Loading...

Knowledge Center


Threat Exchange Module for VirusScan Enterprise does not block or repair files when a third-party security application is active
Technical Articles ID:   KB85526
Last Modified:  1/23/2019

Environment

McAfee Threat Exchange Module (TIEm) for VirusScan Enterprise (VSE) 1.x
Avecto Privilege Guard
Beyond Trust Power Broker

Problem

When a product such as Avecto Privilege Guard is active on an endpoint machine, it can cause TIEm for VSE to behave inconsistently. For example, the blocking of known malicious applications will not occur and the cleaning of those files will fail.

Cause

Applications such as Avecto Privilege Guard hook into executable processes. This can lead to inconsistent behavior in an application such as TIEm for VSE because of the privileges required to block and clean executable files.

Solution

Exclude the following McAfee processes in the third-party application policy:
  • C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
  • C:\Program Files\McAfee\TIEM\TIEService.exe
  • C:\Program Files\McAfee\TIEM\TieVE.dll
  • C:\Program Files\McAfee\TIEM\TIETray.dll
  • C:\Program Files\McAfee\Data_Exchange_Layer\bin\dx_service.exe
  • C:\Program Files\McAfee\Data_Exchange_Layer\bin\dx_servicemonitor.exe
  • C:\Program Files\McAfee\Data_Exchange_Layer\vscore\mfevtps.exe

Rate this document

Beta Translate with

Select a desired language below to translate this page.

Languages:

This article is available in the following languages:

English United States
Japanese

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.