Adding a process to exclude under Access Protection has no effect when the rule includes only System: Remote

Technical Articles ID: KB68560
Last Modified: 7/26/2020

Environment

McAfee VirusScan Enterprise (VSE) 8.x

For details of VSE 8.x supported environments, see KB51111.

Problem

You specify a Process to Exclude, such as psexec.exe or sms.exe, in an Access Protection rule that specifies only the Process to Include of System:Remote. The action does not take effect.

Problem

You add any process to the Process to Exclude field of the Access Protection rule Anti-virus Standard Protection:Prevent remote creation/modification of executable and configuration files. The action has no effect.

Cause

No information about that process that performs the I/O makes it across the network. The process that performs the action on the client system is System:Remote. Because the only process included in the rule is System:Remote, the only process that can be excluded would also be System:Remote, effectively disabling the rule.

Solution

Disable the Access Protection rule that is using System:Remote as the Process to Include. There is no way to add a specific process to be excluded when the access is performed across the network.

Click Start, Programs, McAfee, VirusScan Console.
Double-click Access Protection and select Anti-virus Standard Protection.
Select the appropriate Access Protection rule.

Example:

Prevent remote creation/modification of executable and configuration files
Deselect Block and Report for that rule, and click OK.
Exit the VirusScan Console.

Affected Products

VirusScan Enterprise 8.8

Languages:

This article is available in the following languages:

English United States
Japanese

Glossary of Technical Terms

Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.

Knowledge Center

Adding a process to exclude under Access Protection has no effect when the rule includes only System: Remote

Environment

Problem

Problem

Cause

Solution

Affected Products

Languages:

Glossary of Technical Terms

Title

Title

Knowledge Center

Adding a process to exclude under Access Protection has no effect when the rule includes only System: Remote

Environment

Problem

Problem

Cause

Solution

Affected Products

Languages:

Glossary of Technical Terms

Choose your region

Title

Title