Any error messages in the event viewer? You could try to narrow it down to the component that could be causing the issue > KB66254 may help.
Note VSE should be on patch 8 - patch 4 was released in October 2007 so it seems to be a bit behind.
Thanks very much for your reply and suggestions. I looked at the Event Viewer and there are many errors posted. I'm not sure which may be relevant, and have included a few examples below:
The Windows Firewall has detected an application listening for incoming traffic.
Process identifier: 1276
User account: NETWORK SERVICE
User domain: NT AUTHORITY
RPC server: No
IP version: IPv4
IP protocol: UDP
Port number: 54828
User notified: No
Many errors posted mostly due to not being able to load services.
Antivirus - following error posted several times when running an avast! scan (after McAfee disabled)
AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\WINDOWS\system32\CCM\smssha.dll failed, 00000005.
I'm not sure if the following infromational message might indicate anything sinister - this happened after the issue first became apparent...
The store C:\Documents and Settings\<username>\Local Settings\Application Data\Microsoft\Outlook\outlook.ost is being reconciled with the indexer for the following reason: The store was last opened on a different machine.
I'll try KB66254 and applying latest VSE patch.
Also someone suggested that I reinstall the McAfee framework using FramePkg.exe. Problem is I can't install in safe mode, and it doesn;t install in normal mode because all services hang...
please look for McLogEvent entries in the Windows Application log. These highlight if there are any problem with loading VirusScan drviers, or if there are any other unexpected error.
Most likely VSE could be disabled due to drivers not being loaded or even missing; DAT problems, etc.
Thanks very much for your reply. I looked at the McLogEvents - no errors. Here is the last entry prior to the current problems:
McShield service started.
Engine version : 5400.1158
DAT version : 5840.0000
Number of signatures in EXTRA.DAT : None
Names of threats that EXTRA.DAT can detect : None
DAT version has since been updated.
A further sweep using Spyware Doctor uncovered a Trojan.FakeAlert infection
Yes, many variants of FakeAlert attempt to terminate McAfee processes (and others).
You'll have to get fakealert cleaned up, before we can expect the scanner to startup properly.
This can be done by booting to a boot CD, and manually finding/removing the malware, and perhaps running additional scans with McAfee. (just be sure to have updated dats, as new variants show up every few hours)
If you get stuck, see if you can run GMER (gmer.net) and post a log up here, and we'll take a look.
You might also want to open up a support case, so it can be resolved asap.
Remove the trojan (just to be sure it's gone) with the latest sdat from mcafee. Download it into a seperate folder, extract it with /e. Boot the PC into safemode. Open Dosbox, goto the dir where you've extracted the sdat. Run 'scan /adl /sub /repair'.
Mostlikely you will have to reinstall VirusScan.
Also see KnowledgeBase article: KB67088 - Creating a boot CD including McAfee Command Line Scanner