I have been getting the logs with event name Access protection rule voilation detected and blocked for filename extraSAEne.rul with message prevent prevent modification of McAfee files and settings, will be thankful if anyone can help me in uderstanding the legitimacy of the event.
If it's trying to modify McAfee files without you requesting it, it can't be good.
Run a full scan asap would be my first advice, it looks like a malicious software.
Also if that is the file causing the issue post it on www.virustotal.com and post the results.
Scan also with stinger and run getsusp with your email in the preferenves so it can submit the file to mcafee if it finds it suspicious or unknown.
I agree it sounds suspect.
Access Protection rules are a part of VirusScan Enterprise. From KB52204 :
The VSE Access Protection feature prevents unwanted changes to your computer by restricting access to specified ports, files and folders, shares, and registry key values. It also protects McAfee processes and services by preventing users from modifying or stopping them.
Moved from Consumer section to Business --> EndPoint Security --> VirusScan Enterprise.
Actually those rules and settings are part of any of the following suites: McAfee All Access, McAfee Total Protection, McAfee Internet Security, McAfee Antivirus Plus.