Exploit mitigation or ransomware wildcards and variables and using the "$" variable

Anybody else tried using the "$" variable to exclude a filename and not work??

Looking at the article: Exploit mitigation or ransomware wildcards and variables - Sophos Central Admin

Is says this: 

VariableExample$

All available drives.

For example, $\app.exe excludes app.exe on drive C:, drive D:, etc.

But when entering: "$\filename.exe" for the exclusion, the file name is still being caught.   The only way I have been able to exclude the file is to enter the full path.

Open case #: 07009147



Added Tags
[edited by: Gladys at 7:01 AM (GMT -7) on 2 Oct 2023]
Parents Reply Children
No Data