Have you tried to restart on of these services?
AFAIK, most of them are blocked, if you not
disable the following policy:
McAfee Agent / General deselect
option Enable self protection (Windows only) .
It is covered in the product guide, do "maconfig -enforce -noguid" to clear the guid.
The McAfee agent service is the primary service. All services are controlled by the "McAfee Service Controller" mcafee uses that instead of the windows service manager now.
Best bet is to stop the services (disable access protection for the agent), clear guid and grab you image. Service will start on reboot.
This "McAfee Service Controller" make things worth and more complicated for admins,
if you have issues with system, this security enhancement is of no help, cause it misses
the possibility to switch it of from ePo - console. This (switch of/on) would be the real
improvement, if any of this is really necessary in a managed environment.
If an machine - admin can't stop services any longer, i call this prohibition not security!
But you can, just set it in EPO and push it to all clients from the top of the system tree. Make sure these policies are inherited down the tree.
In EPO, goto Assigned Policies under system tree (Top level), choose McAfee Agent under product. Edit the general policy, untick 'Enable self protection (Windows only)', click Save. Wait or push to client.