DeepGuard blocking files

Tercel

We ran to this problem on a Win10Pro machine (running PSB Computer Protection 18.5) after the Autodesk Revit was installed. Everytime the machine starts up and user logs in, we get an alert message, which contains these lines: 

" Exploit:W32/AppLockerBypass.A!DeepGuard    Blocked    File  c:\windows\system32\regsvr32.exe  8eee4e2235f38644a213a1fcf0d3decf2b95d1e0"
and
"Exploit:W32/PowerShellStager.C!DeepGuard    Blocked    File  c:\windows\syswow64\windowspowershell\v1.0\powershell.exe  5f0692820151ac639fb8bd399bf087954d5bc46b"

 

On the computer screen it says "Potentially harmuful file detected. DeepGuard has closed an application that opened a potentially harmful web page or document." 

 

The strange thing is, that if we go to 'App and file control' window and open the 'Blocked' tab, it is empty. When running a manual scan or full computer scan, nothing is found. Any ideas what is causing this and what could be done to get rid of this? 

Tercel

Hi Chotel,

 

I've had all kinds of cases after this special DeepGuard issue, and I've always received great service from F-Secure support team. Maybe you could create a support ticket, and I'm sure you'll get the instructions and help from them. You can request support here:

https://www.f-secure.com/en/web/business_global/support/support-request

 

I hope this helps you to move forward with your DeepGuard problem.