We have an open case with McAfee on this.
We have similar issues with 10.2.2 and the latest hotfix.
We have been asked to test 'Disabling GTI' in our policies which leads me to believe their may be an issue with GTI lookups in ENSM.
We also have an SR open for Core Protection blocking access to McAfee files and a Folder for its own processes. Maybe be related. Check for Event 1092.
McAfee VolunteerModerator - Business Products
Any new developments with this?