I have a problem with some customer endpoints with using the program ABBRobotStudio.
Robotstudio is just a software which is communicating with ABB machines and robots.
After installing the Endpoint to the computers all computers had problems communicating with the machines like timeout, refusing connection at all or an error with .dll files missing. We looked in the alert logs on the endpoint and in Central but nothing is reporting with a threat in relation with Robotstudio.
We already talked with the ABB support and they replied that we should set up a exclusion for the ABBRobotstudio Software. That didnt help.
So we uninstalled the endpoint on one machine for testing and after that everything worked just fine. No timeout, no connection error, no missing dll.
Did someone had the same problem with Sophos and Robotstudio?
Hello Daniel,Thank you for reaching the community forum.I Agree with what ABB support mentioned about adding an exclusion. By any chance, did they share with you the recommended exclusion list for their application/product? I believe that doing a simple file or path exclusion may not suffice here as, based on your statement, you're also getting some network timeout.
Given you mention communicating. Does it help to turn off tamper protection and stop the Sophos Network Threat Protection service? That would tell us something..
Thank you for replying me so quickly.
ABB sent me the following exclusion list:
And they wrote...
Have they tried white-listing the VC process in the anti-virus software?
It's called RobVC.exe and is in C:\Program Files (x86)\Common Files\ABB Industrial IT\Robotics IT\RobVCCommon
I will try that. I had something similar year ago.
Checking in stopping the NTP Service would be the first thing to do to narrow it down.
If it is NTP. then you may need to exclude RobVC.exe as a file/path exclusion (realtime), rather than type process, for the process to end up in the config of NTP.
So I finally had the chance to test that out. But deactivating NTP didnt help. After the 12th start up it had the same issues like before. Even deactivating the services one by one didnt help. Me and my team will test the exclusions and reporting that type of issue to Sophos directly. Are there any other settings I can configure?