cancel
Showing results for 
Search instead for 
Did you mean: 

MOVE Multiplatform Log File Flooding

Jump to solution

We recently installed MOVE 2.6 Multiplatform agents on a few VDI machines and the log file are growing very quickly with similar entries...

From the "mvagent" log file located in the <Program Files>\McAfee\MOVE AV Client\   folder:

Sep 13 2013:10:09:05.552:   SYSTEM: fsh_hooks.c :  115: Denying write to file: '\Device\HarddiskVolume1' due to integrity being modified by process: 'iexplore.exe'.

I also have the same events for 'iexplore.exe', 'explorer.exe', 'OUTLOOK.exe" , VpxClient.exe' and 'MfeFfProxy32.exe'

I understand that these are processes associated with the applications running on my VDI.

What is causing this and is there a way to stop these events ?

1 Solution

Accepted Solutions

Re: MOVE Multiplatform Log File Flooding

Jump to solution

After a discussion with McAfee Support, it appears that this is a bug related to its self protection feature which should be fixed in MOVE Multiplatform 3.0.

MOVE by default has integrity checking enabled on its services, file and registry keys. In this case, this features seems to be also checking the entire drive for any process...

By running the following the following command, I was able to to stop those logs :

mvadm.exe config set IntegrityEnabled=6

This will enable integrity protection for the service and registry only and should only be done as a temporary work around

Message was edited by: bblanchard on 9/16/13 1:23:07 PM CDT
1 Reply

Re: MOVE Multiplatform Log File Flooding

Jump to solution

After a discussion with McAfee Support, it appears that this is a bug related to its self protection feature which should be fixed in MOVE Multiplatform 3.0.

MOVE by default has integrity checking enabled on its services, file and registry keys. In this case, this features seems to be also checking the entire drive for any process...

By running the following the following command, I was able to to stop those logs :

mvadm.exe config set IntegrityEnabled=6

This will enable integrity protection for the service and registry only and should only be done as a temporary work around

Message was edited by: bblanchard on 9/16/13 1:23:07 PM CDT
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community