I keep getting alerts about the altiris agent, but only on one machine (which happens to be our SEP server)
02/21/2011 15:16:02 |
Tamper Protection
Minor
1 |
Default
SRV-xx1
My Company\Internal Servers |
SRV-xx1
Windows Server 2008 |
xxxxx |
Block |
C:/Windows/system32/taskmgr.exe
D:/Program Files/Altiris Agent/AeXAgentUIHost.exe |
"D:\Program Files\Altiris Agent\AeXAgentUIHost.exe" |
When I use the logs to add an exception (Monitor > Logs then using the Add file to Centralized Execptions Policy) it's adding taskmgr.exe. I guess I'm confused about how to read the log above, but I would assume I would want to add AeXAgentUIHost.exe as the exception, not taskmanager. Or is it that SEP think the task manager is trying to attack AexAgentUIHost?
Could someone clarify this for me?
Thanks,
Dan