1 Reply Latest reply: Jan 13, 2013 9:54 PM by petersimmons RSS

    Explorer.exe excluded from registry blocking rule?




      We recently had a virus outbreak that was causing superhidden to be enacted, causing a vast number of files to "disappear"  We set a rule at the advice of mcafee support to block registry writing.  I am getting many threat events where Explorer.exe is blocked from writing to the registry.  Would it be wise to add Explorer.exe to the exluded processes list or would that simply invite viruses to change the registry?


      Again, to simplify.  can Explorer.exe be "hijacked" by viruses to cause problems?