Adding a process to exclude under Access Protection has no effect when the rule includes only System:Remote

Technical Articles ID: KB68560
Last Modified: 2/22/2017

Environment

McAfee VirusScan Enterprise (VSE) 8.x

For details of VSE 8.x supported environments, see KB51111.

Problem

Specifying a Process to Exclude (for example, psexec.exe or sms.exe) in any Access Protection rule that specifies only the Process to Include of System:Remote, does not take effect.

Problem

Adding any process to the Process to Exclude field of the Access Protection rule Anti-virus Standard Protection:Prevent remote creation/modification of executable and configuration files has no effect.

Cause

No information about which process is performing I/O (Input/Output) makes it across the network. The process performing the action on the client system is System:Remote. Because the only process included in the rule is System:Remote, the only process that can be excluded would also be System:Remote, effectively disabling the rule.

Solution

Disable the Access Protection rule that is using System:Remote as the Process to Include. There is no way to add a specific process to be excluded when the access is performed across the network.

Click Start, Programs, McAfee, VirusScan Console.
Double-click Access Protection and select Anti-virus Standard Protection.
Select the appropriate Access Protection rule.

Example:

Prevent remote creation/modification of executable and configuration files
Deselect Block and Report for that rule, and click OK.
Exit the VirusScan Console.

Affected Products

VirusScan Enterprise 8.8

Languages:

This article is available in the following languages:

English United States
Japanese

Glossary of Technical Terms

Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.

Adding a process to exclude under Access Protection has no effect when the rule includes only System:Remote

Environment

Problem

Problem

Cause

Solution

Affected Products

Languages:

Glossary of Technical Terms

Title

Title

Featured Solutions

Explore Our Portfolio

Security Outcomes

Industries

Products

Featured Solutions

Explore Our Portfolio

MVISION Products

Services & Training

Threat Research

Our Researchers

Threat Landscape Dashboard

Tools

Contact Us

Resources

Downloads

Product Help

Connect with Us

Explore

Our Company

Our Efforts

Other Resources

Careers

Partnerships

Adding a process to exclude under Access Protection has no effect when the rule includes only System:Remote

Environment

Problem

Problem

Cause

Solution

Affected Products

Languages:

Glossary of Technical Terms

Choose your region

Title

Title