3 Replies Latest reply on Oct 1, 2009 12:26 AM by rhythm_methods

    McAfee Detection on IIS (W3WP.EXE) Service!

      Ok,

      I'm seeing an on access protection rule pop up when dealing with a SharePoint server.

      The question is, what would be dymanically generating .DLL files in the temp directory?

      Here is what I'm seeing:

      Would be blocked by Access Protection rule (rule is currently not enforced) <Domain>\SharePoint Admin Account

      c:\windows\system32\inetsrv\w3wp.exe C:\WINDOWS\Temp\<random dll name>.dll

      Common Maximum Protection:Prevent creation of new executable files in the Windows folder Action blocked : Create

      I did recently install Trend Portal Protect to scan documents uploaded into the SharePoint repo, so I guess is could be starting a new thread each time it scans... and maybe a new DLL as a result...

      Thoughts?

      GB