Allow File Symantec Endpoint Protection from Command Line

908 Views Asked by aDoN At 26 March 2021 at 11:13

exe file that, when executing, a window pops up (from the Heuristic Detection), and, when pressing "Allow this File"

and then "OK",

Then it is possible to execute the .exe.

It creates a rule here:

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Symantec\Symantec Endpoint Protection\AV\Exclusions\HeuristicScanning\FileHash\Client\<FILE_HASH>

How it is possible to add a file exclusion via command line?

Or either, move the file to a path where it is not Heuristicly scanned?

Regards

Original Q&A

There are 1 best solutions below

aDoN On 26 March 2021 at 13:02

Solved:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Symantec\Symantec Endpoint Protection\AV\Exclusions\HeuristicScanning\Directory\Admin\1733004141]
"Owner"=dword:00000004
"ProtectionTechnology"=dword:00000002
"FirstAction"=dword:00000011
"SecondAction"=dword:00000011
"DirectoryName"="C:\\temp\\"
"ThreatName"="C:\\temp\\chisel_pezored.exe"
"ExcludeSubDirs"=dword:00000001
"ExtensionList"=""
"ScanCategories"=dword:ffffffff

reg import file.reg

Allow File Symantec Endpoint Protection from Command Line

There are 1 best solutions below

Related Questions in ANTIVIRUS

Related Questions in SYMANTEC

Trending Questions

Popular # Hahtags

Popular Questions