Text only | Text with Images

Support Forum: Get Support for Patch My PC Products and Services

Commercial Products: Support for Our Enterprise Product for Microsoft ConfigMgr and Intune => Commercial/Paid Products: Support and General Questions (ConfigMgr and Intune) => Topic started by: scottduk on November 15, 2022, 07:13:26 AM

Title: Risky action Blocked - ASR
Post by: scottduk on November 15, 2022, 07:13:26 AM
Regards,
I have been noticing many alerts on our endpoints for PatchMyPC-ScriptRunner.exe, please see below screenshot.

Do i need to amend something or add some exclusions for AV or ASR ?

Regards

Screenshot 2022-11-15 141052.png
Title: Re: Risky action Blocked - ASR
Post by: Jake Shackelford (Patch My PC) on November 15, 2022, 08:17:01 AM
I would suggest adding an exclusion to that particular EXE to start. You may need to explore allowing exclusions on other folders related to content distribution within ConfigMgr but I would start solely with the ScriptRunner.exe. Depending on the security tool it can detect as a false positive just do to the nature of the exe running in the system context.
Text only | Text with Images