Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            [Forcepoint] [DLP] How to check if the DLP endpoint is hooking to an application

            Modified on Sun, 16 Jan, 2022 at 4:05 PM

            Issue:

            When trying to debug issues with the DLP endpoint and various applications, you want to see if the endpoint actually hooked to the application



            Solution:

            To check if the endpoint is hooked to a specific application, find the application process using the Task Manager and run the following command:

            tasklist /m /fi "imagename eq someprogram.exe"

            For example, to search for all modules currently attached to outlook, we would use:

            tasklist /m /fi "imagename eq outlook.exe"

            In the output, you should be looking for QIPCAP64.dll (or QIPCAP.dll for 32bit OS)

            In addition, we can also view all attachments that the endpoint currently has, by issuing the following opposite command:

            tasklist /FI "MODULES eq qipcap64.dll"


            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0