GPanswers.com Community sponsored by
|
GPanswers.com Community sponsored by
|
03-05-2010, 04:30 PM
|
|||
|
|||
Modifying Disable Autorun policy
Instead of that dropdown list, I would like to use checkboxes to have the template adequately reflect the registry options: Bit 2 - Removable drives (including USB) 3 - Fixed drives 4 - Network drives 5 - CD-ROM drives 6 - RAM disks 7 - Unknown drive types [also bit 0] These bits comprise the hex byte for registry entry NoDriveTypeAutoRun. The default value for Windows XP/Vista/Server2008 is 0x91=145, which disables autorun for Unknown and Network drives. The options offered by Microsoft's system.adm are to: * Add bit 5, making the value 0xB1=177, to disable autorun on [supposedly] CD-ROM drives; however, the value is actually set to 181=0xB5, disabling Removable drives (including USB) as well as the CD-ROM drives indicated in the dropdown list. * Set all bits, making the value 0xFF=255, to disable autorun on all drive types. I want to add bit 2 to the default, making the value 0x95, to disable autorun for USB drives (but allowing CD-ROM drives). The problem is that template system.adm uses a DROPDOWNLIST, as mentioned above, with two wholly inadequate options - disable CD-ROMs or everything. Because the drive types are independent of one another, the DROPDOWNLIST is fundamentally the wrong way to present the options; instead there should be a CHECKBOX for each drive type, with the results bitwise-ORed to produce the registry value. This does not seem like a case for ADMX file, but rather for editing Microsoft's system.adm file. MS advises not to do that, but I don't see a better alternative. Do you? John 
|
 |
| Tags |
| adm, malware, usb |
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
