I am getting the following warning:
Threat event ID: 1092
Threat Name: Common Maximum Protectionrevent programs registering to autorun
Source Process Name: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Target File Name: \REGISTRY\USER\S-1-5-21-646962421-2602760918-1561430071-1249\Software\Microsoft\Windows\CurrentVersion\RunOnce\FlashPlayerUpdate
Target Process Name:
Threat Category: 'Registry' class or access
Is it possible to safely excude this one Target File (FlashPlayerUpdate) as I dont really want to add IEXPLORE.EXE to the exclusion list. If not I am not sure how else I can get round this warning constantly popping up!
Any help on this would be appreciated.
No sorry. Access Protection in VSE 8.8 does not have that level of granularity to be able to exclude specific files from a rule's coverage.
One solution would be to identify the vendor who's software is trying to modify that registry value, and ask them to stop or give you the option to disable that behavior.