TurionAltec Posted April 1, 2009 Share Posted April 1, 2009 Since Autorun is an attack vector of Conflicker, I came up with this script to simply disable Autorun completely for all devices. That way I can easily deploy it to all the users I support. Just run it and it will try to deactivate it. If there's a problem it will tell you. expandcollapse popup;Autorunoff ;Simple script to disable Autorun, attempting both globally (HKLM) and locally (HKCU) ;0xff corresponds to all devices. Default is 0x91. It is set bitwise according to: ;http://www.computerperformance.co.uk/vista/vista_registry_autorun.htm #RequireAdmin $CUautoReturn=Regwrite("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer", "NoDriveTypeAutoRun","REG_DWORD",0xff) $LMautoReturn=RegWrite("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer","NoDriveTypeAutoRun","REG_DWORD",0xff) $LMHonorReturn=RegWrite("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer","HonorAutoRunSetting","REG_DWORD",0x1) ;Success writing returns 1 $CUautoRead=RegRead("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer", "NoDriveTypeAutoRun") $LMautoRead=RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer","NoDriveTypeAutoRun") $LMHonorRead=RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer","HonorAutoRunSetting") ;Debug lines for testing conditions ;$CUautoReturn=0 ;$LMautoReturn=0 ;$LMHonorReturn=0 ;$CUautoRead=0xff ;$LMautoRead=0xff ;$LMHonorRead=0x1 ;Smooth sailing If $CUautoReturn=1 AND $LMautoReturn=1 AND $LMHonorReturn=1 AND $CUautoRead=0xff AND $LMautoRead=0xff AND $LMHonorRead=1 Then Msgbox(64,"Success", "Autorun successfully disabled!") Exit EndIf ;Warning ->Values correct, problem writing If ($CUautoReturn<>1 OR $LMautoReturn<>1 OR $LMHonorReturn<>1) AND $CUautoRead=0xff AND $LMautoRead=0xff AND $LMHonorRead=1 Then $outputString= "All values correctly set, however there was a problem writing to " If $CUautoReturn<>0 Then $outputString=$outputString&@CRLF&"HKCU NoDriveTypeAutoRun" If $LMautoReturn<>0 Then $outputString=$outputString&@CRLF&"HKLM NoDriveTypeAutoRun" If $LMHonorReturn<>0 Then $outputString=$outputString&@CRLF&"HKLM HonorAutoRunSetting" msgbox(48, "Autorun WARNING", $outputString) Exit EndIf ;Error ->Incorrect Values $outputString="Some values were incorrectly set!" ;Test $CUautoRead If $CUautoRead= 0xff Then $outputString=$outputString&@CRLF&"CORRECT HKCU NoDriveTypeAutoRun set to 0xff" Else $outputString=$outputString&@CRLF&"ERROR HKCU NoDriveTypeAutoRun set to 0x"&hex($CUautoRead,2)& " NOT 0xff" EndIf ;Test $LMautoRead If $LMautoRead=0xff Then $outputString=$outputString&@CRLF&"CORRECT HKLM NoDriveTypeAutoRun set to 0xff" Else $outputString=$outputString&@CRLF&"ERROR HKLM NoDriveTypeAutoRun set to 0x"&hex($LMautoRead,2)& " NOT 0xff" EndIf ; Test $LMHonorRead If $LMHonorRead=0x1 Then $outputString=$outputString&@CRLF&"CORRECT HKLM HonorAutoRunSetting set to 0x1" Else $outputString=$outputString&@CRLF&"ERROR HKLM HonorAutoRunSetting set to 0x"&hex($LMHonorRead,2)& " NOT 0x1" EndIf Msgbox(16,"Autorun ERROR", $outputString) Exitautorunoff.exe Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now