You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close

10: How must I configure my Anti-virus or system-level software to work with PolicyPak CSE?

Some Antivirus engines need to be told to EXCLUDE some PolicyPak items.

PolicyPak acts as part of the operating system, and as such, can occasionally conflict with SOME Antivirus programs. (McAfee, Sophos etc.)

We suggest if you find a problem to exclude

PPWatcherSvc*.exe (with * being either the 32- or 64-bit version)

PPExtensionService.exe (with * being either the 32- or 64-bit version)

which could be blocked and prevented from performing its job.

You might need to further expand the exclusion to

  1. %Programdata%\PolicyPak.
  2. %localappdata%\PolicyPak

then… for 32-bit machines:

  1. c:\Program Files\PolicyPak
  2. C:\ProgramData\PolicyPak

then .. for 64-bit machines:

c:\program files (x86)\PolicyPak
*AND*
c:\Program Files\PolicyPak
C:\ProgramData\PolicyPak

To cover all the bases please also exclude PPWatchersvc64.exe and PPWatchersvc32.exe from the Exploit Mitigation feature.

SOPHOS CUSTOMERS who receive: "APCViolation' exploit prevented in PolicyPak Watcher Service".

  1. Check the Event details and then make an exception in the Exploit Protection setting.
  2. The typical workaround is to add PPWatersvc64.exe as an exclusion to the Exploit Mitigation.

Ivanti Heat Customers:

  1. See “Troubleshooting Application Conflicts with LES”: https://forums.ivanti.com/s/article/Troubleshooting-application-conflicts-with-LES
  2. The basic approach is to rename these files then reboot and see if conflicts still occur.
    • C:\Windows\System32\sxwmon64.dll
    • 32-bit: C:\Windows\System32\sxwmon32.dll
    • 64-bit: C:\Windows\SysWow64\sxwmon32.dll

FortiNet / FortiClient version 6.0.8.0261 won’t install latest CSE and displays the following error message during install:

Symptom: Error message when installing CSE "Could not write value ExplorerCommandHandler to key \SOFTWARE\Classes\exefile\shell\runasspecial"

  1. Workaround is to update FortiClient to version 6.0.9.0277 or higher.
  • 270
  • 31-Jul-2020
  • 2653 Views