Moved to VSE Community.
Under your access protection rules, if the Prevent modification of McAfee files and settings is checked, you wont be able to make changes to that. That is a policy managed by EPO so it comes down as policy to block those changes. You may want to check your logs to see if it is that policy that is blocking those changes.
Thanks. Actually, I do not have access protection loaded. This is a development LAN not connected to the Internet and Access Protection would be too
restrictive. Just have Buffer Overflow Prot, On-Delivery email scanner, Unwanted Programs Policy, On-Access scanner, Quarantine Manager, Full Scan
But as I believe I mentioned why are there 2 spots in the registry, VSCORE and TVD? And do BOTH spots need to be changed to satisfy the scan? I actually did change the one setting in both spots (had to create keys in TVD) and it still reverted back. Maybe McAfee framework is doing this?
AT A LOSS.
An update, I turned off the McAfee Framework Service and the registry stays intact. So why is Framework reverting the registry settings?
Sounds like you have a policy set in EPO which is being enforced and overwriting your change on the desktop.
I don't use 8.5 any more (using 8.7), but you should find the GUI equivalent of the Registry key under "On Access Scan Properties"/ "General Settings" / "Messages" / "Actions available to user" - "Remove Messages from the list". When that setting is ticked, it will be 1 in the registry, unticked is 0.
There should be a corresponding setting in EPO for the VirusScan policy. It needs to be changed there to make it enforced correctly.
For anyone who comes across this, I experienced the same thing. I found this resolved my problem:
- Open up the VirusScan ConsoleSelected Access Protection Properties
- In the Categories window, select Common Standard Protection
- In the right window, there are 3 columns; Block, Report, & Rules
The rules I unblocked to allow the modifications to the registry were:
- Prevent Modification of McAfee files and Settings
- Prevent Modification of McAfee Common Management Agent files and settings
- Prevent Modification of McAfee Scan Engine files and settings
Afterwards, make sure you enable Block again when you are finished with your modifications. I leave Report checked for auditing purposes.
This is based on 8.7i