Adding a process to exclude under Access Protection has no effect when the rule includes only System:Remote

Technical Articles ID: KB68560
Last Modified: 2/22/2017
Rated:

Environment

McAfee VirusScan Enterprise (VSE) 8.x

For details of VSE 8.x supported environments, see KB51111.

Problem

Specifying a Process to Exclude (for example, psexec.exe or sms.exe) in any Access Protection rule that specifies only the Process to Include of System:Remote, does not take effect.

Problem

Adding any process to the Process to Exclude field of the Access Protection rule Anti-virus Standard Protection:Prevent remote creation/modification of executable and configuration files has no effect.

Cause

No information about which process is performing I/O (Input/Output) makes it across the network. The process performing the action on the client system is System:Remote. Because the only process included in the rule is System:Remote, the only process that can be excluded would also be System:Remote, effectively disabling the rule.

Solution

Disable the Access Protection rule that is using System:Remote as the Process to Include. There is no way to add a specific process to be excluded when the access is performed across the network.

Click Start, Programs, McAfee, VirusScan Console.
Double-click Access Protection and select Anti-virus Standard Protection.
Select the appropriate Access Protection rule.

Example:

Prevent remote creation/modification of executable and configuration files
Deselect Block and Report for that rule, and click OK.
Exit the VirusScan Console.

Disclaimer

The content of this article originated in English. If there are differences between the English content and its translation, the English content is always the most accurate. Some of this content has been provided using Machine Translation translated by Microsoft.

Affected Products

VirusScan Enterprise 8.8

Languages:

This article is available in the following languages:

English United States
Japanese

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms

Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.

Data Protection and Encryption

Database Security

Endpoint Protection

Network Security

Security Analytics

Security Management

Server Security

SIEM

Web Security

Data Center and Cloud Defense

Dynamic Endpoint Threat Defense

Pervasive Data Protection

Intelligent Security Operations

Embedded Security

Data Exchange Layer

Security Consulting

Product Consulting

Education Services

McAfee Labs

Advanced Threat Research

Threat Landscape Dashboard

Security Awareness

McAfee Labs Data Submission

Premier Success Plan

Security Updates

Product Downloads

Free Trials

Free Tools

Community Expert Center

Knowledge Center

Patch Downloads

Support Tools

Service Requests

Resellers

Managed Service Providers

Security Innovation Alliance

Global Strategic Alliances

OEM & Embedded Alliances

Find a Reseller or Distributor

Knowledge Center

Environment

Problem

Problem

Cause

Solution

Disclaimer

Rate this document

Did this article resolve your issue?

Please provide any comments below

Affected Products

Languages:

Beta Translate with

Glossary of Technical Terms

Choose your region

Title

Title