Thursday, December 31, 2009

Methods to disable Autorun and/or AutoPlay

Autorun: the execution of autorun.inf files on removable media. Windows XP allows automatic autorun.inf execution at media insertion and as the default double-click action for the media icon. Vista/7 disables automatic autorun.inf execution at media insertion, but allows autorun.inf execution as default double click action for the media icon.

AutoPlay: dialog box that presents options when mounting removable media/devices. In Vista/7, the dialog box includes an option corresponding to the autorun.inf file on the mounted media.

-Disable AutoPlay AND Autorun-
Group Policy Editor method:(available in XP/Vista/7 Professional editions and above)

XP: start>run>gpedit.msc, Computer/User Configuration\Administrative Templates\System\Turn off Autoplay, click enable, choose 'All Drives' from the combo box.

Vista/7: start>run>gpedit.msc, Computer/User Configuration\Administrative Templates\Windows Components\AutoPlay Policies\Turn off Autoplay, click enabled, choose 'All Drives' from the combo box

The above procedures set the "NoDriveTypeAutoRun" registry key, which can be manually set in the absence of Group Policy Editor (XP/Vista/7 Home/Basic editions)

Registry:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000ff - xp/vista requires patch to work properly (see first link)
"NoAutorun"=dword:00000001 - vista/7 - disables autorun on device insert/connection, but double clicking device still executes autorun.inf


The following updates are required for the above method to work properly (see first link)
**To disable the Autorun functionality in Windows Vista or in Windows Server 2008, you must have security update 950582 installed (security bulletin MS08-038).

To disable the Autorun functionality in Windows XP, Windows Server 2003, or Windows 2000, you must have security update 950582, 967715, or 953252 installed.**


-Other less ideal methods-

-Disables display of the AutoPlay option that corresponds to the autorun.inf file, but allows autorun.inf execution as default double click action for the media icon-
Vista/7: start>run>gpedit.msc, Computer/User Configuration\Administrative Templates\Windows Components\AutoPlay Policies\Default behavior for AutoRun, click enabled, choose 'Do not execute any autorun commands' from the combo box

The above procedure sets the "NoAutorun" registry key (see above), which can be manually set in the absence of Group Policy Editor (XP/Vista/7 Home/Basic editions)


-Disables AutoPlay dialog on media insertion in Vista/7,but allows autorun.inf execution as default double click action for the media icon-
Control Panel\All Control Panel Items\AutoPlay, uncheck "Use AutoPlay for all media and devices"

-Disables AutoPlay dialog in XP, but does not disable autorun.inf execution on media insertion or as default double click action for the media icon-
In 'My Computer', right-click on the desired device, select 'AutoPlay' and select 'Take no Action

-Disables Autorun by way of disabling MCN (Media Change Notifications) on the optical disk drive(s) only, also known as Auto Insert Notification, can cause other issues. (see links)-
[HKLM\SYSTEM\CurrentControlSet\Services\Cdrom]
"Autorun"=dword:00000000
"AutoRunAlwaysDisable"=hex: - (see links)

-Disables parsing of autorun.inf files-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"

-Disables AutoPlay notifications per drive letter-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveAutoRun"=dword: - (set by tweakui in XP, not set by group policy, see links)

-Disables "notifications for AutoPlay hardware events"-
start>run>services.msc, stop and disable the 'Shell Hardware Detection' service

Links:
http://support.microsoft.com/kb/967715
http://support.microsoft.com/kb/953252
http://www.insidetheregistry.com/regdatabase/viewvalue.aspx?valueid=172
http://technet.microsoft.com/en-us/library/cc976182.aspx
http://technet.microsoft.com/en-us/library/cc960238.aspx
http://technet.microsoft.com/en-us/library/cc959387.aspx
https://www.kb.cert.org/vuls/id/889747
http://www.us-cert.gov/cas/techalerts/TA09-020A.html
http://www.annoyances.org/exec/forum/winxp/1151603426
http://www.dslreports.com/forum/r21106365-Autorun-vs-Autoplay
http://ask-leo.com/how_do_i_really_disable_autoplay_in_windows_xp.html
http://ask-leo.com/is_autorun_really_that_evil_and_if_so_how_do_i_turn_autorun_off.html
http://www.howtogeek.com/howto/windows/disable-autoplay-of-audio-cds-and-usb-drives/

Isn't Windows frustrating?!?!

No comments:

Post a Comment