SNAC - network access control to remove registry entries?
Is this possible - > Use Symantec's NAC (SNAC) part of SEP, or actually the proteciton suite of products, to look for specific RUN keys in the registry and remove them if they exist?
In particular, I want to check for Adobe and JAVA update schedulers. These run among everything else and slow things a bit - especially since our users don't have administrative rights and WE control the versions, the updates, what and WHEN via other means anyway.
I know these were intended for "home-owners" and computer novices who don't think to keep their computers clean or updated, but they install by default with upgrades and are a royal pain. There should be different packages for enterprise and government, but since that's not the case, I'm looking for a way to clean-up after Adobe and Oracle.
I am wondering if the HI part of SNAC can look for these keys, if they exist, kill them.
They will be found in
"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""
USERS WILL NOT HAVE RIGHTS since they are not local admins - they only have rights to HKCU, not HKLM