Started with the rollout of P8 into the environment.
Access Protection rule violation detected and blocked on the process "C:\WINDOWS\SYSTEM32\CPQMGMT\CQMGHOST\CQMGHOST.EXE"
I get about 600000 events per day, and that is for now from 1 Server.
Found that this is already listed as a known issue with McAfee for the P8
Basically tells me that this can be resolved by changing config of the HP agent.
And then asks me to open a case with HP.
Now my server team told me they have other priority's...
Is there anyone out there that had this problem before and already knows how to resolve/work arround it?
Is the HP workaround a quick fixs, or should I implement a Exclusion ( something I would prefer not to do )
Thanks for sharing your experiences.
We opened a ticket with HP and got the very helpfull respons below.
Looks like both vendors are blaming each other..;
Within McAfee, select the policies for Virus Scan.
Click the 'Access Protection Policies'.
Choose the selections for 'Server' and 'Common Standard Protection'.
Highlight 'Prevent modification of McAfee Common Management Agent files and settings.'
Click 'Edit' and at the bottom of the window, you will see a list of programs that are already excluded; add 'CPMGHOST.EXE' to the list.