Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
1563 Views 9 Replies Latest reply: Jan 15, 2014 10:39 AM by Trooper RSS
hiteshp Newcomer 8 posts since
Oct 29, 2012
Currently Being Moderated

Jan 9, 2014 11:30 AM

Unable to Install Virus Scan 8800 from ePO to Windows XP Machines

ePO 4.6.6

McAfee Agent 4.8.0.887

VirusScan Enterprise 8.8.0.975

ePO Server = Windows 2008 R2 64Bit

Workstation = Windows XP SP3

 

Hi All,

 

Having a problem with one particular workstation where VirusScan failed to install.  Below is the error I see on the Agent Monitor:

 

09-01-2014 17-17-53.jpg

 

I found an artical on the KB saying that I should try a manual install of the software.  When trying that, the install stops half way through saying it was interupted.  Found another artical about the interruption and the SYSTEM account might not have permission to where the install files are.  Checked that and the SYSTEM account has full persmission.

 

Has anyone come across this problem?

 

If anyone can help, that would be great.

 

Regards

 

Hitesh

  • system48 Newcomer 4 posts since
    Jan 17, 2013

    Can you find the install log for the VSE install.  You should find it in the local profile temp folder, for XP C:\Documents and Settings\(User_Name)\Local Settings\Temp\McAfeeLogs.  The log file to look for will start with "vse8.8.0.core_install". 

  • cqcqcq Newcomer 2 posts since
    Jan 9, 2014

    I may have the same problem.

     

    *********************************************
    McAfee System Core Installer
    Copyright 2005-2011 McAfee Inc.
    All Rights Reserved Version SYSCORE.15.0.0.515
    *********************************************
    Mon Jan 06 01:35:42 2014

    C:\Program Files (x86)\McAfee\VirusScan Enterprise\VSCore\x64\mfehidin.exe -i VSE88P2 -q -l C:\WINDOWS\TEMP\McAfeeLogs\vse8.8.0.core_install_010614_013542.log -etl C:\WINDOWS\TEMP\McAfeeLogs\vse8.8.0.core_install_010614_013542.etl -x vse.xml OAS EmailScan ScriptScan
    [01:35:42:738] - ETL TRACING ON
    [01:35:42:738] - Parsing XML vse.xml
    [01:35:42:738] - ***ParseXMLFile()***
    [01:35:42:738] - action = pa_validate
    [01:35:42:769] - ParseXMLFile: Found <CoreInstall> element
    [01:35:42:769] - MD5 for document is 0c37d62ac38c1e56cf4120591cd7bb82
    [01:35:42:769] - ParseXMLFile: Found <Signature> element
    [01:35:42:769] - parseSignature:
    [01:35:42:769] - parseSignedInfo:
    [01:35:42:769] - parseReference:
    [01:35:42:769] - parseDigestValue:
    [01:35:42:769] - parseDigestValue: exit=0
    [01:35:42:769] - parseReference: exit=1
    [01:35:42:769] - parseSignedInfo: exit=1
    [01:35:42:769] - parseSignatureValue:
    [01:35:42:769] - CheckDataSignature:
    [01:35:42:847] - CheckDataSignature: ERROR: The certificate could not be verified
    [01:35:42:847] - CheckDataSignature: return=2148204809 (0==SUCCESS)
    [01:35:42:847] - parseSignatureValue: exit=0
    [01:35:42:847] - parseSignature: exit=0
    [01:35:42:847] - ERROR: ParseXMLFile: signature check failed
    [01:35:42:847] - action = pa_validate
    [01:35:42:847] - ParseXMLFile: exit=0
    [01:35:42:847] - Install error: failed to validate
    [01:35:42:847] - Returning 4294967295

     

    Hmm possibly related articles:

     

    http://kc.mcafee.com/corporate/index?page=content&id=KB72550

    https://kc.mcafee.com/corporate/index?page=content&id=KB77683

    http://kc.mcafee.com/corporate/index?page=content&id=KB77681

     

    Anyone figured this out?

  • system48 Newcomer 4 posts since
    Jan 17, 2013

    Haven't really figured out exactly why the install fails but this is what I know will get around the issue.  If you change the date on your PC to prior to 12/31/2013 the install will go through.  Or if you check your certificate store for the mentioned,  "VeriSign Class 3 Code Signing 2004 CA" and delete the install will also go through.  In KB77683 it says the issue should only happen if you have an expired version of that cert but I was seeing the issue even with the cert that expires 2014.07.15.  In Win7 I found the cert in the Intermediate CA store.  Not sure if it would be in the same place on XP.

     

    Also I have already put a ticket in with support and their solution was to use the workarounds or install VSE 8.7 and wait until patch 4 for 8.8 comes out.

     

    Message was edited by: system48 on 1/9/14 3:09:58 PM CST
  • pato Apprentice 107 posts since
    Apr 1, 2010

    I think somebody posted a few days ago an issue with a Mcafee certificate that run out on the 31.12.2013 which causes issues with the installation. Luckily the date trick works.

  • wwarren McAfee SME 766 posts since
    Nov 3, 2009

    We are looking into this still with hopes to come up with a better option than a workaround.
    KB article KB77683 will be the best point of reference for latest info (the article is still in review for publishing as of this posting as we made some edits recently, for example, it's not just XP/2k3 that's affected)

     

    http://kc.mcafee.com/corporate/index?page=content&id=KB77683

  • cqcqcq Newcomer 2 posts since
    Jan 9, 2014

    There has been an update of the article today

    kc.mcafee.com/corporate/index?page=content&id=KB77683

  • passmaster16 Newcomer 26 posts since
    Nov 8, 2009

    We're encountering the same issue on Windows 7 with both our standalone VSE 8.8 P2 installs and via ePO.  Setting the date back does allow the installation to succeed but is not a practical option for us.  We spoke with McAfee support and the only thing that they could offer is to install VSE 8.8 P1 and wait for P4 to come out.  The problem is that doesn't P4 need P2 to be installed first anyway?  If so, we'd be in the same position when we have to get P4 deployed.

     

    Also where are you finding the VeriSign Class 3 Code Signing 2004 CA certificate on Windows 7?  We searched the machine including the trusted certificate store and cannot find it at all. 

     

    Oddly enough, the P1 install succeeds even though its certificate expired in 2011.  The P2 certificate expired at the end of 2013.

     

    P1

     

    vse88p1.png

    P2

    vse88p2.png

     

    It appears both certificates chain up to VeriSign Class 3 Code Signing 2004 CA so I'm not sure why one works while the other doesn't.  We'd rather not have to check the P1 installation back into ePO but it may be the only option unless somebody else has a better idea?

  • Trooper Newcomer 5 posts since
    Dec 4, 2009

    @passmaster16:

    we must wait until P4 come out.

    We have also contact McAfee Support,  and or case  was escaleted to the next level (t3)the answer is wait until Patch 4. This is typical McAfee....

    KB77683  is risible!

     

     

    You will fintd VeriSign Class 3 Code Signing 2004 and CA is valid.

    McAfee.jpg

     

    sorry or OS is German

     

    Trooper!


More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points