May 31 2008

Disable Autorun in Vista to Protect Against Malware Infections

anti-virus old school All recent versions of widows contain features called AutoPlay and AutoRun. AutoPlay lets you choose which program to use to start different kinds of media, such as music CDs, or CDs or DVDs containing photos. For example, the first time you try to play a music CD, AutoPlay asks which media player you want to use, if you have more than one installed on your computer. You can change AutoPlay settings for each media type.


Autorun is the technology used to start many programs or enhanced content (such as videos on a music CD) automatically when you insert a CD or USB drives into your computer. This is different from AutoPlay, but the result are the same, when inserted, the CD or USB drive starts automatically, using a particular program. Autorun is incorporated into the media types that use it, and you can’t modify it.

When a disc is inserted or a drive is connected to your computer, Windows looks in the root directory of the disc or drive for a file named autorun.inf. If found, Windows executes the instructions in that file. ( whether it be start the music or install the virus.)

For example, an autorun.inf file on a CD might contain a line that reads open=setup.exe. This tells your computer to launch a setup program as soon as the CD is inserted into the drive

Now I know what your thinking why not just disable it in the Control Panel.

Adjust Autoplay
and you can but as soon as you open the drive from My computer or Windows explorer Windows will still execute the instructions found in autorun.inf file.

You might also believe that you could protect yourself from AutoRun by editing two keys in the Registry known as NoDriveAutoRun and NoDriveTypeAutoRun, but it has been shown that these keys can be overridden by a little-known registry key called MountPoints2 which contains cached information about every memory stick or other removable device that your PC has ever seen, and that overrides the NoDriveTypeAutoRun value if you insert a device which the PC already knows about.

The solution to this problem is to globally block autorun.inf files from executing without using the dialog boxes in Vista to do this. Here’s how:

  1. Start Notepad or any text editor.
  2. Copy the text below into the text editor, [everything between the square brackets should be all on one line]REGEDIT4
  3. Save it to your desktop as NoAutoRun.reg. Make sure the extension is .reg and not .txt.
  4. Right-click your new .reg file and choose Merge.
  5. If you are prompted for an administrator password or for a confirmation, type the password, or click Continue.
  6. Click Yes when you’re asked “Are you sure you want to add the information in C:NoAutoRun.reg to the registry?”

Now the next time you insert a flash drive, CD, DVD, or other removable disc into your system, Windows will not execute the information in any autorun.inf file that may be present. The downside of this is that when you insert a CD or DVD with software on it, you have to find the setup program using My Computer or Windows Explorer and launch it yourself. But I think that’s a small price to pay for the increased security.

Copyright ? All Rights Reserved.

Please visit our new site at The3List Why Do Bad Things Happen In 3"s.

  • Change which programs Windows uses by default
  • Add 3D Pinball To Windows Vista
  • Running Vista’s Compatibility Mode
  • Working With System Restore
  • Remote Differential Compression And Your Vista Network Part 2
  • TAGS:

    2 Comments on this post


    1. Tabish said:

      Hello Kevin,

      Do yo have a file that reverses these changes? I forgot to backup the registry!


      July 12th, 2010 at 6:32 pm
    2. Kevin said:

      @ Tabish, sorry no

      July 15th, 2010 at 6:11 pm


    Subscribe Form

    Subscribe to Blog


    Recent Comments

    Recent Readers