Quick questions for the IT security community. We have a 2000 workstation being centrally managed by McAfee ePO. All of those stations are being scanned / protected based on a single predefined policy. In that policy we have a list of highrisk processes which we want to ensure are clean and some we want to block instantly from running. One of those processes is explorer.exe . Alot of viruses are targeting thise process therefore we wanted to eleviate our level of pretection by doing so. But for 2 individuals it is causing a considerable slowdown when accessing local drive where large zip and iso files reside. Of course our first recommendation was to move those files on a network share but to back this recommendation I wanted to get your opinion of our strategy. Should explorer.exe be considered a highrisk process or not?? thank you
--------------------------------------------------------------------------- ---------------------------------------------------------------------------
