VH_Systeembeheer 0 Posted May 12, 2021 Share Posted May 12, 2021 Dear, Some exclusions i make are not applying, most of them are. The process name matches, the signer name, .. but the detection is not being resolved. Even if I make an exclusion from a detection, it does not solves that detection. For example: But the detection is not resolved I have this with a handful exclusions, with different triggers and rules Please advice Ben Link to comment Share on other sites More sharing options...
itman 1,741 Posted May 12, 2021 Share Posted May 12, 2021 (edited) From the screen shots posted, it appears that the Brave browser update process is trying to get access to lsass.exe which in itself is suspect activity. First, if lsass.exe is setup as a Protected Process - Light (PPL), the updater won't be able to access it. Next is it may very well be that Eset's HIPS is what is actually blocking access to lsass.exe. It is also possible that it is not allowing an exclusion for this activity which would be the proper thing to do. Edited May 12, 2021 by itman Link to comment Share on other sites More sharing options...
dmaasland 2 Posted May 27, 2021 Share Posted May 27, 2021 Just as a test, does it work if you remove the "signer name" condition? Could you click on "Advanced" and post the exclusion's XML? Link to comment Share on other sites More sharing options...
Recommended Posts