Article Number: 000189881
Tuotteet, joita asia koskee:
Dell Endpoint Security Suite Enterprise
Versiot, joita asia koskee:
2.8–2.9
Kuva 1: (Englanninkielinen) Hälytys palvelinkonsolissa
The events in the C:\Programdata\Dell\Dell Data Protection\DellAgent.log
siinä voi olla seuraavanlaisia merkintöjä:
[04912] (00008) W AVAS : NT AUTHORITY\SYSTEM ran C:\Program Files\Dell\Dell Data Protection\Advanced Threat Protection\CylanceSvc.exe, which attempted to access the process mfefw.exe, violating the rule "Core Protection - Protect McAfee processes from unauthorized access and termination", and was blocked. For information about how to respond to this event, see KB85494. [04912] (00007) W AVAS : received Information threat protection event: BO=SP Id=1092 [04912] (00007) W AVAS : NT AUTHORITY\SYSTEM ran C:\Program Files\Dell\Dell Data Protection\Advanced Threat Protection\CylanceSvc.exe, which attempted to access the process mfewc.exe, violating the rule "Core Protection - Protect McAfee processes from unauthorized access and termination", and was blocked. For information about how to respond to this event, see KB85494. [04912] (00004) W AVAS : received Information threat protection event: BO=SP Id=1092 [04912] (00004) W AVAS : NT AUTHORITY\SYSTEM ran C:\Program Files\Dell\Dell Data Protection\Advanced Threat Protection\CylanceSvc.exe, which attempted to access the process mfeesp.exe, violating the rule "Core Protection - Protect McAfee processes from unauthorized access and termination", and was blocked. For information about how to respond to this event, see KB85494. [04912] (00007) W AVAS : received Information threat protection event: BO=SP Id=1092 [04912] (00007) W AVAS : NT AUTHORITY\SYSTEM ran C:\Program Files\Dell\Dell Data Protection\Advanced Threat Protection\CylanceSvc.exe, which attempted to access the process mfewch.exe, violating the rule "Core Protection - Protect McAfee processes from unauthorized access and termination", and was blocked. For information about how to respond to this event, see KB85494.
pikanäppäimellä McAfee SelfProtection_Activity.log
voi sisältää seuraavan kaltaisia merkintöjä:
mfeesp(7716.9896) ApBl.SP.Activity: NT AUTHORITY\SYSTEM ran CYLANCESVC.EXE, which attempted to access MFEWC.EXE, violating the rule "Core Protection - Protect McAfee processes from unauthorized access and termination", and was blocked. For information about how to respond to this event, see KB85494. mfeesp(7716.9896) ApBl.SP.Activity: NT AUTHORITY\SYSTEM ran CYLANCESVC.EXE, which attempted to access MFEESP.EXE, violating the rule "Core Protection - Protect McAfee processes from unauthorized access and termination", and was blocked. For information about how to respond to this event, see KB85494. mfeesp(7716.9896) ApBl.SP.Activity: NT AUTHORITY\SYSTEM ran CYLANCESVC.EXE, which attempted to access MFEFW.EXE, violating the rule "Core Protection - Protect McAfee processes from unauthorized access and termination", and was blocked. For information about how to respond to this event, see KB85494. mfeesp(7716.9900) ApBl.SP.Activity: SPRINGSCREATIVE\jcampbe-la ran IE4UINIT.EXE, which tried to access HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\ENABLE BROWSER EXTENSIONS, violating the rule "Web Control - Protect plug-in registry keys and values", and was blocked. For information about how to respond to this event, see KB85494.
McAfeen allekirjoitusvarmenne ei huomioi Cylance-varmennetta ja tarvitsee päivityksen.
Ongelma on korjattu Dell Endpoint Security Suite Enterprise 3.0 -versiossa Windowsille.
Jos haluat ottaa yhteyttä tukeen, katso luettelo Dell Data Securityn kansainvälisen tuen puhelinnumeroista.
TechDirectissä voit luoda teknisen tukipyynnön verkossa.
Lisätietoja ja resursseja on Dell Security Community Forum -keskustelufoorumilla.
Dell Endpoint Security Suite Enterprise
15 Dec 2022
7
Solution