MangalMan's Perspective.

Apparently auto run was still running even if users disabled it through registry method or from gpedit. Finally though after a report from us-cert(Computer Emergency Readiness Team) highlighted this issue after this was successfully exploited by recently most talked about network aware worm called conflicker aka Downadup aka kido.

I am quoting us-cert statement here.

“The Autorun and NoDriveTypeAutorun registry values are both ineffective for fully disabling AutoRun capabilities on Microsoft Windows systems. Setting the Autorun registry value to 0 will not prevent newly connected devices from automatically running code specified in the Autorun.inf file. It will, however, disable Media Change Notification (MCN) messages, which may prevent Windows from detecting when a CD or DVD is changed. According to Microsoft, setting the NoDriveTypeAutorun registry value to 0xFF "disables Autoplay on all types of drives." Even with this value set, Windows may execute arbitrary code when the user clicks the icon for the device in Windows Explorer.”

What do you do then? One might ask. Well you download this reg file here and double click for XP.And then restart the computer.

For Vista

• Go to Windows Menu - All Programs - Accessories.
• Right-click on "Command Prompt" and choose "Run as Administrator".
• At the Command Prompt, run "regedit".
• In the Registry Editor program, go to File - Import, and open the noautorun.reg file you just downloaded . You should get a confirmation that the file was imported.Now close the registry editor.
• Restart the computer!

What does this have inside?

It has the following lines

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"

This i kinda temporary fix. No don’t thank me for this one thank Nick Brown and his pal instead.

What will it do?

It will disable the autorun for good.

Why is my cd not running automatically after i do this ?

Hmmmmmm you tell me…

You might want to follow official channel advice. If that is the case you need to download a patch KB953252 from microsoft website and follow their advice. If you are stuck in a XP box (may be that is good!!!???!!%@#^) that is.

After installing this patch NoDriveTypeAutorun should work the way it is supposed to work.If you are unsure whether you have the patch installed in your computer then I can help check here. It will tell you if or not you have it installed.