Disable hard disk Autorun to prevent hacker intrusion

Enter Regedit in "run" in the "Start" menu, open the Registry Editor, expand to the HKEY_CURRENT_USERSoftwareMicrosoft \ Windows \ CurrentVersion \ Policies \ Exploer primary key, and find "NoDriveTypeAutoRun" in the right pane ", this key determines whether to perform the AutoRun function of the CDROM or hard disk.

Double-click "NoDriveTypeAutoRun". By default (that is, you have not disabled the AutoRun function), the default value of "NoDriveTypeAutoRun" is, and 00 in the pop-up window. The first value "95" is a hexadecimal value, which is the sum of all devices that are disabled to run automatically. Convert "95" to binary 1001 01, where each

Bits represent a device. In Windows, different devices are represented by the following values:

The device name. The device name must contain the following values:

Device type that cannot be identified by DKIVE_UNKNOWN 0101h

DRIVE_NO_ROOT_DIR 1002 h Drive without the root directory (Drive without root directory)

DRIVE_REMOVABLE2104h Removable drive)

DRIVE_FIXED3008h Fixed drive (Fixed drive)

DRIVE_REMOTE 4110h Network drive)

DRIVE_CDROM5020h optical drive (CD-ROM)

DRIVE_RAMDISK 6040 h RAM Disk (RAM disk) retains the drive type Not specified for 7180h (Not yet specified drive Disk)

The value 0 in the table listed above indicates that the device is running, and the value 1 indicates that the device is not running (by default, windows prohibits the automatic operation of devices such as 80 h, 10 h, 4 h, and 01h. The value accumulation is exactly 95 h in hexadecimal format. Therefore, NoDriveTypeAutoRun "has a default key value of, 00, 0 ).

From the above analysis, it is not difficult to see that by default, the four Reserved devices that will automatically run are DRIVE_NO_ROOT_DIR, DRIVE_FIXED, DRIVE_CDROM:, and DRIVE_RAMDISK. Therefore, you must disable AutoRun from automatically running the hard disk. in the inf file, the value of DRIVE_FIXED must be set to 1, because DRIVE_FIXED represents a fixed drive, that is, a hard disk. In this way, the original 1 00101 01 (from bottom to top in the "value" column of the table) is changed to the binary 10011101, And the hexadecimal value is 9D. Now, change the "No Drive Type AutoRun" key value to 9D, 00, 00. Close the Registry Editor and restart the computer to disable the AutoRun function of the hard disk.

How can I disable the optical disc AutoRun function? In fact, it is to set DRIVE_CDROM to 1, so that the first value in the "No Drive TypeAutoRun" key value is 10110101, that is, the hexadecimal B5. Change the first value to B5 and disable the Registry Editor. After the computer is restarted, the Autorun function of CDROM is disabled. If you only want to disable the AutoRun function of the software disc, but retain the automatic playback capability of the CD audio disc, you only need to change the "No Drive Type AutoRun" key value to: BD, 00, 00, 00. If you want to restore the AutoRun function of the hard drive or optical drive, perform the inverse operation in the direction.

In fact, AutoRun is not required for the root H directory of most hard disks. inf file to run the program, so we can completely disable the AutoRun function of the hard disk, even if there is AutoRun under the root directory of the hard disk. windows does not run the specified program to prevent hackers from using AutoRun. inf file intrusion.