Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 3696 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How do I programatically add a file to Sophos's exclusion list?

dencolp

Hi Sophos Gurus,

I have no Sophos experience so please forgive my newbie question.

I'm a software developer for a team that distributes an exe (let's call it myexe.exe) that is getting flagged by Sophos Anti-virus for suspicious activity.  When my team's application is installed it installs myexe.exe.  At install time, I want to add an "Exclusion" for myexe.exe to Sophos Anti-virus so that Sophos Anti-virus doesn't flag myexe.exe for suspicious activity.  How can this be accomplished?  Can this be done from a command-line command?  Thank you in advance for your help.

Note that I work at a company where Sophos Anti-virus is installed on most people's PCs.  Also note that I don't administer Sophos Anti-virus at my company, I am a software developer who distributes an .exe that is getting flagged by Sophos Anti-virus for suspicious activity.

Thanks,
DenColp

:3513


This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    There are no command line tools to enable you to add an exclusion.   Exclusions are stored in machine.xml but I wouldn't advise anyone to start adding entries to that, service restarts will be required, etc... Definitely dragons there!

    I would either speak to your administrator and ask him to authorise the exe having explained what it does or find out why it is being detected as exhibiting suspicious behaviour, maybe it just needs to be signed.  What is it being detected as? 

    Thanks,

    Jak

    :3519
Reply
  • 0

    Hi,

    There are no command line tools to enable you to add an exclusion.   Exclusions are stored in machine.xml but I wouldn't advise anyone to start adding entries to that, service restarts will be required, etc... Definitely dragons there!

    I would either speak to your administrator and ask him to authorise the exe having explained what it does or find out why it is being detected as exhibiting suspicious behaviour, maybe it just needs to be signed.  What is it being detected as? 

    Thanks,

    Jak

    :3519
Children
No Data