cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 10

Can I exclude .dll files?

Is there any way to exclude .dll files from the "threat target path" of the rule "Prevent common programs from running files from the Temp folder"?

I'm getting around 100 alerts from known ok processes that we require to run out of the temp directory, and we only have about 30 users.

I know I can exlude iexplore.exe from the rule, but then I feel we would be left wide open, as that's where a lot of things originate.

Most alerts are from counters.dat, it would be awsome to be able to create an exception so that target file wouldn't trigger an event.

Thanks for any help .

on 26/03/14 2:41:55 EDT PM
9 Replies
rackroyd
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 10

Re: Can I exclude .dll files?

As this is more a point-product configuration question, moving to vse group for better attention.

on 26/03/14 2:42:13 EDT PM




Was my reply helpful?


If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
Former Member
Not applicable
Report Inappropriate Content
Message 3 of 10

Re: Can I exclude .dll files?

Ty

on 26/03/14 2:42:33 EDT PM

Re: Can I exclude .dll files?

Headers altered from "exclude .dat files" to "exclude .dll files" for clarity.

OK?

wwarren
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 10

Re: Can I exclude .dll files?

Sorry, this is not possible with the current Access Protection implementation.

It is a commonly requested PER. Adding your voice to the list would not be a bad thing.

William W. Warren | S.I.R.R. | Customer Success Group | McAfee
Former Member
Not applicable
Report Inappropriate Content
Message 6 of 10

Re: Can I exclude .dll files?

Thanks for the help and input.  This is the 1st time in a decade I've used Mcafee suite.  My 30-40 users generated over 500 alerts yesterday .  I will definitely add my voice to the list!

Former Member
Not applicable
Report Inappropriate Content
Message 7 of 10

Re: Can I exclude .dll files?

pmclachlan, are you using VSE 8.8 with Patch 4 and MA 4.8 Patch 2?  I'm seeing new alerts about counter.dat after I upgraded one test system under IE 10 and Windows 7 x64, and I have always seen alerts when using the Microsoft print to XPS option.  I'll also submit a PER (or vote for your issue if it's public) and I opened a new question about alerts on counter.dat

Former Member
Not applicable
Report Inappropriate Content
Message 8 of 10

Re: Can I exclude .dll files?

I am.  As soon as I applied the patches I started getting like 500 alerts a day from 50 users!  I can't imagine what's going on with large networks...

Former Member
Not applicable
Report Inappropriate Content
Message 9 of 10

Re: Can I exclude .dll files?

Sorry for my newbness...What is the PER and where do I find it?

Thanks again!

wwarren
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 10 of 10

Re: Can I exclude .dll files?

Article KB60021, How to submit a PER

And welcome

William W. Warren | S.I.R.R. | Customer Success Group | McAfee
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community