Working with McAfee EPO 5.3 and VirusScan 8.8 patch 7
I am cleaning up my default Access Protection rules. Usually, when I do this, I make a copy of McAfee Default and then pick through it to add back in my own exclusions from the rule I am cleaning up. As I am doing this I am noticing some changes I have a question about,
For example, I am looking at this specific rule Workstations: Common Standard Protection:Prevent modification of McAfee files and setttings
My own current policy has exclusions like this (duplicated from the default previously I think),,,
The current McAfee Default rule looks like
I am not sure if my own rules are more current or if these differently formatted rules in DEFAULT are newer.
There are a few excluded McAfee processes in my rules that are not in the default exclusions and I wonder if I should remove them or if I added them due to KB articles over time or something...
In my exclusions, not in McAfee Default exclusions...
mfevtps.exe -- think this is new ACC core process...
**\Common Files\McAfee\DATReputation\mcdatrep.exe --- this this is part of DAT Reputation...
cleanmgr.exe -- not sure this is a mcafee process or not
So, not sure if MY rules are newer or if DEFAULT rules are newer.