i read in mcafee link how can i block or prevent auto execution of autorun.inf. well i configure that in my ePo and then i propagate the policy in my test clients but my cds always execute autorun.inf.
I setup this through two methods:
1. - From access protection / defined users rules / files and folders block / ... (view the attached file)
2.- From the "standard antivirus protection"
but anyhting give the results that i want.
My pc clients are with dat and engine updated. and my another policies run ok.
Solved! Go to Solution.
I'm not so sure but I think this rule would not work for every process despite the * in the Include processes field. I would imagine that the SYSTEM process cannot be restricted in this way. Maybe someone else more knowledgeable can confirm (or deny) this with evidence.
To enable/disable execution of autorun.inf files in Windows, read this link, for example: http://autorun.moonvalley.com/enable.htm
You can use \autorun.inf to block autorun.inf files only on root directories like c:\autorun.inf, etc....
But you can read/write/create autorun.inf files in subfolders like c:\temp\autorun.inf, etc....