Loading...

Knowledge Center


VirusScan Enterprise installation appears to hang on systems with McAfee Agent 5.x
Technical Articles ID:   KB88264
Last Modified:  7/31/2017
Rated:


Environment

McAfee VirusScan Enterprise (VSE) 8.8 Patch

For details of VSE supported environments, see KB51111.

Problem

When McAfee Agent 5.x is installed first, a subsequent VSE installation may appear to hang.

The mcupdate.exe process generates an error during the installation that requires Session 0 to display an acknowledgement. If the message goes unanswered, the installation stops until a response is given.

The following message is displayed on the desktop for Session 0 during the installation:

McAfee AutoUpdate Properties - AutoUpdate

Failed to initialize Common Updater subsystem. Make sure the McAfee Framework Service is running.
McAfee Common Framework returned error fffff95b @ 2

Cause

The mcupdate.exe process incorrectly displays an error dialog in Session 0.

If the 'McAfee Agent Backwards Compatibility Service' (macompatsvc.exe) is either stopped or does not process requests reliably (for example, it is compromised by untrusted injected .dll libraries that render the process untrusted by McAfee Validation Trust), the VSE executable responsible for initiating McAfee Agent to update the DATs at the conclusion of installation (mcupdate.exe) may display an error message. That message will display in the user account session that is installing the product. If that session is the SYSTEM user's session (Session 0), the message will display on the desktop for Session 0. That desktop is accessible only to logged on local administrators. Because the mcupdate.exe message may be displayed on a node that has no logged on local administrator, it may appear that the installation has halted. The installation has actually completed almost all steps.

Solution

The mcupdate.exe process has been changed to ensure that no error dialog messages are displayed in Session 0.

{VSE88P9.EN_US}

{GENPA.EN_US}

Workaround

Check for events 514/516/519 regarding macompatsvc.exe before VSE installation. Investigate these types of messages regarding untrusted injected .dll libraries in McAfee processes before installing VSE. You may elect to trust these .dll libraries or remove them from the node. Any unsigned .dll libraries cannot be trusted and the vendor is responsible for issuing signed libraries.

Disclaimer

The content of this article originated in English. If there are differences between the English content and its translation, the English content is always the most accurate. Some of this content has been provided using Machine Translation translated by Microsoft.

Rate this document

Did this article resolve your issue?

Please provide any comments below

Languages:

This article is available in the following languages:

English United States
Japanese

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.