Potentially Unwanted Program exclusions aren't honored with "Scan processes on service startup and content update" enabled

Technical Articles ID: KB94512
Last Modified: 2023-07-07 09:18:38 Etc/GMT

Environment

Endpoint Security (ENS) Threat Prevention 10.x

Problem

The setting "Scan processes on service startup and content update" is enabled in the Endpoint Security Threat Prevention, On-Access Scan policy. Potentially Unwanted Program detections still happen during normal on-access scanning (OAS) even though you excluded the Potentially Unwanted Program by detection name in the Endpoint Security Threat Prevention, Options policy. By default, the setting "Scan processes on service startup and content update" is disabled as it can be impactful, depending on workloads, to the overall perceived performance of a system.

System Change

The setting "Scan processes on service startup and content update" was enabled in the OAS policy. Now, the exclusions for Potentially Unwanted Programs are seemingly not working correctly.

Cause

When the setting "Scan processes on service startup and content update" is enabled, ENS scans processes when they start. The scanning of processes is achieved through initiating a small on-demand scan (ODS) against the process. This small ODS takes certain ODS presets into consideration when run. But, these presets might not include the exclusion configuration for Potentially Unwanted Programs.

Solution

Technical Support is investigating this issue. If you experience this issue, log on to the ServicePortal and create a Service Request. Include this article number in the Problem Description field.

To contact Technical Support, go to the Create a Service Request page and log on to the ServicePortal.

If you are a registered user, type your User ID and Password, and then click Log In.
If you are not a registered user, click Register and complete the fields to have your password and instructions emailed to you.

Workaround

To work around this issue, you can disable the setting "Scan processes on service startup and content update" in the OAS options.

Related Information

Key search string assistance: pup, detection not working, detection not honoured, detection not honored, pup exclusion not working, detection name

Affected Products

Languages:

This article is available in the following languages:

Knowledge Center

Potentially Unwanted Program exclusions aren't honored with "Scan processes on service startup and content update" enabled

Environment

Problem

System Change

Cause

Solution

Workaround

Related Information

Affected Products

Languages:

Title

Title

Knowledge Center

Potentially Unwanted Program exclusions aren't honored with "Scan processes on service startup and content update" enabled

Environment

Problem

System Change

Cause

Solution

Workaround

Related Information

Affected Products

Languages:

Choose your region

Title

Title