Prevent malicious applications from running

This scenario shows you how to prevent the end user from running cmd.exe.

Scenario description

In this scenario:

  • The end user has run C:\windows\system32\cmd.exe at least once since the
    Application Control Agent was installed.
  • File Inventory Agent has returned file inventory to the Notification Server.

Scenario resolution

To automatically encrypt Microsoft Excel spreadsheets, perform the following steps:

  • In the Symantec Management Console, on the Home menu, click Arellia > Application Control
  • In the left pane, select Policies > Application Control >Manage Applications


  • In the right pane, enter "cmd" in the Win32 Executable field and click Refresh.
  • Select all rows of the grid and click the Blacklist button.
  • Run Collection Delta Update Schedule. For instructions, see Notification Server Help.
  • Enable the Deny Blacklist execution policy. See Manage applications.
  • On a managed computer, start cmd.exe. The cmd.exe will not start and you receive a system tray message.