Excluded from scan, since not allowed (dropbox)

Howardmp · ‎Jul 08, 2021

Hello all,

I'm attempting to report on non-administrative installs of Dropbox where users have managed to install into their profile.

Details are not coming through and SVM is issuing the following line in logs

C:\Users\xxxxxxxx\AppData\Roaming\Dropbox\installer\" from the scan, since it is not allowed.

Does anyone know why this is not allowed, I've checked permissions on the folder and user SYSTEM which the service runs under has Full Control?

Any advice much appreciated.

Howard

raslam · ‎Jul 08, 2021

Hi,

Would you mind checking if the following path is not a part of your scan path block list rule? If the rule is added to the blocklist, the SVM agent will not scan and report the installed software.

Please note: You need to check from the SVM account used for SVM agent deployment.

-Raheel

Howardmp · ‎Jul 12, 2021

Hello Raheel,

I've checked and we don't have anything defined in Allow list of Block list and also nothing defined in the Custom Scan Rules. We're using the cloud hosted version of SVM.

Is there a default list that I'm unable to see that could be causing this location to not be scanned?

Many thanks for your assistance.

Howard

raslam · ‎Jul 12, 2021

We have reverified the information. Apparently, Path is skipped because it has "Installer" in the file path. There is a hardcoded rule not to scan a folder with the "Installer" List of other default blocked paths in the scan rules.

Howardmp · ‎Jul 12, 2021

Hello Raslam,

I there any way I can include the Dropbox path I provided below below without significantly altering everything else that is scanned.

(Background is that a non-administrative user can install Dropbox into this folder - have any other organisations raised similar request where they want to see who has installed it in this way and what version they have?)

Many thanks

Howard