0 Replies Latest reply on Apr 21, 2017 12:11 PM by nov1ce

    Anyone here with MOVE 4.5 (non-agentless) installed?

    nov1ce

      When you hit Check New Policies/Enforce Policies from the client with MOVE 4.5 installed, do you get anything in the logs showing path/processes exclusions?

       

      For example, in 3.6.x, we used to get the following from C:\Program Files (x86)\McAfee\MOVE AV Client\mvagent.log:

       

      U.2656.3820: Feb 21 2017:01:09:30.215:   SYSTEM: eppl_policies.cpp: 2105: sending exp cmd.

      U.1052.1928: Feb 21 2017:01:09:30.218:   SYSTEM: cmdi_process.c:  517: Command 'mvadm.exe exp set 3|11|*.bak 3|11|*.edb 3|11|*.evt 3|11|*.evtx 3|11|*.ldf 3|11|*.log' returned 0: No error

      U.2656.3820: Feb 21 2017:01:09:30.218:   SYSTEM: eppl_policies.cpp: 2105: sending pp cmd.

      U.1052.0600: Feb 21 2017:01:09:30.220:   SYSTEM: cmdi_process.c:  517: Command 'mvadm.exe pp set C:\Windows\ccm\ccmexec.exe C:\Windows\system32\mssdmn.exe' returned 0: No error

       

      Do you still get this info with 4.5?

       

      I updated a couple of servers with 4.5 and have an impression that I don't get any MOVE policies from ePO -- they all report to ePO just fine, dropping eicar works too, same for SVM assignment, but I see no traces of path/processes exclusions in the logs.

       

      Instead, I get:

       

      U.160528.155444: Apr 21 2017:13:53:14.599:   ERROR: mvmsgbus_context.cpp:   29: MvMsgBus - Module: mvmsgbus Message: Failed to get the policy, error <1601>

       

      Thanks.