This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

False Positive, can't get global exclusions to work.

So recently we have installed an application we are trying from a 3rd party vendor for employee monitoring named SentryPC.

Now the application checks all the boxes the higher ups want, we did disable some of the features but the cost is right and it is capable of working on Windows and OSX. 

But Sophos keeps flagging the application as Mal/Generic-S as shown here: https://www.sophos.com/en-us//threat-center/threat-analyses/viruses-and-spyware/Mal~Generic-S.aspx

What is odd is Sophos lists the application as PUA as well here: https://www.sophos.com/en-us/threat-center/threat-analyses/adware-and-puas/Sentry%20PC%20monitor%20tool.aspx 

Now I can see why the application would be flagged as a PUA or Spyware since it will function the same as Spyware, but it is approved Spyware if that makes sense lol.

I have attempted to make Global Exclusions in-

  • File and Folder
  • Processes 
  • Potentially Unwanted Application
  • and Allowed Applications

I have done this with the exact file path that Sophos is finding each time it is detecting the application per the threat analysis yet it consistently still detects the application.

I have read that in some cases admins have enabled the exclusion on the policy as well.  But that really makes no sense as it would defeat the purpose of a global exclusion list then???

But that is just what I read, doesn't mean its right lol.

Any ideas????



This thread was automatically locked due to age.