how to whitelist intel .bat files with random names

Hi, I have intel integrated graphics, i5 skylake to be specific, and the system tray graphics control panel is initiated by a .bat file that goes by a random name.

every time the file name changes, COMODO HIPS sees it as an unknown file, and the control panel file doesn’t launch.

This is the command line string as I have it whitelisted in NVT ERP:
C:\WINDOWS\system32\cmd.exe /c “C:\Intel\GfxCPLBatchFiles{*}.bat”

How to convince COMODO to let the bat file to run?
It doesn’t look like I can edit HIPS rules with wildcards, so what can I do instead?

Can I give special permissions to the C:\Intel\GfxCPLBatchFiles folder?

CFW 10
windows 10

You could create a file group based on that folder path and then create a HIPS rule with that file group.

I made group, and now I am trying to make HIPS rule
should I give it permissions for windows system application? or for installer updater?
or custom?

Add ‘cmd.exe’ application in HIPS & allow mentioned file group in allowed files/folders of ‘Run an executable’ access, if I understood correctly. Question is a bit unclear.

I would go with the Windows System Application ruleset. You want the bat files to be able to execute the system tray and other executables for the intel graphics software.

in firewall config, the @futuretech method worked (it was the first solution I tried, and I never got around to trying the @qmarius method).

Then I reinstalled CFW and chose proactive mode, and then nothing worked.
Although, erratically, sometimes the intel system tray icon would start up, like about once out of every five reboots.

I think it was just bad timing. That particular process wanted to run just as COMODO was starting up, and it somehow got lost in the shuffle.

In the end, I went for an inelegant solution: I copied a shortcut to the intel system tray icon, and pasted it into the startup folder. Then I didn’t need any HIPS rules at all to get it to work.