Sorry for starting this new thread, but I have a couple of observations regarding the recent updating problem that I have not yet seen addressed.
I have been patiently following the two recent relevant threads with interest, and while I appreciate the efforts of the programmers and beta testers to fix the problem, as well as the great communication by the moderators, the problem has not yet been fixed.
Maybe this information might be helpful?
I am running McAfee AntiVirus Plus with Windows 7 on a Dell XPS 8700 desktop (Intel i7 processor, 12GB RAM).
Since August 14 have been experiencing the problem where the program will not update, with the perpetual "spinning gray circle" on first booting my system (or sometimes when bringing it out of sleep).
In order to successfully update I must do each update manually, AND with Access Protection OFF.
On August 23 my McAfee Security Center updated (initiated manually) from Build 14.0.4113 to Build 14.0.4119. I had hoped the issue would be fixed, but it's not.
Yesterday, after running the MVT again (no problems found), I went through the process of uninstalling AntiVirus Plus, running MCPR, and reinstalling, but I got the "gray circle" again this morning.
So... Observation #1:
When I do open the AntiVirus Plus UI and attempt a manual update I get two DIFFERENT results, depending on whether I have Access Protection enabled or disabled.
If Access Protection is On/ enabled, the process always finishes with the message: "McAfee cannot update your software. Please check your internet connection. If the problem continues, please contact Technical Support."
If Access Protection is Off / disabled, the process APPEARS to complete, with the message: "You currently have the latest updates available."
BUT, as others have reported, the process completes VERY quickly, giving the impression that an update might not have actually occurred.
In addition, after each manual update, the interface states that the next update is scheduled after ONLY 10 MINUTES.
For instance, this morning I performed an update (AP off) at 7:57 AM, and the update completed showing the message Next check for updates: Wednesday, August 26, 2015 8:07 AM
Is this normal, or to be expected after a SUCCESSFUL manual update?
Since May 14, 2015, I have been consistently seeing specific Warning events in the System log in my Windows Event Viewer whenever the McAfee update process runs.
Between May 14 and August 13 I was experiencing no obvious problems with McAfee updates. The program was behaving and updating normally as far as I could tell.
BUT - about twice daily, whenever McAfee updated, a Warning (Event ID: 516) was generated in the System log, similar to this:
Log Name: System
ate: 8/10/2015 7:13:52 PM
Event ID: 516
Task Category: (256)
Description: Process **\MCUPDA~1.EXE pid (3580) contains signed but untrusted code, but was allowed to perform a privileged operation with a McAfee driver.
As I said, the update process seemed to be working normally in spite of the warning message about "signed but untrusted code".
NOW, Since August 14 there has been a change in the Warning (I believe August 14 was when the Security Center update to Build 14.0 4113 occurred?).
I am now seeing a DIFFERENT Warning (Event ID: 512), now being logged twice daily:
Log Name: System
Date: 8/24/2015 7:53:01 AM
Event ID: 512
Task Category: (256)
Description: Process **\MCUPDA~1.EXE pid (6040) is not from a trusted source and was blocked from performing a privileged operation with a McAfee driver.
Notice that this warning apparently states that the Mcafee updater was BLOCKED?
It appears that, according to the logs, the McAfee updater has been consistently blocked twice daily since the August 14 program update.
I can't believe that I am the only one seeing these "untrusted code" and "blocked" warnings in my Event Viewer logs, but I haven't seen any reference to this detail.
I HAVE found a number of past threads (for various unrelated problems) referencing Event ID 516 "untrusted code" Warnings, related to "certificate mismatch", but there never seemed to be a definitive fix offered.
I DID notice, however, that on August 23, right after my Security Center updated to Build 4119 (which generated the usual Application Information log AVLogEvent - Event ID 5008 "Content successfully updated")
I saw that the VERY next Application log entry was:
Log Name: Application
Date: 8/23/2015 7:20:05 AM
Event ID: 4111
Task Category: None
Description: Successful auto update of third-party root list with effective date: Thursday, July 23, 2015 7:16:35 PM.
BOTH log entries had the same time stamp of 8/23/2015 7:20:05 AM, so I assumed that the "third-party root list" update occurred as part of the McAfee program update, and would fix the "not from a trusted source and was blocked from performing a privileged operation with a McAfee driver" glitch, and therefore fix the update problem.
But next morning I saw the same update hang, and another associated "blocked" warning in the System log.
I obviously don't really understand the arcane workings and interactions of "untrusted code", "third-party root certificates" and "certificate mismatches", or how they relate to software from Microsoft, McAfee and Intel,
but might the information in the Warning logs being generated during each McAfee update attempt be relevant to the problem at hand?
Thanks for any advice, and thanks again for your patience...