• Full OS Inventory Tracking setting is configured to discard information at the Server or Agent (Option 2 or 3).
• Agents are still sending Local File Approval Events for newly written/discovered supporting files (e.g. DLLs).
• Supporting files are properly signed by Microsoft Windows or Microsoft Corporation and fully validated.

• App Control Agent: 8.7.6+
• App Control Console: All Supported Versions
• Microsoft Windows: All Supported Versions

This issue is caused by two different defects:

• Publisher matching did not properly associate these files with Microsoft Corporation or Microsoft Windows (fixed in Agent 8.9.2 with EP-18819).
• FileType is not correctly set on dll file (Fixed in Agent 8.10.0 with EPCB-20515).

Upgrade to agent version 8.10.0+ where this issue has been resolved via EPCB-20515.

If upgrading to 8.10.0 agent is not possible, a temporary ABExclusion Rule to suppress all Approved files signed by Microsoft Corporation or Microsoft Windows can be created. 

1. Verify the Agent(s) in question are on version 8.9.2 or higher.
2. Log in to the Console and navigate to: https://ServerAddress/shepherd_config.php
3. Select the Property: ABExclusionRules
   • If a Value exists, add the following to the end:

     |;*.dll;;;;Microsoft Corporation,Microsoft Windows;;;;E0;7

   • If a Value doesn't exist, enter the following:

     ;*.dll;;;;Microsoft Corporation,Microsoft Windows;;;;E0;7

4. Click the Change button.

This ABExclusion will honor most aspects of the Discard Tracking of Support Files at Agent:

• The file must be properly signed by Microsoft Corporation or Microsoft Windows:
• This includes directly signed files, and those signed with a detached publisher.
• Files signed by other Microsoft publishers, even if legitimate, continue to be tracked.
• The file must be Locally Approved either directly, or due to some other Approval Method, and not banned.
• The file must be a .dll