Here in the company we have an add-in for Office of own development, that creates a temporary dll for the serialization of data and the antivirus blocks. Is there any way to create a rule that can identify the add-in and bypass the validation of the dll ?
Thank you for your attention.
McAfee Agent is only the management agent on the system; there's no antivirus there. Your managed antivirus product would probably be either VirusScan Enterprise (VSE) or Endpoint Security (ENS). Which one are you using?
Also, what's the text of the message you're getting when it blocks?
Have a look in %DefLogDir% at the logs there, and see if you can find any activity during the time when you try to load the DLL? Otherwise, if you just want to exclude the DLL from being scanned, you can add it in your On-Access Scan exclusions.
The log contains the text below:
<SYSTEM> ApBl.AP.Activity: GRUPOCGD\E001986 executed EXCEL.EXE,
You tried to access D:\USERS\E001986\APPDATA\LOCAL\TEMP\ZLXYHJRJ.DLL,
By violating a rule "Winword.exe. Excel.exe dll creation",
And it was blocked. The prblema is that as dll are generated with different name and also it is in an addin.