This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
nwgy
Newcomer
12 hours ago

Exclusions on cmd.exe

We run a program called AutoIt that compiles scripts into .exe files. These files are often flagged as malware, and so in response we have added a file exclusion on cmd.exe that seems to have solved the problem. Will that exclusion then allow other sub-processes running off of cmd.exe to execute that may be nefarious?

If so, what is the best way to exclude these compiled scripts?

0 Kudos
4 Replies
PhoneBoy
Admin
Admin
12 hours ago

Unfortunately, I assume other malicious things that run under cmd.exe will also be excluded.
Have you confirmed these scripts show when running in Task Manager are running under cmd.exe?

0 Kudos
nwgy
Newcomer
9 hours ago
In response to PhoneBoy

When we didn't have the exclusion, the script (compiled) were blocked. With the exclusion, they run.

0 Kudos
lluner
Advisor
11 hours ago

@nwgy 

It could show what the forensic blade is showing for us to try to make the exceptions ?

0 Kudos
nwgy
Newcomer
9 hours ago
In response to lluner

I am not sure what you mean?

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events