cancel
Showing results for 
Search instead for 
Did you mean: 
spkslattery
Level 10

How to whitelist a process/service that calls cscript and then a tmp file

Hi,

I have a service m_agent_service.exe which frequently runs C:\Windows\SysWOW64\cscript.exe with arguments such as C:\Windows\TEMP\m_a3832.tmp. The execution of the tmp files is being blocked, logged and alerted at the console. Is there a way to whitelist this scenario? Thank you in advance.



0 Kudos
2 Replies
aus_mick
Level 10

Re: How to whitelist a process/service that calls cscript and then a tmp file

How are the *.tmp files created in the first place? Is it a process that belongs to the Meraki Systems Manager Agent product? If so can you not add the binary that creates these files as a Trusted Updater so the *.tmp file is added to the Whitelist and permitted to execute?

HTH, Mick

0 Kudos
neelima
Level 12

Re: How to whitelist a process/service that calls cscript and then a tmp file

Sean,

Use the Parent Update policyMeraki.png

0 Kudos