VirusScan Enterprise installation appears to hang on systems with McAfee Agent 5.x

Technical Articles ID: KB88264
Last Modified: 7/31/2017
Rated:

Environment

McAfee VirusScan Enterprise (VSE) 8.8 Patch

For details of VSE supported environments, see KB51111.

Problem

When McAfee Agent 5.x is installed first, a subsequent VSE installation may appear to hang.

The mcupdate.exe process generates an error during the installation that requires Session 0 to display an acknowledgement. If the message goes unanswered, the installation stops until a response is given.

The following message is displayed on the desktop for Session 0 during the installation:

McAfee AutoUpdate Properties - AutoUpdate

Failed to initialize Common Updater subsystem. Make sure the McAfee Framework Service is running.
McAfee Common Framework returned error fffff95b @ 2

Cause

The mcupdate.exe process incorrectly displays an error dialog in Session 0.

If the 'McAfee Agent Backwards Compatibility Service' (macompatsvc.exe) is either stopped or does not process requests reliably (for example, it is compromised by untrusted injected .dll libraries that render the process untrusted by McAfee Validation Trust), the VSE executable responsible for initiating McAfee Agent to update the DATs at the conclusion of installation (mcupdate.exe) may display an error message. That message will display in the user account session that is installing the product. If that session is the SYSTEM user's session (Session 0), the message will display on the desktop for Session 0. That desktop is accessible only to logged on local administrators. Because the mcupdate.exe message may be displayed on a node that has no logged on local administrator, it may appear that the installation has halted. The installation has actually completed almost all steps.

Solution

The mcupdate.exe process has been changed to ensure that no error dialog messages are displayed in Session 0.

{VSE88P9.EN_US}

{GENPA.EN_US}

Workaround

Check for events 514/516/519 regarding macompatsvc.exe before VSE installation. Investigate these types of messages regarding untrusted injected .dll libraries in McAfee processes before installing VSE. You may elect to trust these .dll libraries or remove them from the node. Any unsigned .dll libraries cannot be trusted and the vendor is responsible for issuing signed libraries.

Disclaimer

The content of this article originated in English. If there are differences between the English content and its translation, the English content is always the most accurate. Some of this content has been provided using Machine Translation translated by Microsoft.

Affected Products

Install/Uninstall
Known Issue/Product Defect
VirusScan Enterprise 8.8

Languages:

This article is available in the following languages:

English United States
Japanese

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms

Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.

Data Protection and Encryption

Database Security

Endpoint Protection

Network Security

Security Analytics

Security Management

Server Security

SIEM

Web Security

Data Center and Cloud Defense

Dynamic Endpoint Threat Defense

Pervasive Data Protection

Intelligent Security Operations

Embedded Security

Data Exchange Layer

Security Consulting

Product Consulting

Education Services

McAfee Labs

Advanced Threat Research

Threat Landscape Dashboard

Security Awareness

McAfee Labs Data Submission

Premier Success Plan

Security Updates

Product Downloads

Free Trials

Free Tools

Community Expert Center

Knowledge Center

Patch Downloads

Support Tools

Service Requests

Resellers

Managed Service Providers

Security Innovation Alliance

Global Strategic Alliances

OEM & Embedded Alliances

Find a Reseller or Distributor