Nowadays many viruses and malware spread using portable media like pendrives, players or DVDs. This is possible thanks to the autorun feature which is in every Windows operating system (95 or newer). You can find a lot of guides in the internet telling how to disable the autorun in Windows. However I noticed, that in most cases the guides are not accurate – they do disable the autorun yet they don’t prevent the autorun.inf file from being analyzed by the system. Thanks to that, the system will not execute commands from autorun.inf file by itself but if you double click the removable disk icon, the system will execute the default command from autorun.inf file and thus install the malware.
Fortunately, I found a way to prevent the system from reading the autorun.inf file at all resulting in completely disabled autorun feature. It is done by creating a new key in the registry. The key that must be created is:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf
with its default value set to:SYS:DoesNotExist
After creating mentioned key and restarting the shell by killing explorer.exe process, logging out or rebooting, the autorun feature in the whole system will be completely disabled allowing everyone to plug any portable devices without worrying about malware anymore.