I already applied it, but I have no way of checking. SL doesn’t trigger anything and I’ve never seen * used in the middle of a path, that’s why I’m asking. I want to know if it exempts ANY path which beyond that ends in agcp.exe, or ALL paths inside the silverlight folder.
The question you ask is exactly what I am asking, but I’m not sure exactly where you want to put the rule.
This won’t work directly in trusted files as the wildcard is expanded on addition to the list. (See FAQ)
I probably will in D+ rules, so eg for making it an installer updater. But make sure the executable will not be ever be used to run an unrecognised file or in any internet facing way if you go that route.
Re testing, I suppose
0) Create the rule in D+ rules
create a new batch file in a sub-directory, and try running it
try running this file agcp from the different version directories (after removal from trusted files).
I think there is some discussion of this in topics relating to make files, and a similar file used by avast, i you want to look them up. Not sure there are definitive conclusions.
It appears this should work. See here and read down the trace for confirmation.
The earlier solution in the trace with the same wildcard did not work because the permission required was not understood.
My hesitation is because I know the first asterisk in a path like blah*.* does not quite work as expected. Basically CIS sees the terminal asterisk and includes all subdirectories. Following DOS conventions you would expect this to select the files in the current directory only.