Powershell Script Hashes Don't Work

Hi ​@KD8AVA 

There has been an issues with hosted file types, Powershell scripts is of that type, so depending on the age of EPM Client and your Policy there is a possible workaround to the issue.

This issues is fixed in 26.1 of the EPM client, with exception for Reg files.

When you launch the powershell script and force an auditing of it, what do you see in the analytics or in the local Event viewer?

I would assume you see powershell with a commandline taht target your script, which confirm the issues.
The workaround is possible to sort with adjusting the “invisible” order of your “Trusted Applicatoins” in Make sure exe is copied out and delete, then paste it back in.

Kind regards 
Jens

You can find this if you use the good old MMC policy editor, or view the policy file in XML.

The order in the application groups also apply in top down format.
Though this should not have been applied to HostedFileTypes but does in EPM v21.1 - 25.3

26.1 still has issues with .reg files.

The “Any Trusted Executable” apps exist default in “Passive - Allowed Functions & Apps” and should be at the bottom of our allow listing. Which you can accomplish in the Web Policy Editor by copy, Delete, and Paste it back in to the App Group “Passive - Allowed Functions & Apps”

Jens