Versions Compared

Old Version 1

changes.mady.by.user Anonymous

Saved on

compared with

New Version Current

changes.mady.by.user Max Pinion (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Quarantine Files

This scenario shows you how to quarantine a known malicious application.

Scenario

...

description

Copy and rename cmd.exe: "C:\Virus\malicious application.exe".

Scenario

...

resolution

...

  1. On the managed computer, create the Microsoft Word document

...

  1. C:\document\important document.doc.

...

  1. In the Altiris Console, select the Tasks tab.

...

  1. In the left pane, select Tasks > Security Management > Application Control >
    Windows > Application Control Tasks > Manage Applications.

...

  1. In the right pane, click

...

  1. Image Added and select Quarantine an application policy.

...

  1. In Step 1 of the Application Control Wizard, click Next.

...

  1. In Step 2, click the Include link.

...

  1. In the Items Selector dialog, click

...

  1. Image Added, and select Dynamically Evaluated Filters

...

  1. > Win32 Executable File Filter.

...

  1. In the Win32 Executable File Filter dialog, enter the following in the appropriate fields:

    ...

      • Name - Quarantine Malicious Applications

    ...

      • File Name - Malicious application.exe

    ...

    1. Click Apply and close the dialog.

    ...

    1. In the Items Selector dialog, click

    ...

    1. Image Added, select the newWin32 Executable File

    ...

    1. Filter, and click Apply.

    ...

    1. In Step 3, Enable the policy, configure the policy as follows, and click Apply:

      ...

        • Name - Quarantine Malicious Applications.

      ...

        • Description - This is a sample policy for demonstrating the quarantine capabilities of Application Control Solution.

      ...

      1. Run malicious application.exe on the managed computer.

      ...

      1. A message appears and the file is moved to C:\quarantined files.