ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Endpoint agent interference with PCOMM Terminal Emulator software


Article ID: 159400


Updated On:


Data Loss Prevention Enforce


Endpoint agent appeared to be interfering with the operation of a QA configuration where a Windows desktop running the agent was being used to test mainframe operations using HP Quick Test Professional 10 (aka QTP) and mainframe terminal emulator IBM Personal Communications 5.7 (aka PCOMM).  QTP was connecting to a mainframe through the PCOMM emulator, running specific operations as a terminal user, and copying the results to WINWORD.exe.

While not verified by the vendors (HP or IBM), it was assumed that lag introduced by EDPA was the likely suspect in causing interference and subsequent crashes of this particular QA configuration.


Using "Procmon", logs were captured from the system running the QA script, specifically with an arrangement that had failed in the past.

Browsing the output, a shortlist of executables were identified not only based on their association with HP QC, PCOMM, and WINWORD, but based on lag created and interdependence. 

From the shortlist, these programs were identified for fingerprinting and "Print/fax" (print monitoring) exclusion:




With these excluded, the issue vanished and the customer was able to continue their unique QA operations.



Additional Information

A similar situation was encountered with the IBG iSeries terminal emulation software. Excluding the processes below through whitelisting resolved the issue: 

pcscm.exe. (passes to print channel)