cancel
Showing results for 
Search instead for 
Did you mean: 

Help searching for unwanted executables

I'm trying to test using VSE 8.8 (in ePO) unwanted programs to search for  exectuables that have been forbidden on our network.  I put the exectuable "TESTTESTTEST.EXE" in the policy and also put it in the access protection policy under user defined items.  I run an on demand scan and try to use a query to see it once completed , but it doesn't appear to have been detected.  What am I missing?  Is there an easier way to go about doing this?

4 Replies
mjmurra
Level 12
Report Inappropriate Content
Message 2 of 5

Re: Help searching for unwanted executables

I would start by checking that "detect unwanted programs" is ticked for the On-Demand Scan.

Also, I would check that the Application's filename is defined in the "workstation" (or "Server") policy as is appropriate.

BTW, what query are you using to look for the detection in EPO?

Re: Help searching for unwanted executables

Thanks for the reply.  It ended up being a corrupt agent that I was doing the scan on.  It wasn't getting the new VSE policy.  I reinstalled the agent and all is good again.  Thanks for the quick reply.

kenobe
Level 10
Report Inappropriate Content
Message 4 of 5

Re: Help searching for unwanted executables

Note there is a limit to how many entries you can put in the VSE unwanted programs - if I remember right it's about 250 entries.

Re: Help searching for unwanted executables

This has turned out to be a really effective way of searching for banned files.