How to set "allow" or "deny" statements without going into app

[Guest]

Is there a specific file where all Service Exceptions are kept?

Ex. I install, or launch an application which installs and automatically
starts a service. At this point, Real-Time Scan detects the service start
and prompts you, asking you to Allow or Deny the service. For those services
that you chose to Always Allow, where file are these settings stored in?

I would like to have the ability to manage the access list by editing a file
rather then having to launch AntiSpyware, and start a service to have it
flagged at which point I can Allow it.

Is this possible? Any help is greatly appreciated.

Thanks,
-Mark D.

 

[Guest]

Mark, There is no single file for the info you are looking for.You can go to
'Real Time Protection' and check 'View All Events' but this includes blocked
and allowed events.Or you can go to 'Real Time Protection'/Security Agents'
and check for each agent 'Manage Allowed/Blocked Events'.Unfortunately this
means checking all 59 agents individualy.No quick fix available that I know
of at the moment.

 

[Bill Sanderson]

In the current beta, these settings live in the .gcd files in the
installation folder. These are a proprietary binary format and are not
documented. The nearest thing to what you are trying to do that I've heard
suggested, is setting a machine up with all the relevant settings, and then
copying the file which records those settings (or perhaps all the .gcd
files) to other machines.

I wouldn't recommend putting significant effort into this--this mechanism is
unlikely to continue with beta2. They've said that beta2 will be available
within the next 6 months, but it may, in fact, be available quite a bit
sooner than that.