Anybody know why these logs are appearing on the MA logs for the workstations and how to fix these rules?
EPO 5.3.1
2018-04-09 12:16:06.573 mfemactl.Info: The process <C:\WINDOWS\SYSTEM32\SVCHOST.EXE> was blocked from accessing('WRITE, DELETE' (a)) <AAC_OBJECT_PROCESS:C:\PROGRAM FILES\MCAFEE\AGENT\MACMNSVC.EXE> via the rule <Protect MA Processes>
2018-04-09 12:16:06.573 mfemactl.Info: The process <C:\WINDOWS\SYSTEM32\SVCHOST.EXE> was blocked from accessing('WRITE, DELETE' (a)) <AAC_OBJECT_PROCESS:C:\PROGRAM FILES\MCAFEE\AGENT\MACMNSVC.EXE> via the rule <Protect MA Processes>
2018-04-09 12:16:06.573 mfemactl.Info: The process <C:\WINDOWS\SYSTEM32\SVCHOST.EXE> was blocked from accessing('WRITE, DELETE' (a)) <AAC_OBJECT_PROCESS:C:\PROGRAM FILES\MCAFEE\AGENT\MASVC.EXE> via the rule <Protect MA Processes>
2018-04-09 12:16:06.573 mfemactl.Info: The process <C:\WINDOWS\SYSTEM32\SVCHOST.EXE> was blocked from accessing('WRITE, DELETE' (a)) <AAC_OBJECT_PROCESS:C:\PROGRAM FILES\MCAFEE\AGENT\MACOMPATSVC.EXE> via the rule <Protect MA Processes>
2018-04-09 12:16:06.573 mfemactl.Info: The process <C:\WINDOWS\SYSTEM32\SVCHOST.EXE> was blocked from accessing('WRITE, DELETE' (a)) <AAC_OBJECT_PROCESS:C:\PROGRAM FILES\MCAFEE\AGENT\MFEMACTL.EXE> via the rule <Protect MA Processes>
2018-04-09 12:16:06.573 mfemactl.Info: The process <C:\WINDOWS\SYSTEM32\SVCHOST.EXE> was blocked from accessing('WRITE, DELETE' (a)) <AAC_OBJECT_PROCESS:C:\PROGRAM FILES\MCAFEE\AGENT\MASVC.EXE> via the rule <Protect MA Processes>
2018-04-09 12:16:06.573 mfemactl.Info: The process <C:\WINDOWS\SYSTEM32\SVCHOST.EXE> was blocked from accessing('WRITE, DELETE' (a)) <AAC_OBJECT_PROCESS:C:\PROGRAM FILES\MCAFEE\AGENT\MACOMPATSVC.EXE> via the rule <Protect MA Processes>
2018-04-09 12:16:06.573 mfemactl.Info: The process <C:\WINDOWS\SYSTEM32\SVCHOST.EXE> was blocked from accessing('WRITE, DELETE' (a)) <AAC_OBJECT_PROCESS:C:\PROGRAM FILES\MCAFEE\AGENT\MFEMACTL.EXE> via the rule <Protect MA Processes>
You Deserve an Award
