Every time I print I get a Defense+ alert.
It references the program trying to create a new print spooler file eg:
c:\windows\system32\spool\printers\nnnnnnn.spl
Remebering the answer doesn’t seem to help because the filename is different every time
How can I permanently allow any program to write files in this directory, or otherwise avoid having to confirm every print?
Thanks
[attachment deleted by admin]
Welcome to the forum JoTraGo 
Please just change one of the saved rules to c:\windows\system32\spool\printers*.spl
Dennis
I found 1 application with permission to a spool file.
Does this mean I am going to have to modify an entry for every program that prints?
Surely there must be a more elegant way of doing this.
Can I allow any program to write a *.spl file to that directory?
Create a file group of all the programs that write a *.spl file to that directory. Go to My Protected Files → Groups → Add → New Group (name it whatever you want to). Then go to Computer Security Policy → Add → Select → “Your File Group”. Now for that group, modify the file/folder access rights by adding the directory to which they write to. Access Rights → Modify “Protected Files/Folders”
Thanks for the response, I did try this and it works, however it seems overly complicated, particularly since every program that can print will have to be added to the group, and who knows where to find all those exes.
Can I not simply exclude the spool directory or .spl files from being checked by defense.
Tks