cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
polezhaevdmi
polezhaevdmi
Level 9
Report Inappropriate Content
Message 1 of 24
‎01-29-2019 03:56 AM

VSE 8.8 update fail - reason unknown

Jump to solution

Unclear situation at corporate Exchange server: the VSE deployed and activated fine, but the update freezes in process.

More information I collected:

- Tried 2 deploy methods (via ePO and local installation from scratch, after McAffee Remover was completed), effect looks the same (deploy - OK, update - hangs);

- The VSE deploy phase finishes OK, the DAT version 1111.0000 is reported (agent inventory log is attached below);

- The issue rises during update only;

- The server reboot between deinstallation/installation phases changes nothing;

- Server has MIcrosoft Network Load balancing active;

- Server has Symantec e-mail protector version 7.5;

 

The questions are:

- Can the Symantec or network load balancing affect the VSE update process?

- What else I should check to find the cause of an issue much accurately?

- Could anyone suggest the possible steps to find a workaround?

vse_up_01.png

------------------------------------

Spoiler
Сведения о системе 
Имя компьютера: LSK-........
  
McAfee Agent 
Номер версии:  5.5.1.388
Состояние: Управляемая
SuperAgent: Работа в одноранговых сетях
Последняя проверка обновления системы безопасности: 29.01.2019 10:44:15
Последний сеанс связи агента с сервером: 29.01.2019 10:43:54
Интервал связи агента с сервером (каждый): 1 ч
Интервал применения политики (каждый): 1 ч
Идентификатор агента: {d2eb83f6-239f-11e9-05d3-14187736b21c}
Сервер ePO/обработчик агентов 
DNS-имя: LSK-ePO.corp
IP-адрес: 10....
Номер порта: 443
  
  
McAfee VirusScan Enterprise + AntiSpyware Enterprise 
Номер версии:  8.8.0 (8.8.0.2024)
Дата построения:  16.10.2018
  
Тип лицензии антивирусной программы: licensed
  
Версия модуля сканирования (32-разрядная): 6000.8403
  
Версия модуля сканирования (64-разрядная): 6000.8403
  
Версия файла DAT: 1111.0000
Дата создания файла DAT: 2/2/2010
  
Количество подписей в файле extra.dat: 0
Число угроз, обнаруживаемых файлом extra.dat: Нет 
Версия файла DAT (переполнение буфера, защита доступа): 762
  
Установленные исправления: 12
  
Установленные модули: 
  
 
Copyright © 1995-2018 McAfee LLC. 
All Rights Reserved. 
www.mcafee.com 
   

 

0 Kudos
Reply
2 Solutions

Accepted Solutions
nashcoop
nashcoop
Level 10
Report Inappropriate Content
Message 15 of 24
‎02-07-2019 11:13 AM

Re: VSE 8.8 update fail - reason unknown

Jump to solution

I had a similar issue with an Exchange server, but managed to finally fix it today.  After removing and reinstalling McAfee agent 5.6.0.702, and VScan with Patch 12 (and running MCPR each time) multiple times without fixing the update issue I decided to try installing an older version of VScan.  I had been installing the McAfee agent first, then VScan.  This time I installed VScan with Patch 9, then ran an update which successfully grabbed the DAT from McAfee.  Then I installed the 5.5.1.388 agent, and ran another update which then grabbed tasks & policies from our EPO server and updated to patch 12.

0 Kudos
Reply
polezhaevdmi
polezhaevdmi
Level 9
Report Inappropriate Content
Message 21 of 24
‎04-05-2019 08:02 AM

Re: VSE 8.8 update fail - reason unknown

Jump to solution

After extra delay we tried again with the updated Agent 5.6:

- Agent deploy via ePO was successful;

- VSE deploy via ePO was successful, however the DAT remained 1111 and didn't update (ePO was used to initiate DAT update);

- After OS reboot the DAT was updated to actual version;

- Now we have to monitor fully automatic DAT update process. If at Monday DAT will actualize, the issue should be considered as solved.

0 Kudos
Reply
23 Replies
chealey
McAfee Employee chealey
McAfee Employee
Report Inappropriate Content
Message 2 of 24
‎01-29-2019 04:30 AM

Re: VSE 8.8 update fail - reason unknown

Jump to solution

My guess would be a potentiall dll injection into the McAfee Agent processes - but there could be a number of reasons why it's failing. Which agent version are you using?

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?
Reply
polezhaevdmi
polezhaevdmi
Level 9
Report Inappropriate Content
Message 3 of 24
‎01-29-2019 11:54 PM

Re: VSE 8.8 update fail - reason unknown

Jump to solution

The Agent version is 5.5.1.388. Will it be reasonable to try to install and update VSE without agent installed?

0 Kudos
Reply
chealey
McAfee Employee chealey
McAfee Employee
Report Inappropriate Content
Message 4 of 24
‎01-30-2019 12:21 AM

Re: VSE 8.8 update fail - reason unknown

Jump to solution

No, even a standalone VSE installation will contain the agent.

In your agent logs %Programdata%\Mcafee\Agent\Logs - open the mfemactl log, look for "update" - do you have any entries in the log similar to:

2019-01-25 14:55:15.771 mfemactl(5184.3668) mfemactl.Info: The process <C:\PROGRAM FILES\MCAFEE\AGENT\MCSCRIPT_INUSE.EXE>(8116) was blocked from accessing('CREATE' (1)) <AAC_OBJECT_SECTION:C:\WINDOWS\example\test.DLL> via the rule <Sanitize selected MA Processes>

> if yes, that in this example test.dll was injecting, causing the update to not be initiated.

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?
0 Kudos
Reply
polezhaevdmi
polezhaevdmi
Level 9
Report Inappropriate Content
Message 5 of 24
‎01-30-2019 06:56 AM

Re: VSE 8.8 update fail - reason unknown

Jump to solution

chealey, great thanks for the idea about 'dll injection'!

We tried that sequence:

  • Cleaned the system with MCPR again;
  • Installed VSE from standalone installer;
  • Downloaded and installed actual DAT package;
  • Installed ePO agent from standalone installer.

Now the VSE is actual, DAT is actual, ePO management is operating. The images and agent inventory are below. Tomorrow we will check the schedule update result. I will write it here and look at VSE log file.

vse_inst_03.pngvse_inst_04.png

Spoiler
Сведения о системе 
Имя компьютера: LSK-
  
McAfee Agent 
Номер версии:  5.5.1.388
Состояние: Управляемая
SuperAgent: Работа в одноранговых сетях
Последняя проверка обновления системы безопасности: Неизвестно
Последний сеанс связи агента с сервером: 30.01.2019 16:09:46
Интервал связи агента с сервером (каждый): 1 ч
Интервал применения политики (каждый): 1 ч
Идентификатор агента: {6c70891a-2498-11e9-2016-14187736b21c}
Сервер ePO/обработчик агентов 
DNS-имя: LSK-ePO.corp
IP-адрес: 10...
Номер порта: 443
  
  
McAfee VirusScan Enterprise + AntiSpyware Enterprise 
Номер версии:  8.8.0 (8.8.0.2024)
Дата построения:  16.10.2018
  
Тип лицензии антивирусной программы: licensed
  
Версия модуля сканирования (32-разрядная): 6000.8403
  
Версия модуля сканирования (64-разрядная): 6000.8403
  
Версия файла DAT: 9151.0000
Дата создания файла DAT: 1/29/2019
  
Количество подписей в файле extra.dat: 0
Число угроз, обнаруживаемых файлом extra.dat: Нет 
Версия файла DAT (переполнение буфера, защита доступа): 762
  
Установленные исправления: 12


   

0 Kudos
Reply
polezhaevdmi
polezhaevdmi
Level 9
Report Inappropriate Content
Message 6 of 24
‎01-31-2019 01:52 AM

Re: VSE 8.8 update fail - reason unknown

Jump to solution

 

 

Seems no, the update seems does not occur, while self-check is OK.

The mfemactl file has no messages about update, I put it into spoiler below.

In addition, the message about hanged update process is displayed upon desktop exit.

May be that process locked the update... We will try to reboot the server again soon.

vse_inst_05.pngvse_inst_06.png

Spoiler
2019-01-30 10:22:25.378 mfemactl(10888.9232) mfemactl.Info: mfemactl.exe start...
2019-01-30 10:22:25.378 mfemactl(10888.9232) mfemactl.Info: Monitoring parent process: <C:\Program Files (x86)\McAfee\Common Framework\masvc.exe(12244)>
2019-01-30 10:22:25.378 mfemactl(10888.9232) mfemactl.Info: Successfully registered mfemactl with controlling parent
2019-01-30 10:22:25.378 mfemactl(10888.9232) mfemactl.Warning: Unable to create VtpValidationControl interface, VtpValidationControlCreate() returned <-2146885629>
2019-01-30 10:22:25.393 mfemactl(10888.9232) mfemactl.Warning: Failed obtaining AacControl interface, status = <0x80092003>
2019-01-30 10:22:25.393 mfemactl(10888.9232) mfemactl.Warning: Failed obtaining AacControl interface, status = <0x80092003>
2019-01-30 10:22:25.393 mfemactl(10888.9232) mfemactl.Warning: Failed obtaining AacControl interface, status = <0x80092003>
2019-01-30 10:22:25.393 mfemactl(10888.9232) mfemactl.Info: Unable to obtain AacControl interface for EnableDisableGroup() operation
2019-01-30 10:22:25.393 mfemactl(10888.9232) mfemactl.Warning: Failed obtaining AacControl interface, status = <0x80092003>
2019-01-30 10:22:25.393 mfemactl(10888.9232) mfemactl.Info: Unable to obtain AacControl interface for EnableDisableGroup() operation
2019-01-30 10:22:25.393 mfemactl(10888.9232) mfemactl.Warning: Failed obtaining AacControl interface, status = <0x80092003>
2019-01-30 10:22:25.393 mfemactl(10888.9232) mfemactl.Info: Unable to obtain AacControl interface for EnableDisableGroup() operation
2019-01-30 10:23:00.113 mfemactl(10888.9232) mfemactl.Info: Detected a syscore version change, from <> to <18.9.0.164.17>
2019-01-30 10:23:00.113 mfemactl(10888.9232) mfemactl.Info: Searching for mfehidin among <125> processes...
2019-01-30 10:23:00.113 mfemactl(10888.9232) mfemactl.Warning: Unable to open process with pid: <0>, status: <87>
2019-01-30 10:23:00.113 mfemactl(10888.9232) mfemactl.Info: Found an instance of mfehidin at C:\Program Files (x86)\McAfee\VirusScan Enterprise\VSCore\x64\mfehidin.exe(11392)
2019-01-30 10:24:03.925 mfemactl(10888.9232) mfemactl.Info: mfehidin terminated; now initiating restart...
2019-01-30 10:24:03.940 mfemactl(10888.9232) mfemactl.Info: Extracting files into <C:\Windows\TEMP\mfema2>
2019-01-30 10:24:04.127 mfemactl(10888.9232) mfemactl.Info: Successfully launched <"C:\Program Files\Common Files\McAfee\SystemCore\vtpinfo.exe" /SetSearchPath "C:\Windows\TEMP\mfema2">
2019-01-30 10:24:04.252 mfemactl(10888.9232) mfemactl.Info: <"C:\Program Files\Common Files\McAfee\SystemCore\vtpinfo.exe" /SetSearchPath "C:\Windows\TEMP\mfema2"> completed with status <0>
2019-01-30 10:24:04.361 mfemactl(10888.9232) mfemactl.Info: Successfully launched <"C:\Program Files\Common Files\McAfee\SystemCore\vtpinfo.exe" /LoadCerts>
2019-01-30 10:24:04.502 mfemactl(10888.9232) mfemactl.Info: <"C:\Program Files\Common Files\McAfee\SystemCore\vtpinfo.exe" /LoadCerts> completed with status <0>
2019-01-30 10:24:05.312 mfemactl(10888.9232) mfemactl.Info: mfemactl.exe stopped
2019-01-30 10:24:07.635 mfemactl(13364.13368) mfemactl.Info: mfemactl.exe start...
2019-01-30 10:24:07.635 mfemactl(13364.13368) mfemactl.Info: Monitoring parent process: <C:\Program Files (x86)\McAfee\Common Framework\masvc.exe(12244)>
2019-01-30 10:24:07.635 mfemactl(13364.13368) mfemactl.Info: Successfully registered mfemactl with controlling parent
2019-01-30 10:24:07.698 mfemactl(13364.13368) mfemactl.Info: Successfully obtained AacControl interface, Aac version: SYSCORE.18.9.0.174
2019-01-30 10:24:07.698 mfemactl(13364.13368) mfemactl.Info: AacControl::AddPolicyFromXml() returned status = <0>
2019-01-30 10:24:07.713 mfemactl(13364.13368) mfemactl.Info: AacControl::EnableDisableGroup({C7080E42-1D78-4B64-8E32-6D9E032123FE}, ma.selfprotect, -1) returned status = <0>
2019-01-30 10:24:07.729 mfemactl(13364.13368) mfemactl.Info: AacControl::EnableDisableGroup({2AA87236-7E59-449B-BDE1-D2A6045ED15B}, mfemms, -1) returned status = <0>
2019-01-30 10:24:07.744 mfemactl(13364.13368) mfemactl.Info: AacControl::EnableDisableGroup({65CF3D67-B283-4477-83C6-181CEFAC7443}, mfemms, -1) returned status = <0>
2019-01-30 10:34:11.775 mfemactl(13364.13368) mfemactl.Info: mfemactl.exe stopped
2019-01-30 10:38:22.566 mfemactl(10912.10916) mfemactl.Info: mfemactl.exe start...
2019-01-30 10:38:22.566 mfemactl(10912.10916) mfemactl.Info: Monitoring parent process: <C:\Program Files (x86)\McAfee\Common Framework\masvc.exe(2372)>
2019-01-30 10:38:22.597 mfemactl(10912.10916) mfemactl.Info: Successfully registered mfemactl with controlling parent
2019-01-30 10:38:29.976 mfemactl(10912.10916) mfemactl.Info: All MA binaries appear appropriately VTP trusted
2019-01-30 10:38:30.007 mfemactl(10912.10916) mfemactl.Info: Successfully obtained AacControl interface, Aac version: SYSCORE.18.9.0.174
2019-01-30 10:38:30.023 mfemactl(10912.10916) mfemactl.Info: AacControl::AddPolicyFromXml() returned status = <0>
2019-01-30 10:38:30.038 mfemactl(10912.10916) mfemactl.Info: AacControl::EnableDisableGroup({C7080E42-1D78-4B64-8E32-6D9E032123FE}, ma.selfprotect, -1) returned status = <0>
2019-01-30 10:38:30.054 mfemactl(10912.10916) mfemactl.Info: AacControl::EnableDisableGroup({2AA87236-7E59-449B-BDE1-D2A6045ED15B}, mfemms, -1) returned status = <0>
2019-01-30 10:38:30.054 mfemactl(10912.10916) mfemactl.Info: AacControl::EnableDisableGroup({65CF3D67-B283-4477-83C6-181CEFAC7443}, mfemms, -1) returned status = <0>
2019-01-30 16:06:55.717 mfemactl(10912.10916) mfemactl.Info: mfemactl.exe stopped
2019-01-30 16:07:51.877 mfemactl(11700.4620) mfemactl.Info: mfemactl.exe start...
2019-01-30 16:07:51.877 mfemactl(11700.4620) mfemactl.Info: Monitoring parent process: <C:\Program Files (x86)\McAfee\Common Framework\masvc.exe(13860)>
2019-01-30 16:07:51.877 mfemactl(11700.4620) mfemactl.Info: Successfully registered mfemactl with controlling parent
2019-01-30 16:07:55.683 mfemactl(11700.4620) mfemactl.Info: All MA binaries appear appropriately VTP trusted
2019-01-30 16:07:55.715 mfemactl(11700.4620) mfemactl.Info: Successfully obtained AacControl interface, Aac version: SYSCORE.18.9.0.174
2019-01-30 16:07:55.715 mfemactl(11700.4620) mfemactl.Info: AacControl::AddPolicyFromXml() returned status = <0>
2019-01-30 16:07:55.730 mfemactl(11700.4620) mfemactl.Info: AacControl::EnableDisableGroup({C7080E42-1D78-4B64-8E32-6D9E032123FE}, ma.selfprotect, -1) returned status = <0>
2019-01-30 16:07:55.746 mfemactl(11700.4620) mfemactl.Info: AacControl::EnableDisableGroup({2AA87236-7E59-449B-BDE1-D2A6045ED15B}, mfemms, -1) returned status = <0>
2019-01-30 16:07:55.761 mfemactl(11700.4620) mfemactl.Info: AacControl::EnableDisableGroup({65CF3D67-B283-4477-83C6-181CEFAC7443}, mfemms, -1) returned status = <0>
2019-01-30 16:08:51.438 mfemactl(11700.16344) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-30 16:08:51.469 mfemactl(11700.16344) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-30 16:08:51.469 mfemactl(11700.16344) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-30 16:08:51.469 mfemactl(11700.16344) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-30 16:08:51.500 mfemactl(11700.16344) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-30 16:08:51.500 mfemactl(11700.16344) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-30 16:09:51.373 mfemactl(11700.16344) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-30 16:09:51.404 mfemactl(11700.16344) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-30 16:09:51.404 mfemactl(11700.16344) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-30 16:09:51.404 mfemactl(11700.16344) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-30 16:09:51.435 mfemactl(11700.16344) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-30 16:09:51.435 mfemactl(11700.16344) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:28.454 mfemactl(11700.16344) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:28.485 mfemactl(11700.16344) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:28.485 mfemactl(11700.16344) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:28.485 mfemactl(11700.16344) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:28.516 mfemactl(11700.16344) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:28.516 mfemactl(11700.16344) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:28.859 mfemactl(11700.16344) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:28.890 mfemactl(11700.16344) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:28.890 mfemactl(11700.16344) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:28.890 mfemactl(11700.16344) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:28.922 mfemactl(11700.16344) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:28.922 mfemactl(11700.16344) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:29.202 mfemactl(11700.16344) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:29.234 mfemactl(11700.16344) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:29.234 mfemactl(11700.16344) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:29.234 mfemactl(11700.16344) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:29.265 mfemactl(11700.16344) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:29.265 mfemactl(11700.16344) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:29.530 mfemactl(11700.10104) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:29.561 mfemactl(11700.10104) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:29.561 mfemactl(11700.10104) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:29.561 mfemactl(11700.10104) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:29.592 mfemactl(11700.10104) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:29.592 mfemactl(11700.10104) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:29.873 mfemactl(11700.10104) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:29.904 mfemactl(11700.10104) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:29.904 mfemactl(11700.10104) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:29.904 mfemactl(11700.10104) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:29.936 mfemactl(11700.10104) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:29.936 mfemactl(11700.10104) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:30.201 mfemactl(11700.10104) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:30.232 mfemactl(11700.10104) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:30.232 mfemactl(11700.10104) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:30.232 mfemactl(11700.10104) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:30.248 mfemactl(11700.10104) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:30.248 mfemactl(11700.10104) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:30.528 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:30.544 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:30.544 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:30.544 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:30.575 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:30.575 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:30.856 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:30.887 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:30.887 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:30.887 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:30.918 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:30.918 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:31.199 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:31.230 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:31.230 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:31.230 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:31.262 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:31.262 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:31.542 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:31.574 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:31.574 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:31.574 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:31.605 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:31.605 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:31.886 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:31.917 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:31.917 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:31.917 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:31.948 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:31.948 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:32.229 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:32.260 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:32.260 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:32.260 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:32.291 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:32.291 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:32.572 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:32.603 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:32.603 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:32.603 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:32.634 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:32.634 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:32.915 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:32.931 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:32.931 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:32.931 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:32.962 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:32.962 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:33.258 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:33.290 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:33.290 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:33.290 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:33.321 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:33.321 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:33.617 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:33.648 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:33.648 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:33.648 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:33.680 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:33.680 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:33.945 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:33.976 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:33.976 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:33.976 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:34.007 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:34.007 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:34.288 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:34.319 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:34.319 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:34.319 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:34.350 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:34.350 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:34.616 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:34.647 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:34.647 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:34.647 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:34.678 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:34.678 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:34.974 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:35.006 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:35.006 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:35.006 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:35.021 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:35.021 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:35.302 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:35.333 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:35.333 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:35.333 mfemactl(11700.15520) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:35.364 mfemactl(11700.15520) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:35.364 mfemactl(11700.15520) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:35.676 mfemactl(11700.11272) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:35.692 mfemactl(11700.11272) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:35.692 mfemactl(11700.11272) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>
2019-01-31 10:38:35.692 mfemactl(11700.11272) mfemactl.Info: Intercepted access to AgentEvents folder by process: <C:\PROGRAM FILES (X86)\MCAFEE\VIRUSSCAN ENTERPRISE\MFEANN.EXE>, pid: <8256>
2019-01-31 10:38:35.723 mfemactl(11700.11272) mfemactl.Debug: ValidateProcessEx(8256): <0>
2019-01-31 10:38:35.723 mfemactl(11700.11272) mfemactl.Info: Allowing pid=<8256> access to AgentEvents based on ISG trust for module <C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe>

 

0 Kudos
Reply
chealey
McAfee Employee chealey
McAfee Employee
Report Inappropriate Content
Message 7 of 24
‎01-31-2019 02:28 AM

Re: VSE 8.8 update fail - reason unknown

Jump to solution

Looks good from the dll injection part - I would now probably look into the mcschield log. Look for "ScrptMain START" (without the quotation marks) and look at the time stamp to match with your update task time. If you follow the thread through, you can look for "failed" and this will identify if any portential network issues are present.

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?
0 Kudos
Reply
polezhaevdmi
polezhaevdmi
Level 9
Report Inappropriate Content
Message 8 of 24
‎02-04-2019 09:03 AM

Re: VSE 8.8 update fail - reason unknown

Jump to solution

I see no file, which might be the mcschield log.

In addition, we tried to install an older VSE (8.8.0.975) from standalone installer. Effect is solid - update does not occured.

Instead, something interesting was found in McScript.log. Seems, the infinite loopback consists of such messages, which corresponding with screenshot attached

Spoiler
2019-02-04 18:23:42 I #12912 ScrptMgr Downloading DATRepHC.zip.
2019-02-04 18:23:42 I #12912 p2p_client Checking content via discovery... for hash(D8AF2E39BE0B6F4F5A9434812256FBECA48E3D97)
2019-02-04 18:23:44 I #12912 downloader calling system proxy client api.
2019-02-04 18:23:49 I #12912 downloader Using system configured proxy for connection.
2019-02-04 18:23:49 I #12912 downloader Downloading file from https://10.20.128.193:443/Software/Current/VSCANDAT1000/DAT/0000/DATRepHC.zip?hash=D8AF2E39BE0B6F4F5... to C:\Program Files (x86)\Common Files\McAfee\DATReputation\DATRepHC.zip
2019-02-04 18:23:49 I #12912 curl Setting proxy info proxy:10.20.130.101 port:3128 scope:0
2019-02-04 18:23:49 I #12912 crypto Negotiated Cipher : EDH-RSA-AES256-SHA256
2019-02-04 18:23:49 I #12912 downloader Downloading file from https://10.20.128.193:443/Software/Current/VSCANDAT1000/DAT/0000/DATRepHC.zip?hash=D8AF2E39BE0B6F4F5... to C:\Program Files (x86)\Common Files\McAfee\DATReputation\DATRepHC.zip success.
2019-02-04 18:23:49 I #12912 downloader changing permission...
2019-02-04 18:23:49 I #12912 policybag Sending content "add" request
2019-02-04 18:23:49 I #12912 policybag Content "add" request succeded.
2019-02-04 18:23:49 I #12912 ScrptExe Executing section: [ExtractFile]
2019-02-04 18:23:49 I #12912 ScrptMgr Setting the working dir as C:\Program Files (x86)\Common Files\McAfee\DATReputation
2019-02-04 18:23:49 I #12912 ScrptMgr Setting the working dir as C:\ProgramData\McAfee\Agent\\Current\VSCANDAT1000
2019-02-04 18:23:49 I #12912 ScrptExe Executing section: [SetThrottleAndNeutral]
2019-02-04 18:23:49 I #12912 ScrptExe Running "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /setdatrepneutralu=1 /setdatrephcneutralu=0 /setdatrepneutralm=1 /setdatrephcneutralm=0
2019-02-04 18:23:49 I #12912 ScrptExe Running "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /setdatrepneutralu=1 /setdatrephcneutralu=0 /setdatrepneutralm=1 /setdatrephcneutralm=0
2019-02-04 18:23:49 I #12912 ScrptExe Did not match searched path
2019-02-04 18:23:49 I #12912 ScrptExe Executing "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /setdatrepneutralu=1 /setdatrephcneutralu=0 /setdatrepneutralm=1 /setdatrephcneutralm=0
2019-02-04 18:23:49 I #12912 ScrptExe Using Aac exclusion path C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe
2019-02-04 18:24:27 I #12912 ScrptExe Running "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /throttlehealthcheck=1000000
2019-02-04 18:24:27 I #12912 ScrptExe Running "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /throttlehealthcheck=1000000
2019-02-04 18:24:27 I #12912 ScrptExe Did not match searched path
2019-02-04 18:24:27 I #12912 ScrptExe Executing "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /throttlehealthcheck=1000000
2019-02-04 18:24:27 I #12912 ScrptExe Using Aac exclusion path C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe
2019-02-04 18:25:05 I #12912 ScrptExe Executing section: [IsDATBlocked]
2019-02-04 18:25:05 I #12912 ScrptExe Running "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /timeout=60000 /datreputation=9156.0000
2019-02-04 18:25:05 I #12912 ScrptExe Running "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /timeout=60000 /datreputation=9156.0000
2019-02-04 18:25:05 I #12912 ScrptExe Did not match searched path
2019-02-04 18:25:05 I #12912 ScrptExe Executing "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /timeout=60000 /datreputation=9156.0000
2019-02-04 18:25:05 I #12912 ScrptExe Using Aac exclusion path C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [GotMinEng]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [EnumerateThroughProducts]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [GetNextProductID]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [DoesProductNeedUpdate]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [SetInstalledVersionsUsingRegistry]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [IsProductInstalledReg]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [EnumerateThroughProducts]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [GetNextProductID]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [DoesProductNeedUpdate]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [SetInstalledVersionsUsingRegistry]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [IsProductInstalledReg]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [EnumerateThroughProducts]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [GetNextProductID]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [DoesProductNeedUpdate]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [SetInstalledVersionsUsingRegistry]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [IsProductInstalledReg]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [EnumerateThroughProducts]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [GetNextProductID]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [DoesProductNeedUpdate]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [SetInstalledVersionsUsingRegistry]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [IsProductInstalledReg]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [EnumerateThroughProducts]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [GetNextProductID]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [DoesProductNeedUpdate]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [SetInstalledVersionsUsingRegistry]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [IsProductInstalledReg]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [EnumerateThroughProducts]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [GetNextProductID]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [DoesProductNeedUpdate]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [SetInstalledVersionsUsingRegistry]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [IsProductInstalledReg]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [EnumerateThroughProducts]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [GetNextProductID]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [DoesProductNeedUpdate]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [SetInstalledVersionsUsingRegistry]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [IsProductInstalledReg]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [EnumerateThroughProducts]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [GetNextProductID]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [DoesProductNeedUpdate]
.......
2019-02-04 18:26:32 I #12912 ScrptExe Running "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /timeout=60000 /script=mcnrdhck.lua /hcmode=predatupdate /datver=9156.0000
2019-02-04 18:26:32 I #12912 ScrptExe Running "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /timeout=60000 /script=mcnrdhck.lua /hcmode=predatupdate /datver=9156.0000
2019-02-04 18:26:32 I #12912 ScrptExe Did not match searched path
2019-02-04 18:26:32 I #12912 ScrptExe Executing "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /timeout=60000 /script=mcnrdhck.lua /hcmode=predatupdate /datver=9156.0000
2019-02-04 18:26:32 I #12912 ScrptExe Using Aac exclusion path C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [GetExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [FindInstallationScript]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [EnumerateThroughLanguageFileList]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [IsInstallScriptEqualToInstallCommand]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [EnumerateThroughLanguageFileList]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [IsInstallScriptEqualToInstallCommand]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [EnumerateThroughLanguageFileList]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [IsInstallScriptEqualToInstallCommand]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [EnumerateThroughLanguageFileList]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [IsInstallScriptEqualToInstallCommand]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [EnumerateThroughLanguageFileList]

 vse_inst_07.png

0 Kudos
Reply
polezhaevdmi
polezhaevdmi
Level 9
Report Inappropriate Content
Message 9 of 24
‎02-04-2019 09:26 AM

Re: VSE 8.8 update fail - reason unknown

Jump to solution

Sorry, my reply to chealey disappeared. Again.

Additionally, we tried to install the older VSE (8.8.0.975 from 14.08.2012). Effect is solid, no update.

I see no files, which might be the mcschield log. But in the McScript file I found messages, which are correlating with update process. The 'infinite loopback' has following strings:

Spoiler
2019-02-04 18:23:42 I #12912 ScrptMgr Downloading DATRepHC.zip.
2019-02-04 18:23:42 I #12912 p2p_client Checking content via discovery... for hash(D8AF2E39BE0B6F4F5A9434812256FBECA48E3D97)
2019-02-04 18:23:44 I #12912 downloader calling system proxy client api.
2019-02-04 18:23:49 I #12912 downloader Using system configured proxy for connection.
2019-02-04 18:23:49 I #12912 downloader Downloading file from https://10.20.128.193:443/Software/Current/VSCANDAT1000/DAT/0000/DATRepHC.zip?hash=D8AF2E39BE0B6F4F5... to C:\Program Files (x86)\Common Files\McAfee\DATReputation\DATRepHC.zip
2019-02-04 18:23:49 I #12912 curl Setting proxy info proxy:10.20.130.101 port:3128 scope:0
2019-02-04 18:23:49 I #12912 crypto Negotiated Cipher : EDH-RSA-AES256-SHA256
2019-02-04 18:23:49 I #12912 downloader Downloading file from https://10.20.128.193:443/Software/Current/VSCANDAT1000/DAT/0000/DATRepHC.zip?hash=D8AF2E39BE0B6F4F5... to C:\Program Files (x86)\Common Files\McAfee\DATReputation\DATRepHC.zip success.
2019-02-04 18:23:49 I #12912 downloader changing permission...
2019-02-04 18:23:49 I #12912 policybag Sending content "add" request
2019-02-04 18:23:49 I #12912 policybag Content "add" request succeded.
2019-02-04 18:23:49 I #12912 ScrptExe Executing section: [ExtractFile]
2019-02-04 18:23:49 I #12912 ScrptMgr Setting the working dir as C:\Program Files (x86)\Common Files\McAfee\DATReputation
2019-02-04 18:23:49 I #12912 ScrptMgr Setting the working dir as C:\ProgramData\McAfee\Agent\\Current\VSCANDAT1000
2019-02-04 18:23:49 I #12912 ScrptExe Executing section: [SetThrottleAndNeutral]
2019-02-04 18:23:49 I #12912 ScrptExe Running "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /setdatrepneutralu=1 /setdatrephcneutralu=0 /setdatrepneutralm=1 /setdatrephcneutralm=0
2019-02-04 18:23:49 I #12912 ScrptExe Running "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /setdatrepneutralu=1 /setdatrephcneutralu=0 /setdatrepneutralm=1 /setdatrephcneutralm=0
2019-02-04 18:23:49 I #12912 ScrptExe Did not match searched path
2019-02-04 18:23:49 I #12912 ScrptExe Executing "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /setdatrepneutralu=1 /setdatrephcneutralu=0 /setdatrepneutralm=1 /setdatrephcneutralm=0
2019-02-04 18:23:49 I #12912 ScrptExe Using Aac exclusion path C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe
2019-02-04 18:24:27 I #12912 ScrptExe Running "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /throttlehealthcheck=1000000
2019-02-04 18:24:27 I #12912 ScrptExe Running "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /throttlehealthcheck=1000000
2019-02-04 18:24:27 I #12912 ScrptExe Did not match searched path
2019-02-04 18:24:27 I #12912 ScrptExe Executing "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /throttlehealthcheck=1000000
2019-02-04 18:24:27 I #12912 ScrptExe Using Aac exclusion path C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe
2019-02-04 18:25:05 I #12912 ScrptExe Executing section: [IsDATBlocked]
2019-02-04 18:25:05 I #12912 ScrptExe Running "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /timeout=60000 /datreputation=9156.0000
2019-02-04 18:25:05 I #12912 ScrptExe Running "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /timeout=60000 /datreputation=9156.0000
2019-02-04 18:25:05 I #12912 ScrptExe Did not match searched path
2019-02-04 18:25:05 I #12912 ScrptExe Executing "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /timeout=60000 /datreputation=9156.0000
2019-02-04 18:25:05 I #12912 ScrptExe Using Aac exclusion path C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [GotMinEng]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [EnumerateThroughProducts]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [GetNextProductID]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [DoesProductNeedUpdate]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [SetInstalledVersionsUsingRegistry]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [IsProductInstalledReg]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [EnumerateThroughProducts]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [GetNextProductID]
.......
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [GetNextProductID]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [DoesProductNeedUpdate]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [SetInstalledVersionsUsingRegistry]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [IsProductInstalledReg]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [EnumerateThroughProducts]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [GetNextProductID]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [RunUpdate]
2019-02-04 18:26:32 I #12912 ScrptExe Executing section: [PreHealthCheck]
2019-02-04 18:26:32 I #12912 ScrptExe Running "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /timeout=60000 /script=mcnrdhck.lua /hcmode=predatupdate /datver=9156.0000
2019-02-04 18:26:32 I #12912 ScrptExe Running "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /timeout=60000 /script=mcnrdhck.lua /hcmode=predatupdate /datver=9156.0000
2019-02-04 18:26:32 I #12912 ScrptExe Did not match searched path
2019-02-04 18:26:32 I #12912 ScrptExe Executing "C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe" /timeout=60000 /script=mcnrdhck.lua /hcmode=predatupdate /datver=9156.0000
2019-02-04 18:26:32 I #12912 ScrptExe Using Aac exclusion path C:\Program Files (x86)\Common Files\McAfee\DATReputation\mcdatrep.exe
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [GetExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
...
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [SearchForExtraSetting]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [FindInstallationScript]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [EnumerateThroughLanguageFileList]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [IsInstallScriptEqualToInstallCommand]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [EnumerateThroughLanguageFileList]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [IsInstallScriptEqualToInstallCommand]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [EnumerateThroughLanguageFileList]
2019-02-04 18:26:33 I #12912 ScrptExe Executing section: [IsInstallScriptEqualToInstallCommand]
....

vse_inst_07.png 

0 Kudos
Reply
tao
Reliable Contributor tao
Reliable Contributor
Report Inappropriate Content
Message 10 of 24
‎01-31-2019 07:43 AM

Re: VSE 8.8 update fail - reason unknown

Jump to solution


I've dealt with the DAT 1111 / Updater failing - I created a VSE winrar package with a simple command: "...setupvse.exe" REINSTALLMODE=AMUS /q , repackaged with McAfee EEDK and deploy via ePO. Seems to correct the DAT / Updater issue for me.

You may also consider toggleing on debug logs for VSE & Agent:

VSE fails to install
https://kc.mcafee.com/corporate/index?page=content&id=KB89433&actp=null&viewlocale=en_US

McAfee Agent 5.x
https://kc.mcafee.com/corporate/index?page=content&id=KB82170

If this information was helpful or has answered your question, please select Accept as Solution. This will assist other memebers
Reply
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator