Hi All, I am currently migrating agents from an ePO 4.5 with HDPL9 and VSE8.8 to an ePO 4.6 with HDLP 9.2 and VSE8.8
Something I've noticed since migrating is a handful of OAS detections on a handful of agents, all pointing to files within a path similar to the following:
C:\Documents and Settings\All Users\Application Data\McAfee\DLP\Temp\S-1-5-21-1343024091-1614895754-682003330-3050\TeFilesOutput\1\EMB1658.tmp
C:\Documents and Settings\All Users\Application Data\McAfee\DLP\Temp\S-1-5-21-1343024091-1614895754-682003330-6032\TeFilesOutput\2\EMBD1F5.tmp
Does anybody have any ideas on what's causing this? It's causing an unusually high count of detections, but they've all got Malware types associated to them and automatic resolutions.
It looks like this question has been out there for a while. My company recently implemented McAfee, and we are seeing this type of activity as well. It looks as if the threats are all in the C:\Documents and Settings\All Users\Application Data\McAfee\DLP\Temp folder structure. We are seeing several different threats indicated, some that I wouldn't expect to see in this location (Java Exploit CVE-2012-1723 is one). Does anyone have any information on this?