Memory Protection and Script Control are built on a memory filter driver to inject at the earliest possible point during process startup. Though Threat Defense does not support Memory Protection, if Script Control is enabled on Threat Defense, these issues be present. Third-party products that also monitor memory processes handle injections differently and may not be prepared for injection as early in the process as Memory Protection. This causes the third-party application to crash. To resolve this issue, you can add a registry key to allow Memory Protection to inject in the same manner as other applications.
Not Applicable
The Advanced Threat Prevention (ATP) engine of Dell Threat Defense or Dell Endpoint Security Suite Enterprise must have a compatibility mode that is enabled to resolve potential conflicts.
Figure 1: (English Only) Click Run
Figure 2: (English Only) Type regedit
HKEY_LOCAL_MACHINE\Software\Cylance\Desktop
.
Figure 3: (English Only) Click Permissions
Figure 4: (English Only) Check Full Control
Figure 5: (English Only) Click DWORD (32-bit) Value
Figure 6: (English Only) Click Modify
Figure 7: (English Only) Update Value data to 1
Enabling Compatibility Mode using Command-Line Option
Using PSExec
to inject this registry key:
psexec -s reg add HKEY_LOCAL_MACHINE\SOFTWARE\Cylance\Desktop /v CompatibilityMode /t REG_BINARY /d 01
PSexec
can be acquired from Microsoft here: https://docs.microsoft.com/en-us/sysinternals/downloads/psexec
PSexec
is commonly seen as a Potentially Unwanted Program (PUP) and may be automatically quarantined before it can be run.
To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.