Showing results for 
Show  only  | Search instead for 
Did you mean: 

McAfee Alert when deploying Endpoint Security Platform using EPO

With the release of the Trellix agent for Windows 5.7.8 I have recreating deployments for new computer installs. This issue is on newly imaged machines that have no previous McAfee or Trellix products. After the Trellix agent is installed and it checks in with EPO I have a "Product Deployment" configured to push out "Endpoint Security" (I have duplicated the issue with version 10.6.1 and 10.7). The deployment seems to complete successfully but it is triggering an "Access Protection rule violation" every single time. The program still appears to work and I am able to install other components of Endpoint security such as Adaptive Threat Protection, and Threat Prevention but I'm unsure if I'm doing something wrong because of the error. Does anyone know if this is a known issue, or if there is a fix? The error I receive is as follows: Threat Category: 'Process' class or access Threat Type: Self Protection Threat Name: Core Protection - Protect core McAfee files and folders Threat Severity: Information Threat Event ID: 1092 File Infected: Event Description: Access Protection rule violation detected and blocked Threat Handled: True Action Taken: Blocked Detection Method: Trust Validation Detection UTC Time: 12/02/22 20:13:49 UTC Received UTC Time: 12/02/22 20:17:01 UTC DAT: Analyzer Name: Redacted Analyzer IP: Redacted Analyzer MAC: Redacted Source: Source IP: Redacted Source MAC: Source Process: Source URL: Source Username: Target: Target IP: Target MAC: Target Process: Target Username: Target Protocol: Target Port: 0
2 Replies
Report Inappropriate Content
Message 2 of 3

Re: McAfee Alert when deploying Endpoint Security Platform using EPO

Hi @User84466004 ,

Please install root certs from the link below and test again.


Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Re: McAfee Alert when deploying Endpoint Security Platform using EPO

I applied those certificates to an individual test system and tried the deployment of Endpoint Security Platform again and I received the same alert. 

Any other suggestions?

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community