This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Endpoint Exception being Ignored

Hi All
On a couple of workstations I have the MS SysInternals Installed
https://technet.microsoft.com/en-us/sysinternals/bb545021.aspx

A couple of these utilities PsKill and P***ec get reported as "Adware/PUA Hacking Tool.

I made an exception for these, but the Endpoint is still picking it up.

See pics.

Thoughts

Mark

This thread was automatically locked due to age.

0 Scott_Klassen over 10 years ago

Maybe try a scanning exclusion for the path the files are in?

You could also check the local endpoints to make certain that the PUA exceptions are making their way to the clients.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel
0 Mark_D_01 over 10 years ago in reply to Scott_Klassen

I have this problem with both a customer using Enterprise Endpoint and I thought I would test it out on my home UTM.
In case of the Ent the path has been added but but is still being ignored.
On the End device I see the date of the last update as being very recent. (ie a couple of minutes ago).

Silly question how do I see to make sure if the "the local endpoints to make certain that the PUA exceptions are making their way to the clients."

I assume from pic that the exclusion did not come through.
- exclu.JPG
- View
- Hide
Cancel
Vote Up 0 Vote Down

Cancel
0 Scott_Klassen over 10 years ago

I assume from pic that the exclusion did not come through
Yep. Should show up in the local client interface. Broker service may be having issues again.

Maybe somebody else can try a quick exclusion and see what happens (sorry, I run a different AV on my endpoints for multiple reasons).

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel
0 Mark_D_01 over 10 years ago

I just tried adding a Scanning exclusions "File" and this worked, it came through all OK.
But the other exception under PUA (which it is flagged as) didn't work.

This is like Alice in wonderland.

Mark
Cancel
Vote Up 0 Vote Down

Cancel
0 Scott_Klassen over 10 years ago

Broker works then. File works, but path and PUA do not. *sigh* I wish I had some magic fix for you Mark.

This is like Alice in wonderland
curiouser and curiouser or believe six impossible things before breakfast?

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel

Endpoint Exception being Ignored

Submitted a Tech Support Case lately from the Support Portal?