DeepGuard exclusion settings

Does anyone know whether it is possible to exlude a full directory, or a wildcarded filename to the DeepGuard allowed programs list?

 

Some idiot thought it would be a good idea to randomly generate the filename for an executable, so even after I allow the specific file to run, the program just creates a file with a new name, and that one gets blocked again.

Best Answer

Answers

  • FestucoFestuco Posts: 3

    Thanks, but I'm not entirely sure that that helps me. These articles seem to be about exclusion for a virusscan, and my issue is with the DeepGuard function that kicks in when I try to run the program.

     

    Or is there a DeepGuard configuration option that allows those types of exclusions as well? in that case I haven't been able to find it.

  • MJ-perCompMJ-perComp Posts: 1,098

    It is the same list. I just tested it!

  • FestucoFestuco Posts: 3

    I would never have expected that from looking at the settings in the UI, but am very glad that you are absolutely right.

     

    Thank you very much!

  • beikerbeiker Posts: 33

    Works right here too. Brilliant! 

  • etomcatetomcat Posts: 1,311

    Hello,

     

    I think exclusions can be done in FSPM (F-Secure Root / DeepGuard / Setting / Applications) by specifying the SHA-1 checksum(s) of the trusted object(s).

     

    This method should be OK for randomly named executables, as long as the code is not also self-modifying.

     

    Regards: Tamas Feher, Hungary.

This discussion has been closed.