Skip to content

Matt avtestprocessupdate#1130

Closed
Canthv0 wants to merge 6 commits into
mainfrom
matt-avtestprocessupdate
Closed

Matt avtestprocessupdate#1130
Canthv0 wants to merge 6 commits into
mainfrom
matt-avtestprocessupdate

Conversation

@Canthv0
Copy link
Copy Markdown
Contributor

@Canthv0 Canthv0 commented Jul 11, 2022

Issue:
Expanding script to also scan exchange processes for "unknown" modules being loaded.

Reason:
AV will load into processes and not just scan files.

Fix:
Added code to pull all exchange processes that are listed on the AV exclusions page.
Scans loaded modules looking for one that are not in a white list.

Validation:
Provide if applicable

@dpaulson45
Copy link
Copy Markdown
Member

dpaulson45 commented Jul 11, 2022

There is currently other PR #1128 opened against this script as well. Was going to merge this one first as it was open first. However, it might cause conflicts.

@Canthv0
Copy link
Copy Markdown
Contributor Author

Canthv0 commented Jul 11, 2022

NP ... will clean things up as needed.

@dpaulson45
Copy link
Copy Markdown
Member

dpaulson45 commented Jul 11, 2022

@Canthv0 resolve conflicts

@dpaulson45
Copy link
Copy Markdown
Member

dpaulson45 commented Sep 15, 2022

@Canthv0 please update this or it will close.

@Canthv0 Canthv0 closed this Sep 20, 2022
@dpaulson45 dpaulson45 deleted the matt-avtestprocessupdate branch February 16, 2023 14:33
@iserrano76 iserrano76 mentioned this pull request Mar 30, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bill-long bill-long Awaiting requested review from bill-long

@dpaulson45 dpaulson45 Awaiting requested review from dpaulson45

@lusassl-msft lusassl-msft Awaiting requested review from lusassl-msft

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Canthv0 @dpaulson45