cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
300
Views
15
Helpful
2
Replies
Naresh Gokara
Beginner

Unable to start Powershell or run any scripts due to AMP, all works well if I stop the AMP service.

Hello,

 

am new to the tool, am trying to find out which Engine from Cisco AMP is blocking the powershell.exe. we have a .vbs script which runs on every start up to set some printer preferences, which is failing obviously due to AMP and user could see an error every time he/she login. when i checked, its not only the script but poweshell.exe it self is blocked. and no specific error pointing to AMP in any logs. but all works well if stop the AMP service. 

all I can see an error in windows logs "Faulting application name: conhost.exe, version: 10.0.19041.746"

 

Please suggest how i can dig in more or fix this.

 

Thank you,

NG

2 REPLIES 2
austincox1234
Beginner

We're having the same issue on one of our endpoints. It is also preventing Chrome from launching and the event viewer logs a similar error except the faulting module is chrome.exe (Chrome version 90). Powershell also cannot be launched, however I can still open a CMD prompt and enter PS within the CMD prompt. We've reinstalled the desktop connector on the machine, put AMP in audit mode, and even gone as far as reimaging the machine with no luck. The only workaround we know of is to either uninstall AMP from the machine or disable the service. The affected endpoint is running Windows 10 20H2 with the April cumulative update (19042.928).

 

 

 

I'm glad we aren't the only ones with this issue on our hands. Any insight would be greatly appreciated!

LuoJ
Beginner

We're in the same boat aswell. We didn't experience this issue at all until recently and, so far, only on the new HP Zbook Firefly G8. Works perfectly fine on the organizations 800-900 earlier model computers.

Content for Community-Ad