Thread Info
  • Locked Locked
  • Replies 6 replies
  • Subscribers 16 subscribers
  • Views 15628 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Intercept X affecting software installation

Kennysarmy

We have a piece of software we install on our Windows 10 64 bit PC's called SIMS.net

If we install on a PC with just Sophos Endpoint Protection, or no AV product at all it installs fine, but if we have Intercept X installed then the software does not install correctly.

It does install fine on Windows 7 64 bit.

 

How can I add some form of exclusion to Intercept X so that a particular folder is removed from the real-time scanning.

I believe the software is launched from : C:\ProgramData\Capita\Solus3\Deployments

 

Any help greatly appreciated.



This thread was automatically locked due to age.
Parents

  • Hello Kennysarmy,

    does not install correctly
    if a process has been intercepted and terminated there should be a corresponding alert, likely some alleged exploit. AFAIK you can't make "preventative" exclusions (even less for specific parts of the file system). You should be able to (globally) exclude an application after it has been blocked though.

    Christian

  • in reply to QC

    I can confirm that I am having the exact same issues as  

    There are no alerts/logs that report this in Sophos Central or at the Endpoint.

     

    I have raised a case and hopefully it can be rectified very quickly

     

    Regards

  • in reply to I MacMillan

    Is the issue just with the installation or even if the application is installed it fails in some way?

    I don't know if the processes involved in the installer or application are 32/64-bit but on a 64-bit computer, 32-bit processes load "C:\Windows\SysWOW64\hmpalert.dll" and 64-bit processes load "C:\Windows\System32\hmpalert.dll".

    If you therefore rename the necessary dll and launch the process such that it isn't loaded does it work? Is it the loading of the DLL, which is used for the exploit prevention that is the issue?

    Regards,

    Jak

Reply
  • in reply to I MacMillan

    Is the issue just with the installation or even if the application is installed it fails in some way?

    I don't know if the processes involved in the installer or application are 32/64-bit but on a 64-bit computer, 32-bit processes load "C:\Windows\SysWOW64\hmpalert.dll" and 64-bit processes load "C:\Windows\System32\hmpalert.dll".

    If you therefore rename the necessary dll and launch the process such that it isn't loaded does it work? Is it the loading of the DLL, which is used for the exploit prevention that is the issue?

    Regards,

    Jak

Children
Unfiltered HTML