19

My workplace has a bunch of Razer mice.

Every now and again when I plug in my a Razer mouse to my Windows 10 machine I get a malware screen from Razer prompting me to install Razer Synapse software.

Despite having a prompt to “Never Install,” it continues to prompt me to install it occasionally.

The things that can bring up the prompt again include:

  • Plugging in a new/different Razer mouse.
  • Uninstalling/reinstalling USB root hub.
  • Random other reasons I’m not certain of.

This is getting very annoying. In the future we will not buy razor products but with the current line of devices, is there a way to prevent this from happening?

I have asked on the Razer forums but they have gone as far as to delete my followup posts on this issue, so thought to ask here.

enter image description here

enter image description here

Giacomo1968
  • 53,069
  • 19
  • 162
  • 212
fostandy
  • 1,069
  • 3
  • 15
  • 29
  • Honestly? Your best bet is to just buy different hardware. Razer is horrible when it comes to this kind of crap. – Zoredache Feb 27 '18 at 22:14
  • I would just delete the executable and remove any reference to Razor software in the registry – Ramhound Feb 27 '18 at 23:00
  • 3
    @Zoredache yeah. I'll be recommending we do not purchase Razor software in the future. Consider it an instructive lesson I guess – fostandy Mar 19 '18 at 05:54
  • @Ramhound to be clear this occurs on a clean install of windows 10. I haven't installed the Razor software and do not desire to. I'm not sure if you're suggesting I install the software in order to tell it not to install, or something else? – fostandy Mar 19 '18 at 06:14
  • Undesired software is not malware. Malware refers to viruses, ramsomware, etc. – marcus Nov 30 '21 at 17:18

5 Answers5

11

Unfortunately, the answer by Ugbutt85 doesn't solve the issue for me. Every time I plug my Death Adder mouse, the folder C:\Windows\Installer\Razer is recreated, some 13 Mb of crapware is written to it, and started automatically.

Steps to reproduce:

  • plug the device in;
  • go to the "Bluetooth & other devices" Windows Settings;
  • find the device in the list, click it and select "Remove device";
  • confirm the device removal;
  • disconnect the device and connect in again;
  • the Razer Installer is started from C:\Windows\Installer\Razer.

My solution is the following: delete the C:\Windows\Installer\Razer folder and create an empty file with the same name instead. Next time you plug your mouse in, the software will fail to create the Razer folder (because a file with the same name already exists), and no installation will commence.

PS: Editing the Group Policy as described here https://support.microsoft.com/en-gb/help/2500967/how-to-stop-windows-7-automatically-installing-drivers did not help me at all with this issue.

Giacomo1968
  • 53,069
  • 19
  • 162
  • 212
AlexIlin
  • 119
  • 1
  • 4
3

Following @Poads advice, I've had success stopping the automatic install pop-up with my Ornata Chroma & BlackWidow Chroma V2 keyboard by doing the following (you will need admin rights to do this):

  1. Plug in the Razer device & cancel the auto-launched installer
  2. In File Explorer, go to C:\Windows\Installer\Razer\Installer (you may have to actually type it in, as explorer does not list the Installer folder within the Windows folder, even with hidden/system files showing)
  3. Right click RazerInstaller.exe, then click Properties, then the Security tab, and then Edit.
  4. With Everyone selected, check Deny for Read & execute, then click Ok. Windows Security will prompt you with a warning about setting denied permission entries, and about changing permission within system files and folders. Click Yes for both of them.

Doing this stopped any install pop-ups for me, no matter which port I plugged into. You can confirm that this method works by:

  1. Re-granting security permissions to Everyone. Open Properties -> Security Tab, then click Advanced, and then Continue. Double click Everyone, then change Deny in the drop down to Allow.
  2. Click Yes on the Windows Security warning, then click Ok.
  3. Open Device Manager, expand Human Interface Devices, and find the Razer device on the list.
  4. Right click on the Razer device, and select Uninstall device. When prompted to confirm that you want to remove it, check the box to Delete the driver software for this device, then click Ok.
  5. After the device is uninstalled, unplug the device from the USB port, and then plug it back into the same port(s). The installer pop-up will launch shortly after.

After that you can re-disable it again. I only had to do this fix once, and it suppressed the auto-launch for both my keyboards on any USB port.

brainsharts
  • 31
  • 1
2

I do not know if it is a solution... but I removed inside folder from C:\Windows\Installer\Razer, then edited user rights on the folder, so that everyone and system are deny'ed access, and then I did not get the installation anymore.

user1645511
  • 21
  • 1
1

If I am not mistaken, the mouse probably declares itself to the computer as both a mouse and a pendrive, so it can autoinstall the "drivers". I'm afraid the only option here is to disable "autorun" for any pendrive:

  • Open Settings.
  • Click on Devices.
  • Click on AutoPlay.
  • Turn off the Use AutoPlay for all media and devices toggle switch.
  • To be on the safe side, change to "do nothing" for remobable drives and memory cards.
NuTTyX
  • 2,628
  • 11
  • 15
  • 1
    Many Razer devices indeed do this. But disabling autorun doesn't help. It also briefly fakes a keyboard and it "types" the command needed to run the software launcher as if you had started it yourself via Windows-key+R. A so-called rubber-ducky attack. – Tonny Jul 16 '20 at 13:46
  • I had never expected a company would do such a thing as to fake keyboard input to try to install itself. So then the solution must include a windows policy to prevent installation of devices, whitelisting the "mouse" part (and any other "allowed devices" connected by USB), etc... Way too much trouble to use a green-on-black mouse without that software. I'll never get any razer product. Thanks – NuTTyX Jul 16 '20 at 14:07
  • 1
    We found out about this "feature" some years ago when someone plugged a Razor mouse in a high security workstation and it triggered the rubber-ducky alert (unexpected 2nd keyboard detected). – Tonny Jul 16 '20 at 14:14
  • @Tonny I hope the employee wasn't disciplined as a result of that. – flarn2006 Oct 01 '21 at 23:37
  • 1
    @flarn2006 He got a very stern talking to and a warning not to do that again. Byod isn’t allowed in our company and everybody knows that. He didn’t like the supplied mouse and brought his own from home. (A mouse can’t hurt, right?) If he had just asked the IT department would have given him a whole box with various mice to try out. If that didn’t work out we could have ordered something else as well. We are used to dealing with that. Standard mouse (or keyboard) doesn’t work for everyone. – Tonny Oct 02 '21 at 16:38
  • @Tonny: Is there a specific reason why the policy applies even to mice and keyboards? – flarn2006 Oct 04 '21 at 02:37
  • 1
    @flarn2006 Rubber Ducky attacks. You can never know from the outside, what is really inside an USB device. Our company has a lot of customers in highly regulated industries like banks, government institutions, the UN, military (including NATO), health care institutions. We need to maintain high security standards ourselves to protect ourselves, our customers data and be compliant with regulations. Of course exceptions can be made, but the device has to be checked by IT first. We do that for really special devices, like braille keyboards and screen-readers for disabled employees. – Tonny Oct 04 '21 at 07:50
0

I decided to simply delete the Razer exe that's being opened on startup. I then replaced it with a Dummy EXE with the same exact name. I made a empty batch file then converted it to an exe... So far no more popups or issues

I understand this may not be ideal for a worksite of computers, but it's an easy solution for personal users

Poads
  • 1