Application Control Policy for psexec.exe
This is an Application Control Policy used to block psexec.exe.
This policy will block psexec.exe based on:
The action is block and notification is set to display a pop up.
There is a backdoor in the policy. If you run it with the following argument SEP will allow it to run:
To import you will first want to download the .dat policy file
1. Open the Application Control Policy that displays the various pre-built templates.
2. Right click in the white area and select Import Policy.
3. Select this .dat file (unzip the file first)
4. It will notifiy you that the name is the same as other policies so just add any new name and hit okay
5. You will get two other notifications about the name being the same and just cancel these.
6. This policy should now have been added to all of the templates.