Jump to content

Exclusions not working


mlottgie

Recommended Posts

We use Radmin here and have for years.  Despite several different methods of trying to exclude it from detection, we still get alerts including Malware Outbreak emails for at least one of the desktops.  It is detected as "potentially unsafe application;Win32/RemoteAdmin.RAdmin.AC;Variant;Startup scanner."  This image shows the exclusion we have for this.

radmin_exclusion.PNG.e08c40036eb7b36d0d6eeb1ec74a8b6a.PNG

 

We also have path exclusions:

radmin_exclusion2.PNG.ee596675dc22a57fea499b7ec9c4c6fa.PNG

and several others like this including path *rserver3.exe* - Nothing seems to work here.

 

Link to comment
Share on other sites

Another issue seems to be the versions.  We recently upgraded ERA to 6.5.417.0.  But the clients are still on 6.4.2014.0.  Does the  >= 6.5 on the edit exclusion pages mean that this will not apply?  Note that this also did not work before the update of ERA, although we never had @NAME= in the rules.

Edited by mlottgie
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...