Product: Total Protection 2013
Issue: Selected "ABOUT" to see what version of components I had. It would not display. Eventually ran MVT, which said the File Block component was not running. Tried to run it from start menu, but received the message that McPvTray.exe was blocked by group policy and to contact administrator. That would be me. Not sure what is going on. Last MS update was to Silverlight. Group policy folders do not look to have changed recently. Not sure that I can easily change group policy with my Windows 7 Home Premium version. This used to work a couple of weeks ago.
I would say best to call technical support and ask them it is free. If they usnure ask for an escalation call back
http://service.mcafee.com/TechSupportHome.aspx?lc=1033&sg=TS
That was done after I ran MVT.
MVT said that it could not get File Lock process to start. I confirmed this trying to run it myself. Seems the file cannot be executed (blocked by group policy).
Of course their suggestion was delete/reinstall,
I am not convinced that this will work. I can't manually delete or rename any of the files in that folder and I am the administrator.
Perhaps they meant to Re-install? You can follow the Guidelines/Instructions on how to Uninstall/Reinstall by going to the (1st) Link below my Siganature. Remove from Add/Remove/Programs and Features/Restart. Then Download and save the Latest MCPR Tool to your Desktop.
Close all applications/browsers and run the MCPR Tool/Restart.
Go to your account and reinstall, see if that resolves your issue. If not Technical support is available 24/7 and (Free) You can locate the Link to TS under "Useful Links" at the top of this page,or below my Signature.
Edit: I see that Peacekeeper suggested the same...
Wishing you all the very Best,
Regards,
Message was edited by: catdaddy on 7/26/14 9:16:11 AM EDT
Hi robsoti,
At this point I would like to check for any infections on the machine. You could run getsusp from getsusp.mcafee.com and Stinger from stinger.mcafee.com. Post back if they pick up something..!
My concern is that for some reason some of the McAfee directories cannot be changed, even by my admin account. I can read the files but cannot rename or copy anything in that directory. I don't want to get through part of the removal process and have the program come back and say it can't continue. Then I have half a program and no way to remove it other than do a restore (of which I don't have a real recent copy). This all started when i clicked on the "ABOUT" tab at the bottom to get the dates of the last update. It didn't display anything. I was able to request and get an update, whiched seemed to download and install (and requested a PC reboot). I ran a fulll scan without incident. However, the "ABOUT" tab is still not functioning (neither is the SECURITY REPORT tab). Then I ran MVT and it came back and said FILE LOCK process was not running. I went to the START MENU and executed it from there, which I get the "block by group policy" message.
I am waiting for another virus definition update to be available. If that downloads and installs properly, then I'll be happy. If not, then I have to go the removal/re-install route. If that fails, and I cannot remove the software in its entirety with the removal program, then I will be forced to restore an old backup copy. I noted that even as administrator I am denied the ability to remove McAfee from the Windows 7 control panel.
I was apparently able to download the latest definitions yesterday (or so it said) although the ABOUT tab does not work and I cannot confirm this. I have run a full scan twice, first time it quarentined a temp file from the internet, second time it found nothing. If all else fails, I will see what GETSUPD and STINGER do.
Catdaddy & Peacekeeper
Unfortunately, Windows 7 Home Edition / Programs & Features will not let me do step 1 of the removal process, namely use Windows 7 to uninstall McAfee. I get a message saying "You do not have sufficient access to uninstall McAfee Total Protection. Contact your system administrator." Well I am the administrator and I don't know what access is not there. Something about group policy may have changed in the registry but I don't know enough to say for sure.
H robsoti,
From your statements, you definitely have something gone wrong, to say the least. I was also going to suggest (Restoring) back to a Date/Time before these issues presented themselves. However,since I see that Selvan has suggested you run the latest Getsusp/Stinger.
I would follow his advice,as he is a 2.5 Tier Tech himself,and definitely more knowledgable than I.
You can obtain those (2) Superb Tools and others ,such as Malwarebytes (Free) below my Signature in the (Second Link). Or by simply going to the Sites Selvan suggested. Again, Selvan is more than capable of assisting you and give you Guidance.
So I will step back from the Discussion,as he knows best.
Wishing you all the Very Best,
Regards,
Selvan,
output from Stinger:
Selvan:
Stinger output:
C:\ProgramData\Microsoft\{8a64de72-585f-da3d-248a-d7e90408ccb8}\{8a64de72-585f-d a3d-248a-d7e90408ccb8}.exe [MD5:fe1a01904824f55d9b12b6e3c5fe7e48] is infected with Artemis!FE1A01904824
C:\ProgramData\Microsoft\{8a64de72-585f-da3d-248a-d7e90408ccb8}\{8a64de72-585f-d a3d-248a-d7e90408ccb8}.exe couldn't be repaired
C:\ProgramData\Microsoft\{8a64de72-585f-da3d-248a-d7e90408ccb8}\{8a64de72-585f-d a3d-248a-d7e90408ccb8}.exe [MD5:fe1a01904824f55d9b12b6e3c5fe7e48] is infected with Artemis!FE1A01904824
C:\ProgramData\Microsoft\{8a64de72-585f-da3d-248a-d7e90408ccb8}\{8a64de72-585f-d a3d-248a-d7e90408ccb8}.exe couldn't be repaired
I was able to delete this directory and file after Stinger tried to quarentine it. Rebooted and reran Stinger. It didn't find anything else. Interesting that this didn't show up in the McAfee full virus scan.
Getsupd output:
Status | MD5 | Location | File Name | Attribute | Company | Description | Product Version | File Version | File Size | Creation Date | Modification Date | Type | Scan Error |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Invalid-DS | 373f28044cd61423799d9c60b6f1fc15 | C:\PROGRAM FILES (X86)\COMMON FILES\COMMON DESKTOP AGENT | CDASRVPS.DLL | A | CDA proxy/stub DLL | 1.62.0.0 | 1.62.0.0 | 56,696 | 03/09/2012 08:58 | 03/09/2012 08:58 | Prefetch | ||
Invalid-DS | b1964e8776fd7633f149788f5b2a71cb | C:\Program Files\Common Files\Common Desktop Agent | CDASrv.exe | A | CDA Server | 1.62.0.0 | 1.62.0.0 | 462,712 | 03/09/2012 08:58 | 03/09/2012 08:58 | Windows-Firewall | ||
UNKNOWN | dde300af978d775952e191ec185e49d9 | C:\Users\Diane\AppData\Roaming\Sens2apiARM | Sens2apiARM.dll | A | 32,768 | 07/14/2013 08:41 | 07/14/2013 08:41 | Run-Key | |||||
UNKNOWN | 44eefd7253cbbd7fa6e493eafd3e026c | C:\Program Files (x86)\Dell\Dell B1160w Mono Laser Printer\TORDER | uninstall.exe | A | Dell Inc. | Dell Inc. | 1.03.10.00 | 1.03.10.00 | 248,665 | 06/14/2014 07:32 | 06/14/2014 07:32 | Windows-Firewall | |
UNKNOWN | 7390b7209ceda2cd6316b9a2bff7ac84 | C:\Program Files (x86)\Dell\Dell Printer Manager | uninstall.exe | A | Dell Inc. | Dell Inc. | 01.03.10.00(2013.03.11) | 1.03.10.00 | 869,152 | 06/14/2014 07:31 | 06/14/2014 07:31 | Windows-Firewall |
Status | MD5 | Location | File Name | Attribute | Company | Description | Product Version | File Version | File Size | Creation Date | Modification Date | Type |
---|---|---|---|---|---|---|---|---|---|---|---|---|
UNKNOWN | 2f3d353b93ffbccb8b8b497a1a05296b | C:\PROGRAM FILES (X86)\DELL\DELL PRINTER MANAGER | IDS.OEMFRAMEWORK.DLL | A | Dell Inc. | A framework for OEM development | 01.03.10.00 | 01.03.10.00 | 130,560 | 03/11/2013 04:01 | 03/11/2013 04:01 | Prefetch |
UNKNOWN | f9b8abc3f964ce5f099d1140023f78da | C:\PROGRAM FILES (X86)\DELL\DELL PRINTER MANAGER | IDS.XMLPARSER.DLL | A | Dell Inc. | XML Parser Module | 01.03.10.00 | 01.03.10.00 | 55,296 | 03/11/2013 04:01 | 03/11/2013 04:01 | Prefetch |
Not sure what common desktop agent or the sens2apiarm are. Common desktop agent has been there since June 14, and I know things have worked since then. The other one has been in place sinceJuly 2013 and I know things have been fairly stable until this past Friday.
Still have the following issues after reboot:
1. "ABOUT" still does not work.
2. FILE LOCK generates a "blocked due to group policy" statement.
3. Cannot use Programs/Features "uninstall/change" feature on McAfee Total Protection, as it generates an insufficient access error.
Again, I verified on the hard drive that McAfee virus def was updated yesterday at 4:14pm. And full virus scans have come up fine. I believe that the ABOUT tab was not functioning Prior to my updating the virus definitions. There was a Microsoft update to SILVERLIGHT prior to this. But I cannot back that update out. No system restore point available.
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.
Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership: