Endpoint Protection

 View Only

  • 1.  How to block a whole folder through Application and Device controll

    Posted Aug 12, 2009 01:31 AM
    I want to create a application & device controll policy to block all the files within the folder below.I can see inmy logs that all the files in this folder are infected with Downadup so want to block the folder from SEPM so that no files can be active from this folder. Is there any way to do it. or can I move this folder to quarentine folder on client   from SEPM .

    C:/WINDOWS/system32/config/systemprofile/Local Settings/Temporary Internet Files/Content.IE5/4LINWHUR/

    C:/WINNT/System32/awyjomia.yl

    This would be  a great help for me .


  • 2.  RE: How to block a whole folder through Application and Device controll

    Posted Aug 12, 2009 02:36 AM
    I guess you want to block all the contents of the folder.

    For that select Block application from running.
    Add both the location

    C:/WINDOWS/system32/config/systemprofile/Local Settings/Temporary Internet Files/Content.IE5/4LINWHUR/*

    C:/WINNT/System32/awyjomia.yl

    it will block anything inside this folder..I have tested it in my Test Environment.



  • 3.  RE: How to block a whole folder through Application and Device controll

    Posted Aug 12, 2009 06:38 AM
    Thanks
    yes I want to block the contents of the folder for first one and perticular file inside system32


  • 4.  RE: How to block a whole folder through Application and Device controll
    Best Answer

    Posted Aug 12, 2009 11:13 AM
     If you configure the the above rule just put a \* after the folder name and it will blcok all contents of the folder from executing then add the second file with the whole path and it will work.