Loading...

Knowledge Center


Error 5, Access is denied (when attempting to install/upgrade to McAfee Agent 4.x with VirusScan Enterprise 8.8 or Host Intrusion Prevention 8.0 installed)
Technical Articles ID:   KB72202
Last Modified:  4/7/2017
Rated:


Environment

McAfee Agent 4.x
McAfee ePolicy Orchestrator (ePO) 4.x
McAfee Host Intrusion Prevention (Host IPS) 8.0 with Hotfix 660568
McAfee VirusScan Enterprise (VSE) 8.8 with Hotfix 660014

Problem

McAfee Agent 4.x fails to install successfully on systems with VSE 8.8 and/or Host IPS 8.0 installed. The issue occurs with the following McAfee product configurations:
  • Systems with VSE 8.8 (with Access Protection enabled) but not running Host IPS 8.0 with Hotfix 660568
  • Systems not running VSE 8.8 with Hotfix 660014, but are running Host IPS 8.0 with Hotfix 660568
The following error is recorded in the MFEAgentMSI.log file if you try to install or upgrade to McAfee Agent 4.x: 

MSI (s) (38:DC) [19:02:56:940]: Invoking remote custom action. DLL: C:\Windows\Installer\MSIE3C1.tmp, Entrypoint: setFilePermissions
CustAct [19:2:56:950] main [I] setFilePermissions START
CustAct [19:2:57:47] Acl [E] Error trace:
CustAct [19:2:57:48] main [E]  [setFilePermissions START]->
CustAct [19:2:57:48] Acl [E]  [SetNamedSecurityInfo,C:\Program Files (x86)\McAfee\Common Framework\,1,-2147483644,0]->
CustAct [19:2:57:48] Acl [E]   error 5: Access is denied.
CustAct [19:2:57:49] main [I] setFilePermissions END

NOTE: The McAfee Agent installations are expected to roll back to the previous version and remain communicating in the event of this specific failure.

Cause

A fix that was introduced in the following hotfixes provides a new version of Syscore (14.3) that is blocking access to permissions on the installation folder:
  • Hotfix 660014 for VSE 8.8 
  • Hotfix 660568 for Host IPS 8.0

Solution

Install VSE 8.8 Patch 1 or later. Patches are cumulative; the product development team recommends that you install the latest one.

{VSE88PATCHES.EN_US}
{GENPA.EN_US}

NOTE: This issue was first resolved with VSE 8.8 Hotfixes 660014 and 660568.

Workaround

IMPORTANT: Access Protection features prevent unwanted changes by restricting access to specified ports, files and folders, shares, registry keys, and values. Therefore, the product development team recommends that you do not disable its features unless absolutely necessary for your environment.

For standalone endpoints:
  1. Click Start, Programs, McAfee, and open the VirusScan Console.
  2. Double-click Access Protection.
  3. Select Common Standard Protection.
  4. In the Block column, de-select Prevent modification of McAfee Common Management Agent files and settings, then click OK.  
  5. Re-attempt to install the patch for McAfee Agent 4.x.

    After the patch installation completes successfully, re-enable the Block setting by reversing the step 4.

For ePO managed endpoints:
  1. Log on to the ePO 4.x console.
  2. Click Menu, Policy, Policy Catalog.
  3. Select VirusScan Enterprise 8.8.0 from the Product drop-down list.
  4. Select Access Protection Policies from the Category drop-down list.
  5. Click Edit Settings under the Actions column for the policy.
  6. Select Common Standard Protection from the categories list.
  7. From the Block/Report/Rules list, deselect the rule Prevent modification of McAfee Common Management Agent files and settings if it is set to Block, and then click Save.

    Allow policy enforcement to occur or invoke policy enforcement as appropriate.

  8. Re-attempt to install the patch for McAfee Agent 4.x.

    After the patch installation completes successfully, re-enable the Block setting by reversing step 7.
 

Disclaimer

The content of this article originated in English. If there are differences between the English content and its translation, the English content is always the most accurate. Some of this content has been provided using Machine Translation translated by Microsoft.

Rate this document

Did this article resolve your issue?

Please provide any comments below

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.