Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 10290 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

User %temp% folder exclusion

capman

Hi All,

Scenerio: We are running software that cannot be scanned by anti-virus. It resides in the users %temp%/gss folder.

I know Sophos doesn't allow shortcuts in the path, ie %temp%. (Symantec does...) ;)  anyways...  

So... I have went to the client and inserted the full path c:\DOCUME~1\LOCAL~1\etc\etc\%temp%\gss and it works. But wait. When I go back to the Enterprise Console, it states that the computer is using a different policy and is flagged. 

I DO NOT want to see every computer flagged. The only way I went around this was to create a policy for every user. Surely there is a better way to do this! 

Any help would be great! 

Thank you,

:37537


This thread was automatically locked due to age.
Parents
  • 0

    Hello capman,

    software that cannot be scanned

    while there are scenarios where scanning has an adverse effect this is often caused by "unfortunate" design. Furthermore running from a local location isn't best practice. Anyway, there's probably not much you can do about it short-term. BTW: Do I understand correctly that it runs from a folder named %temp% under the user's %TEMP% directory - or did you just mistype the full path?

    Now, one way around it would be excluding files (which introduces some additional risk) - while cumbersome it could be done with a general policy. But given the rest of the "design" I fear the application also uses random names.

    Christian

    :37543
Reply
  • 0

    Hello capman,

    software that cannot be scanned

    while there are scenarios where scanning has an adverse effect this is often caused by "unfortunate" design. Furthermore running from a local location isn't best practice. Anyway, there's probably not much you can do about it short-term. BTW: Do I understand correctly that it runs from a folder named %temp% under the user's %TEMP% directory - or did you just mistype the full path?

    Now, one way around it would be excluding files (which introduces some additional risk) - while cumbersome it could be done with a general policy. But given the rest of the "design" I fear the application also uses random names.

    Christian

    :37543
Children
No Data