heart of its life for propagation. As most of the users double click the pendrives, infected folders to open them and gets infected.

Look at the contents of a sample autorun file

aCTION=Open folder to view files

It says to execute a file foeuve.exe, a malware. It appears as a folder for the user to lure the user to click on it.

So the way to deal this is, right click the drive to check if it shows “autoplay” in the menu. If it shows autoplay, in most cases the pendrive is infected.

  • Type the drive letter in the Address Bar to open.
  • Enable Show the hidden folders and also uncheck hide
    operating system files in the Folder Options
  • Now you can see virus/Trojan/worm in the Drive, which you should delete.

In many of the cases, all the folders are also infected to contain malwares. So when you double click to open them, you still get infected.


The best way is to disable Autorun

  • Go to Run > regedit
  • In the left pane, open HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer
  • Change the Value of “NoDriveTypeAutoRun” to 95 (Default value is 91)

This will disable autorun from Removable Media, Unknown Drive, Network Share. This value decides which drives to exclude autorun.
To completely disable autorun, Set the value to FF.

Settings for NoDriveTypeAutoRun Registry Entry – Sum the values to decide for which locations autorun should be disabled



0x1 or 0x80

Disables AutoRun on drives of unknown type


Disables AutoRun on removable drives


Disables AutoRun on fixed drives


Disables AutoRun on network drives


Disables AutoRun on CD-ROM drives


Disables AutoRun on RAM disks


Disables AutoRun on all kinds of drives






About wikihead

A Seeker. Information Security Professional, Pursuing Life with Ayurveda.
This entry was posted in Articles and tagged , . Bookmark the permalink.

One Response to Disable Autorun.ini – Malwares Loveliest file

  1. Pingback: USB thumb drives with Read-Only/Write-Protect hardware switch « Eikonal Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s