5 Replies Latest reply: Apr 21, 2013 10:09 PM by petersimmons RSS

    VSE87i Patch-2 and Personal Security ?!?


      We have ePO4 Patch6 and VSE87i and recent .dat file updated every day. We have a user which have installed Personal Security

      C:\Program Files\PersonSecurity\psecurity.exe which is a malware.

      As we configure ePO to send notification rule everytime that we have an user or program tentative to disable McAfee AV, we get around 16000 mails from ePO like this

      Event descriptions : Access Protection rule violation detected and blocked
      Starting at : 3/29/10 12:23:37 PM

      Name of threats : Common Standard Protection:Prevent termination of McAfee processes

      Infected file C:\Program Files\McAfee\VirusScan Enterprise\scan32.exe

      Additional Information : C:\Program Files\PersonSecurity\psecurity.exe


      My question: why the user be able to install this program? Shouldn't  VSE87i automatically block/quarantine psecurity.exe? (we have need to contact user and log into user's computer for remediation)

      Thks a lot,