Knowledge Center

Threat Intelligence Exchange Module fails to upgrade to version 1.0.2 when self-protection is enabled
Technical Articles ID:   KB89512
Last Modified:  1/23/2019


McAfee ePolicy Orchestrator (ePO) 5.x
McAfee Threat Intelligence Exchange Server (TIE) 1.x
McAfee Threat Intelligence Exchange Module (TIEm) for VirusScan Enterprise 1.0.2, 1.0.1
McAfee VirusScan Enterprise (VSE) 8.8.x

For details of TIE supported environments, see KB83368.
For details of VSE supported environments, see KB51111.


Unable to upgrade from TIEm from version 1.0.1 to 1.0.2 (build

During the installation a TIEm Access Protection event is generated:
[aacsysstatic]Target: HKLM\SOFTWARE\WOW6432NODE\MCAFEE\TIEM\, bitmask 0000000000000006
[aacsysstatic]AAC_OBJECT_KEY event matched rule "Block modification of TIE files / reg keys" with reaction AAC_REACTION_BLOCK
[aacsysstatic] AAC_OBJECT_KEY event resulted in winning rule "Block modification of TIE files / reg keys" with reaction AAC_REACTION_BLOCK

TIEMService.log records the following error:
AP Event: Rule[Block modification of TIE files / reg keys] Object[HKLM\SOFTWARE\WOW6432NODE\MCAFEE\TIEM\] Process[C:\WINDOWS\SYSWOW64\MSIEXEC.EXE]

Windows Application Event log records the following errors:
EVENT:  10010
Application 'C:\Program Files\McAfee\TIEM\TIEStatus.exe' (pid 28260) cannot be restarted - 1.

EVENT: 1035  
Windows Installer reconfigured the product. Product Name: McAfee Threat Intelligence Exchange module for VSE. Product Version: Product Language: 1033. Manufacturer: McAfee. Inc.. Reconfiguration success or error status: 1602.    

EVENT: 11729
Product: McAfee Threat Intelligence Exchange module for VSE -- Configuration failed.


Self-protection is blocking the creation of the TIEm uninstall key during the upgrade.


This issue is resolved with TIEm for VSE

To view other TIEm for VSE known issues, see KB84487.

McAfee product software, upgrades, maintenance releases, and documentation are available from the Product Downloads site at: http://www.mcafee.com/us/downloads/downloads.aspx.

NOTE: You need a valid Grant Number for access. KB56057 provides additional information about the Product Downloads site, and alternate locations for some products.


Disable TIE self-protection prior to performing the upgrade. For configuration changes to TIEm, refer to the Threat Intelligence Exchange 1.3.0 Product Guide (PD26441).


Uninstall the earlier TIEm version before installing TIEm 1.0.2.

Rate this document

Glossary of Technical Terms

 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.