We've only just started using AppLocker and have discovered an annoying querk.
The EXE/DLL rules seem to be blocking certain parts of ECDL from running.
In the event log it captures the following "%OSDRIVE%\USERS\USERNAME\APPDATA\LOCAL\TEMP\ET2.G DCEDHEF\FOCUS.BIN was prevented from running."
Has anyone else encountered this? Any suggestions on how to whitelist this?
The "ET2.GDCEDHEF" folder is random for each user and I'm a little wary of adding a wildcard whitelist for "%OSDRIVE%\USERS\USERNAME\APPDATA\LOCAL\TEMP\* "
The *.BIN file has no signed Publisher so I can't set up a publisher rule and the EXE/DLL portion of AppLocker wont let me create a Hash rule for a *.BIN file!
There are currently 1 users browsing this thread. (0 members and 1 guests)