I had.. but the trigger was an Addon.
Check if you have any Addons in your Enviroment that could be the Problem. IE, Excel, Word Outlook etc has own Serttings that need to be disabled. If you are using a Email Database Addon to exclude data from Emails older than XXX Days to a Server storage. And that Addon handles the Database connection you will have a BIG Problem. But if the Addon that makes Trouble is just a ph. CCleaner implementation or something like that - you can be lucky..
Its like McAfee Said, most of the Bops are correkt. The point why they are triggert since P4 is becourse of the restrictive that has changed to a higher level of Bop. The Problem is - may programms are not well coded. Or not like they think it is correkt. To become more secure its the legal way to kick our as to buy certified and fine programmed pice of software. OR get the newest Release or Update. Its not user friendly..
Other BOPs are Triggert by real Malware. So i would say if the Addon thing is not the way that works - download the free Recovery Disk from Kasperky - and check the System twice. It could be possible that your System is already infected by a Trojan, Malware or just has aktive parts of it that McAfee has not removed. After many Years of Using McAfee i can say the findings are not Top level Rankings and Information politic to that was was found is pure horror. After every attack that was blocked it is wise to LOOK if something is wrong becourse just to remove the trojan doesnt mean that they repair the damage.
If everything is a fault - setup a new system. From a original Installation DVD. NOT from a Image DVD. They got Programms and old software in it that can be the case too. But if that all doesnt Fit your Problem: Change Your Security Suite to something that works with out the BOP problem like Kasperky, Avira, GData etc. personlay i dont like Norton.. but its your choice to make.
Please check the KB81308 https://kc.mcafee.com/corporate/index?page=content&id=KB81308
I will advise to open a case with technical support as McAfee is investigating this issue.
Please keep in mind the applications incompatible with DEP:
Applications incompatible with DEP that are detected by BOP include:
In BOP policy is option to exclude process, API, module.
It's simple to exclude whole process, but it's not wise when it comes to Internet Explorer.
How then add precise exclusion baseing on most popular example:
We upgraded to Patch 4 3 days ago. We immediately had to make exclusions for the common MS Office processes:
We now starting to get a few systems getting iexplore.exe and explorer.exe alerts. These seem to be very intermittent, so troubleshooting has been tough. I do know that on one of our XP machines, the enduser experiences an explorer.exe alert when she uses the built-in Windows search function when trying to search a network drive. We've ensured that the system is patched and tried the cleaning suggestions posted earlier in this thread, but neither has helped.
As for iexplore.exe, we are stuck using IE8 due to the primary software our facility uses. (This software cannot run in IE9 or in other browsers.)
While these alerts haven't been seen house-wide, they are just often enough to cause frustration with our helpdesk. (There have been less than 20 alerts for each of these processes; all in all, not bad for over 2500 systems.)
Does anyone have any tips to make troubleshooting explorer and iexplore alerts easier?