D+ removable media policy issue.

D+ system allows access to inf files on removable media the programs svhost.exe and explorer.exe when a policy must block their access.

I insert many USB memories on my computer and I need to avoid that autorun.inf malicious files execute themselves or execute other malicious processes for this reason I block access these processes on removable media like CDs or USB storage device.

However, the following policies I apply in my blocked files doesnt work 100% because CIS just blocks access these processes when I try to open them:


Even I have written the policies of the following way:h:\autorun.inf but it doesn’t work either,seeing that CIS allows access the programs svhost.exe and explorer.exe executing instructions from that file.

The policy at the moment I use is: *.inf(block all inf files) for blocking those threats but it just work when USB device has been installed already by Windows. But when media hasn’t been installed and the operating system needs to access inf files in Windows folder this policy blocks that action producing a failure during device installation.

Please! This possible bug could be fix in D+ system programming? since it is very useful to me, avoiding me unnecessary alerts to insert infected removable media.

Maybe you should add ‘autorun.inf’ to ‘My Blocked Files’, I have and the behavior should be as follows: Windows shouldn’t be able to access the file in any drive (fixed or removable) but you won’t be able to deleted or view/edit it to see if it contains malware installation procedures.

Moved tot he wish boards as it is more appropriate there.