'|' stands for? ('X:\XXXXX.XXX|')

[Guest]

[gbwzx]

1. I'm a newbie, and I searched a long time for no results.
2. What's the difference between 'C:\XXXXX.XXX' and 'C:\XXXXX.XXX|' ?

Thank you!

[WxMan1]

Dunno where you're seeing this: A file name cannot contain any of the following characters: \ / : * ? " < > |

In general the vertical broken bar is used in scripts as 'pipes'.

[Dennis2]

Hello blattida, in "Protected Files and Folders" CIS window, "|" symbol added to the end of the file and folder path strings protects these files and folders from the Sandboxed and unrecognized applications, but files and folders that do not have "|" symbol are protected only from unrecognized applications. For example,
C:\users\username\desktop*|

[WxMan1]

Were does that come from?  I don't have anything like that.

[HeffeD]

Look in Defense+ -> Computer Security Policy -> Protected Files and Folders.

[WxMan1]

Nothing like that in there.

There are several groups with all the items greyed out.  NONE of the items have a vertical bar anywhere in the pathnmae.  I loaded up the original default configs, nothing in there either.

[HeffeD]

Default Config.

[WxMan1]

Roger that.  I see them now.  OMG!     That's so totally NOT in my custom config.  It was imported from v4.x.whatever the last one was.

Erm, I'm going to have to fix that.   

[WxMan1]

Hey, wait a minute 

Does stuff get added into there somehow auto like?

Because I'm looking in the 'important, like, stuff' group and I have thirteen items.

%windir%\system32\*
%windir%\system\*
%windir%\servicing\*
%windir%\SoftwareDistribution\*
%windir%\system.ini
%windir%\win.ini
%windir%\wininit.ini
%windir%\winstart.bat
%windir%\Tasks\*
?:\boot.ini
?:\autorun.inf
?:\ntdetect.com
?:\ntldr

I'll guarantee that none of those things were put there by me.  That's essentailly default from v4.x.last version.

[HeffeD]

I never actually installed version 4, but I remember version 3 had a longer default list than the one in version 5.

[WxMan1]

Roger that.

Looks like all the extra stuff is addressed with %windir%\*

Qwexion:  what's the diff between C:\Windows* and C:\Windows\*

The former includes all files & folders in C:\Windows but the latter only folders?

[HeffeD]

Looks like all the extra stuff is addressed with %windir%\*

Yeah, but I guess the question is, why didn't they just use that path in the existing versions?

Qwexion:  what's the diff between C:\Windows* and C:\Windows\*

The former includes all files & folders in C:\Windows but the latter only folders?

Good question, but I believe they'll do the exact same thing.

The help file says to protect everything in C:\windows\system32, use C:\windows\system32\*.

However, looking at the way exclusions in the AV work, if you exclude a folder, (navigate to the folder and tell it to exclude) the format CIS adds to the list is C:\foo\bar*, not C:\foo\bar\*. But the two exclusions that come by default have the "\" before the wildcard. For example, C:\Program Files\COMODO\COMODO Internet Security\*.

Why the difference between those you add and the defaults?

So I did a quick test with my music folder because it has both files sitting in the main directory, and folders for all the artists/albums. Using either the My Music\* or My Music* syntax netted the exact same results when I run a scan. (Zero files scanned) So assuming the path syntax for the protected files section works the same as with the AV exclusions, the "\" before the wildcard is irrelevant.

Edit: Added some bold face to the paths.

[gbwzx]

Thanks very much Dennis2.

[gbwzx]

So I did a quick test with my music folder because it has both files sitting in the main directory, and folders for all the artists/albums. Using either the My Music\* or My Music* syntax netted the exact same results when I run a scan. (Zero files scanned) So assuming the path syntax for the protected files section works the same as with the AV exclusions, the "\" before the wildcard is irrelevant.

Edit: Added some bold face to the paths.

the path X:\XXX* contains X:\XXX\*, e.g. there're folder X:\Cloud\ and X:\Cloudcache\, the string X:\Cloud* contains both X:\Cloud\ and X:\Cloudcache\, but X:\Cloud\* only X:\Cloud\.

"*" for string of any length, and "\*" is part of "*".

[WxMan1]

So X:\Cloud* makes implicit reference to X:\Cloud and all of its contents, and also X:\CloudCache and its contents?  What about sub-folders of each?  What about differentiation betwixt sub-folders and folder contents w/out extension?  And what about sub-folders/items contained within subfolders?

[Tags:]