This policy setting ignores customized run-once lists. You can create a customized list of additional programs and documents that are started automatically the next time the system starts (but not thereafter). These programs are added to the standard list of programs and services that the system starts. If you enable this policy setting, the system ignores the run-once list. If you disable or do not configure this policy setting, the system runs the programs in the run-once list. This policy setting appears in the Computer Configuration and User Configuration folders. If both policy settings are configured, the policy setting in Computer Configuration takes precedence over the policy setting in User Configuration. Note: Customized run-once lists are stored in the registry in HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce. Also, see the ""Do not process the legacy run list"" policy setting. Countermeasure: Configure the Do not process the run once list setting to Enabled. Potential Impact: If you enable the Do not process the run once list setting you should experience minimal functionality loss for users in your environment, especially if the clients have been configured with all of your organization's standard software before you apply this setting through Group Policy. However, this configuration may prevent some setup and installation programs, such as Internet Explorer, from working properly.

[enabled/disabled]

(1) GPO: Computer Configuration\\Administrative Templates\\System\\Logon\\Do not process the run once list (2) REG: HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer!DisableLocalMachineRunOnce