McAfee Agent 4.0 Patch 3 for Windows Release Notes

Release Notes for McAfee Agent 4.0 Patch 3 (Windows) 

Thank you for using McAfee Agent software version 4.0. This document contains important information about this 

release. We strongly recommend that you read the entire document. 

Contents 

About this release 

System requirements 

Rating 

Purpose 

Known issues 

Resolved issues 

Installation instructions 

Allowing users to configure proxy settings 

Finding release notes and documentation for McAfee enterprise products 

License attributions 

About this release 

Patch Release: September 22, 2009 

Patch Package: 4.0.0.1494 

This release was developed for use with: 

Data Loss Prevention 2.1, 2.2 and 3.0 

Endpoint Encryption for Files and Folders 3.1.0 

Endpoint Encryption for PC 5.1.5 

ePolicy Orchestrator 3.6.1, 4.0, and 4.5 

McAfee Anti-Spam for GroupShield 7.0 

McAfee Encrypted USB 1.0 

McAfee VDisk for Windows 4.1.0 

Host Intrusion Prevention (Windows only) 7.0 

Network Access Control 2.0, 2.5, and 3.0 

Policy Auditor 5.1, and 5.2 

PortalShield 1.0 and 2.0 

Safeboot Encrypted USB 1.0 

Safeboot Endpoint Encryption for File and Folder (Content Encryption) 3.1.0 

Safeboot Endpoint Encryption for PC (Device Encryption) 5.1.5 

Safeboot VDisk for Windows 4.1.0 

SecurityShield 1.0 

SiteAdvisor Enterprise 1.6, 2.0, and 3.0 

System Compliance Profiler 1.1 and 2.0 

VirusScan Enterprise 8.0i, 8.5i (Patch 7 and above), and 8.7i (with AntiSpyware Enterprise) 

Make sure you have installed the correct version(s) before using this release. 

System requirements 

This section specifies the system requirements for McAfee Agent 4.0. 

Installed disk space — 14–17 MB, including log files 

Memory — 128 MB RAM minimum, 256 MB RAM recommended 

Processor — Intel or compatible; Intel Pentium or Celeron (recommended); Itanium 2 processors. 

Processor speed — 133 MHz minimum 

Operating system: 

Windows 2000 Professional, SP 4

Rating 

Windows 2000 Server, SP 4 

Windows 2000 Advanced Server, SP 4 

Windows 2000 Datacenter Server, SP 4 

Windows 2003 Server, Standard Edition, SP 1 or 2 

Windows 2003 Server, Enterprise Edition, SP 1 or 2 

Windows 2003 Server R2, Standard Edition, SP 1 or 2 

Windows 2003 Server R2, Enterprise Edition, SP 1 or 2 

Windows 2003 Server, Standard x64 Edition, SP 1 or 2 

Windows 2003 Server, Enterprise x64 Edition, SP 1 or 2 

Windows 2003 Server R2, Standard x64 Edition, SP 1 or 2 

Windows 2003 Server R2, Enterprise x64 Edition, SP 1 or 2 

Windows XP Embedded 

Windows XP Home, SP 1 and 2 

Windows XP Professional, SP 1, 2, and 3 

Windows XP Professional, x64 SP 2 

Windows XP Tablet PC 2005 

Windows Vista, SP 1 and 2 

Windows Vista x64, SP 1 and 2 

Windows Server 2008 

Windows Server 2008 x64 

Windows Server 2008 R2 

Windows 7 

Windows 7 x64 

Note: VirusScan Enterprise Windows 7 support requires VSE 8.7i Patch 2 or above. 

Complete Windows 7 support requires McAfee Agent Extension patch 3 be installed on the ePolicy Orchestrator 

server 

This release does not support Windows 95, Windows 98, Windows Millennium Edition or Windows NT. 

The McAfee Security single tray icon does not appear on 64-bit systems. 

McAfee recommends this release for all environments. This update should be applied at the earliest convenience. For 

more information, see KB article KB51560. 

Purpose 

This document supplements the McAfee Agent 4.0 Readme file in the release package, and details fixes included in 

McAfee Agent 4.0 Patch releases. 

This Patch contains a variety of improvements. McAfee has spent a significant amount of time finding, fixing, and 

testing the fixes in this release. Please review the Known and Resolved Issues lists for additional information on the 

individual issues. 

Refer to online KnowledgeBase article KB65953 at https://kc.mcafee.com for the most current information regarding 

this release. 

Known issues 

Known issues in this release of the software are described below: 

Issue: This patch fails to install on systems without a “My Documents” folder or with a “My Documents” folder 

that is mapped to a network folder on systems with a McAfee Agent version less than 4.0.0.1437. In these 

scenarios the McAfee Agent fails to install. Once this patch is installed, Resolved Issue 1 prevents this from 

occurring in subsequent McAfee Agent upgrades. (Reference: 485728, 474870) 

Workaround: A system must be without the McAfee Agent, have a local “My Documents” folder, or have a

McAfee Agent version that is 4.0.0.1437 or newer installed, prior to installing this patch. 

Issue: On systems with EMC’s Power Path software installed, the McAfee Agent fails to start and the error 

message “Cannot generate keypair” appears in the Agent_ log file. (Reference: 452955, 

436864, 445158, 447296, 451228, 437592 ) 

Workaround: The McAfee Agent must be rolled back to Common Management Agent version 3.6.0 Patch 4 or 

upgraded to McAfee Agent 4.5 for the systems with EMC's Power Path software installed. 

Issue: The McAfee Agent now allows update and deployment tasks to be postponed. When an end user 

postpones a deployment the error message “The task has failed” appears in the Agent_ log file. 

(Reference: 469427, 503321) 

Workaround: There is no known workaround for this issue. 

Resolved issues 

Issues that are resolved in this release are listed below. 

1. Issue: The McAfee Agent installation process checked for the existence of the “My Documents” folder. If it was 

not present or mapped to a network folder, the installation failed. (Reference: 474870) 

Resolution: The McAfee Agent installation process no longer requires the “My Documents” folder to be present. 

2. Issue: The McAfee Agent upgrade process failed to update the sitelist.xml file with all of the required policy 

information, resulting in the incorrect repository sort order being used. (Reference: 450082) 

Resolution: The McAfee Agent upgrade process has been updated to trigger the system to request the current 

site list from the ePolicy Orchestrator server. 

3. Issue: The McAfee Agent installation process would fail when the current user's user name contained non-ASCII 

(ex. Japanese) characters. (Reference: 453206) 

Resolution: The McAfee Agent installation process now allows user names to contain non-ASCII characters. 

4. Issue: The presence of certain environment variables (i.e. http_proxy, ftp_proxy) caused the McAfee Agent to 

attempt to communicate using the proxy address specified in the variable. (Reference: 457621) 

Resolution: The McAfee Agent now uses the proxy specified on the Proxy Policy Setting page only and avoids 

the use of any environment variables. 

5. Issue: When attempting to determine if the system is a laptop the Property Collection process could cause the 

McAfee Agent to crash or fail to respond. (Reference: 457837) 

Resolution: The Property Collection process has been updated to always return even if it cannot determine 

whether the system is a laptop. The system appears as “Unknown” in the ePolicy Orchestrator console when this 

occurs. 

6. Issue: The “/forceinstall” switch failed to cause a new McAfee Agent GUID to be created when installing over an 

existing installation. (Reference: 462869) 

Resolution: The “/forceinstall” switch now regenerates the McAfee Agent GUID when installing over an existing 

installation. 

Note: When using the “/forceinstall” switch in combination with the “/upgrade” switch a new McAfee Agent 

GUID is not generated. 

7. Issue: When the Update process failed to download a file from a UNC repository the download would not be 

attempted from the next repository. (Reference: 462898)

Resolution: The Update process now attempts to download the file from all defined repositories until it is 

successfully downloaded or all available repositories are exhausted. 

8. Issue: When a product detection or installation script was executing and the Update process failed to download 

a requested file and failed over to a subsequent repository, a second Update dialog box was displayed. 

(Reference: 462953) 

Resolution: The Update process now only displays one Update dialog box per update. 

9. Issue: When the Update process failed to download a requested file and failed over to a subsequent repository, 

a DAT or Engine update could fail. (Reference: 464970) 

Resolution: The Update process now allows DAT or Engine updating to complete when failing over to a 

subsequent repository. 

10. Issue: On 64-bit Microsoft Windows systems with no users logged on the error message “Failed to Open 

Process. Error code 57” appeared in the Agent_ log file. (Reference: 468073) 

Resolution: The McAfee Agent no longer records this message. 

11. Issue: The McAfee Agent allowed an update task to be postponed, but it did not allow deployment tasks to be 

postponed. (Reference: 469427) 

Resolution: The McAfee Agent now allows update and deployment tasks to be postponed. 

12. Issue: When a SuperAgent repository had more than five systems waiting to connect for download, subsequent 

system connections were rejected causing the associated download to fail. (Reference: 471505) 

Resolution: SuperAgent repositories now support up to 200 systems waiting to connect for download. 

13. Issue: On Microsoft Vista machines, the reported User Name property was always the name of the first user to 

log on after the system was restarted. (Reference: 472980) 

Resolution: The User Name property is now reported as the most recently logged on user. 

14. Issue: When the McAfee Agent failed to connect to ePolicy Orchestrator or ePolicy Orchestrator rejected the 

connection during a McAfee Agent “Wakeup with Full Properties” request, the McAfee Agent would only send 

incremental properties the next time it reported its properties. (Reference: 475006) 

Resolution: McAfee Agent “Wakeup with Full Properties” requests are now retried until successfully sent to the 

ePolicy Orchestrator. 

15. Issue: During passive transfers the McAfee Agent failed to respond correctly to certain non-Microsoft FTP 

responses causing the deployment or update to fail. (Reference: 477298) 

Resolution: The McAfee Agent now properly responds to standard passive FTP transfer response codes. 

16. Issue: The “/upgrade” switch failed to remove or upgrade obsolete data from previous installations. (Reference: 

479814) 

Resolution: The “/upgrade” switch now properly removes or upgrades obsolete data from previous installations. 

17. Issue: When viewed through the Windows Task Manager, the McAfee Status Monitor process (udaterui.exe) 

reported 16 I/O Reads per second at idle. (Reference: 484245) 

Resolution: The McAfee Status Monitor process now only performs read operations when required.

18. Issue: When policy enforcement occurred while the repository was being sorted, the McAfee Agent would leak 

virtual memory. (Reference: 484776) 

Resolution: The McAfee Agent no longer leaks memory when enforcing policies during a repository sort. 

19. Issue: When directed to use a language other than the system default through the “UseLanguage” feature, the 

reported language remained the system default language. (Reference: 492157) 

Resolution: The McAfee Agent now properly reports the language in use. 

20. Issue: The McAfee Agent did not support the ePolicy Orchestrator “Duplicate List” feature. (Reference: 494754, 

500714) 

Resolution: The McAfee Agent now supports the ePolicy Orchestrator “Duplicate List” feature. 

21. Issue: When the “catalog.z” file was larger than 4,096 bytes, updates via Local and Distributed UNC 

repositories failed and the error message “Error occurred while downloading catalog.z” appeared in the Agent_ 

log file. (Reference: 480163) 

Resolution: The McAfee Agent is no longer dependant on the size of the “catalog.z” file. 

22. Issue: The McAfee Agent was vulnerable to the issue described in Security Bulletin SB10002, “McAfee Security 

Bulletin - ActiveX security issue in CMA and McAfee Agent. (Reference: 495121) 

Resolution: The McAfee Agent upgrade process has been updated to implement the required registry 

modifications. 

23. Issue: The McAfee Agent did not provide an embedded credential installation package. (Reference: 432427) 

Resolution: An embedded credential installation package is now available. The embedded credential package is 

separate from the General Use package. If you require the embedded credentials package 

(MA400P3Win_EMBEDDED.zip), it is available on the McAfee download and ServicePortal sites. 

Note: The embedded credentials package is several megabytes larger than the General Use package. Please 

note that this can result in a significant impact in some environments. The ability to embed credentials is the 

only difference between the packages. 

Issues from the Patch 2 release of the software that are resolved in this release are listed below. 

1. Issue: The error message “Failed >> Setting naInet transfer option RelativePath =” appeared in the McScript 

and Aviview log files when a UNC repository when it was defined without a subdirectory following a share name. 

For example, the definition “\\server\share\directory” worked as expected, but the definition “\\server\share” 

caused the error message to appear. The download would work correctly in spite of this error message. 

(Reference: 391232, 455183) 

Resolution: UNC repositories can now be defined with or without specifying a subdirectory. 

2. Issue: When a UNC repository was configured to use download credentials and to use ping time repository 

sorting, and the UNC repository was inaccessible for pinging, the McAfee Agent might run with lowered 

privileges. When this occurred, the error message “Permission denied” appeared in the Agent_ log file when the 

McAfee Agent attempted to write to the registry. (Reference: 416303, 417404, 432919, 432931) 

Resolution: The UNC Repository Updater process now continues to run under the System user’s credentials 

when a UNC repository cannot be reached during the ping time sorting process. 

3. Issue: When UNC repositories were configured to use the download credentials of the logged-on user and the 

logged-on user was not an Administrator, the download would fail. (Reference: 418162, 424677, 425454, 

437584, 458651, 466124, 466186)

Resolution: The UNC Repository Updater process now allows UNC replication using the logged-on user’s 

credentials. 

4. Issue: The download of a product deployment process could fail when an earlier version of the product had 

been deployed. (Reference: 421222) 

Resolution: The product deployment process has been updated to consistently detect and deploy updated 

products. 

5. Issue: Updates via a UNC repository would fail on 64-bit systems when the update was configured to use the 

credentials of the logged-on user. When this occurred, the error message “Failed to steal Explorer token” would 

appear in the Agent_ log file. (Reference: 429292) 

Resolution: The UNC Repository Updater process now runs on 64-bit operating systems when defined to use 

download credentials. 

6. Issue: During the repository download process when the download of a product failed and a subsequent 

download of a different product succeeded, the download session was treated as a success and not retried using 

the next repository. (Reference: 429950, 429759) 

Resolution: The repository download process has been updated to retry the entire update from the next 

repository when any products fail to download. 

7. Issue: The McAfee Agent no longer provided an embedded credential installation package option. (Reference: 

432427) 

Resolution: An embedded credential installation package is now available through McAfee Tier III Support. For 

information on obtaining this package, see KB article KB59954. 

8. Issue: Requesting updates from the ePolicy Orchestrator server through HTTP resulted in a large number of 

“client denied by server configuration…” error messages to be incorrectly reported in the server log file. 


Resolution: The HTTP connection process has been updated to avoid creating this error message incorrectly. 

9. Issue: During the deployment of Host Intrusion Prevention, the product detection script would prematurely end 

when the Host Intrusion Prevention service was not registered. (Reference: 436914) 

Resolution: The script engine has been updated to properly detect and report unregistered services as an error 

rather than exiting. 

10. Issue: Non-English versions of the McAfee Agent could fail to apply incremental DAT updates, and instead 

download the full DAT package, resulting in unnecessary network bandwidth consumption. (Reference: 439397, 

441679, 443381) 

Resolution: The DAT update process has been updated to ensure that non-English versions apply incremental 

updates correctly. 

11. Issue: The error message “File is corrupt. Downloading complete file again.” would be incorrectly written to the 

McScript log file during the update process. (Reference: 440080, 445479) 

Resolution: The update process has been updated to record this error message only when the file download 

process detects a corrupt file. 

12. Issue: After a successful update of a DAT file, a temporary copy of the DAT package would not be deleted from 

the McAfee Agent data directory, resulting in unnecessary disk space consumption. (Reference: 440930) 

Note: This issue could consume all of a system's available disk space.

Resolution: The DAT update process now deletes the DAT package after a successful update. 

13. Issue: The McAfee Agent upgrade process would fail to install when it could not successfully terminate the 

currently running version, resulting in a McAfee Agent that failed to start. (Reference: 441182) 

Resolution: The McAfee Agent upgrade process has been updated so that if it detects that the currently 

installed version cannot be stopped, it quits and leaves the currently running version of the McAfee Agent 

operational. 

14. Issue: The error log file did not “roll over,” resulting in unnecessary disk space consumption. (Reference: 

449107, 449111, 449341, 450554, 462905) 

Note: This issue could consume all of a system's available disk space. 

Resolution: The error log file now “rolls over” in the same manner as the Agent_ log file. 

Note: When writing a message to the error log file, the size of the current file is checked. If the size equals or 

exceeds the file size limit set in the registry, the following actions will occur: 

If the backup file (Agent__backup.log) exists in the target folder, it is deleted. 

The current file (Agent_.log) is renamed as the backup file. 

A new current file is created and the message is written in this file. 

15. Issue: When the Internet Explorer setting “Automatically detect settings” is selected and “Use a proxy server 

for your LAN” is not selected, an automated configuration script caused the update process to fail. (Reference: 

450058, 451906, 452028, 461210, 463930) 

Resolution: The update process now runs as expected, independent of these Internet Explorer settings. 

Issues from the Patch 1 release of the software that are resolved in this release are listed below. 

1. Issue: An update dialog box appeared in English rather than the non-English language running on the system. 


Resolution: Update dialog boxes now appear in the language running on the system. 

2. Issue: When using the “/forceinstall” switch and only changing the data (/datadir=) folder, the 

upgrade process did not remove the old data folder and used the new folder. (Reference: 393182) 

Resolution: Now when using the “/forceinstall” switch and changing the data (/datadir=) folder, 

the upgrade process removes the old data folder and uses the new folder. 

3. Issue: When the AgentEvents folder was missing, the upgrade process failed. (Reference: 393764) 

Resolution: Now the upgrade process creates the AgentEvents folder when it is missing. 

4. Issue: Managed product installation routines were executed each time a deployment task ran on systems that 

used a language other than English. (Reference: 399232) 

Resolution: Managed product installation routines now execute only when necessary. 

5. Issue: If the installation or data folder contained a double-byte character, the upgrade process failed. 


Resolution: Now the installation and data folders can contain non-English characters. 

6. Issue: When executing the VirusScan update process (mcupdate.exe) with the “/update” and “/quiet” switches, 

an upgrade dialog box would still be displayed. (Reference: 405004)

Resolution: The VirusScan update process now honors the “/quiet” switch. 

7. Issue: The upgrade process was checking for the existence of the “My Favorites” and “Fonts” folders. If they 

were not present, the upgrade failed. (Reference: 405314) 

Resolution: The upgrade process no longer requires the “My Favorites” and “Fonts” folders to be present. 

8. Issue: When an error occurred during Host Intrusion Prevention policy enforcement, the system could be 

“locked out of the network”. (Reference: 406896) 

Resolution: Now the ePolicy Orchestrator server connection information (server IP, name and port, and 

incoming agent wake-up port) is recorded. This allows Host Intrusion Prevention to create specific rules that 

allow communication to and from the ePolicy Orchestrator server, even in the absence of Host IPS policies. 

9. Issue: The name of the ePO server the system last communicated with appears in the XML log file. The value is 

initially blank and remained blank for a period of time after the first communication. (Reference: 407154) 

Resolution: The name of the ePO server the system last communicated with now appears immediately after the 

last server communication. 

10. Issue: The McAfee Agent deployed managed products to Microsoft Vista or Windows Server 2008 that were not 

supported on these platforms. (Reference: 408989) 

Resolution: Managed products are now deployed only to their supported platforms. 

11. Issue: The Mirror task created a duplicate repository, but it failed to copy the sitestat.xml file. This caused the 

duplicate repository to remain disabled. (Reference: 409637) 

Resolution: The Mirror task now copies the sitestat.xml file to the duplicated repository. 

12. Issue: During a managed product update, a dialog box could be presented requesting a system reboot. The 

dialog box asked the user if they wanted to reboot now and rebooted the system even when the user selected 

“No”. (Reference: 410573) 

Resolution: The managed product update process now honors the user's selected reboot response. 

13. Issue: Certain dates, such as leap years, were recorded incorrectly in the Agent_.xml log file. 


Resolution: All dates are now recorded correctly in the Agent_.xml log file. 

14. Issue: The McAfee Agent only updated the VirusScan engine if the minor version was newer than what was 

installed. This prevented the VirusScan engine from updating to a newer build of the same version. (Reference: 

414065) 

Resolution: The McAfee Agent now supports build-to-build VirusScan engine updates. 

15. Issue: The installation and upgrade processes failed if the data folder was located in the “Windows” or “WinNT” 

folders. (Reference: 415578) 

Resolution: Now the installation and upgrade processes allow the data folder to be located in the “Windows” or 

“WinNT” folders with the exception of the system32 folder. The installation and upgrade processes prohibit the 

data folder from including the system32 folder. 

16. Issue: Some non-McAfee product installation routines removed critical registry entries, such as the Windows 

IStream COM registration, causing the McAfee Agent to fail. (Reference: 416298) 

Resolution: The upgrade process now re-registers the ole32.dll file when it detects it is missing.

17. Issue: The installation and upgrade processes failed if the installation or data folders contained double-byte 

characters. (Reference: 416559) 

Resolution: The installation and upgrade processes now allow the installation and data folders to contain 

double-byte characters. 

18. Issue: Several install and uninstall error messages made no sense when displayed on a Japanese language 

system. (Reference: 418729) 

Resolution: The upgrade process now displays meaningful install and uninstall error messages on a Japanese 

language system. 

19. Issue: On systems running VirusScan Enterprise version 8.0 the McAfee Agent did not remove the Temp files 

created during the execution of an “Agent Update Task”. (Reference: 419066) 

Resolution: The McAfee Agent now removes the Temp files created during the execution of an “Agent Update 

Task”. 

Note: This change does not remove the Temp files created during the execution of an “Agent Update Task” 

prior to implementing this patch. 

20. Issue: During Policy Enforcement, when the McAfee Agent failed to compile the policy file, the policy 

enforcement failed and the agent crashed on the next Policy Enforcement. (Reference: 423070) 

Resolution: The McAfee Agent now detects failed Policy Enforcements and retries the policy compilation until it 

completes successfully. 

21. Issue: DAT updates were postponed indefinitely and the message “Update will be retried after 3 mins because 

update is already in progress” appeared repeatedly in the agent log file. (Reference: 424203) 

Resolution: The DAT update process now terminates properly when it detects an error in an FTP transaction. 

22. Issue: In environments running the Early Adopter Release (November 11, 2008) the “/forceinstall” switch did 

not work when applied against the MA 4.0 Patch 1 package generally available for download. (Reference: 

454619) 

Resolution: The MA 4.0 Patch 1 package has been updated allowing the “/forceinstall” switch to work as 

expected. 

Issues previously resolved in the policy (Extension) pages are listed below. 

1. Issue: When a repository was added for one site, the user had to go to every other site and turn off the 

repository in the agent policies. In environments with a large number of repositories, this was very labor 

intensive. (Reference: 239994) 

Resolution: A checkbox has been added to “Agent Policy on Repository Page” that allows new repositories to be 

excluded by default. Now when a repository is added and the new checkbox is checked, the new repository is 

added to the disable list for each of the existing repositories. 

2. Issue: In environments with a large number of repositories, the policy page required several minutes to load. 


Resolution: The policy page now loads in a much more reasonable amount of time. 

Installation instructions 

This section provides instructions for installing and upgrading McAfee Agent 4.0 for use with ePolicy Orchestrator 

versions 3.6.x and 4.0.

Note: An embedded credentials package is available. For more information and best practice recommendations, see 

KB article KB65538. 

Tasks 

Installing on ePolicy Orchestrator 3.6.x systems 

Installing on ePolicy Orchestrator 4.x systems 

Upgrading 

Installing, upgrading and uninstalling using Windows command-line switches 

Installing on ePolicy Orchestrator 3.6.x systems 

This section provides instructions for installing McAfee Agent 4.0 for use with ePolicy Orchestrator version 3.6.x on each 

of the supported operating systems. 

You must have administrator rights to perform this task. 

1. Download and extract the agent package, MA400P3WIN.zip. 

2. Check in the NAP file, CMA360.nap, from the extracted agent package to the ePolicy Orchestrator repository. 

3. Check in the agent package to the ePolicy Orchestrator repository. 

4. Use one of these methods to install the agent on client systems: 

Push an agent using the Send Agent Install option. 

For third-party deployment methods, create an agent installation package, FramePkg.exe, using the 

Agent Installation Package Creation wizard. 

Create a deployment task. 

Installing on ePolicy Orchestrator 4.x systems 

This section provides instructions for installing McAfee Agent 4.0 for use with ePolicy Orchestrator 4.0 on Windows 

using two different methods. 

Tasks 

Installing on Windows using ePolicy Orchestrator 4.0 

Installing on Windows using ePolicy Orchestrator 4.5 

Installing on Windows using third-party deployment methods 

Installing on Windows using ePolicy Orchestrator 4.0 

You must have administrator rights on the Windows system to perform this task. The agent extension must be installed 

on the ePolicy Orchestrator server before the agent is installed on any clients. 

1. Download the current agent extension, EPOAGENTMETA.zip, and the Patch 3 agent package, MA400P3WIN.zip, 

to the system containing the ePolicy Orchestrator server. 

2. Install the agent extension: 

a. In the ePolicy Orchestrator 4.0 console, click Configuration. 

b. On the Extensions tab, click Install extension. 

c. Browse to the location containing EPOAGENTMETA.zip, select it and click OK. The Install Extensions 

summary page appears. 

d. Click OK to complete the installation of the extension. 

3. Check in the agent package to the ePolicy Orchestrator repository: 

Note: If installing on a computer running Common Management Agent 3.6, the package must be checked in to 

the Current repository branch. 

a. In the ePolicy Orchestrator 4.0 console, click Software. 

b. Click Check In Package. 

c. Browse to the location containing MA400P3WIN.zip, select it and click Next. 

d. Ensure that Current is selected in the Branch field.

e. Click Save. 

4. Create a deployment task or push the agent to client systems. If using the push method, follow these steps: 

a. In the ePolicy Orchestrator 4.0 console, click Systems. 

b. Select the target systems or groups. 

c. Click Deploy Agent. 

d. Select the version of the agent to be deployed. 

e. Type valid credentials in the Domain, User name, and Password fields. 

f. Click OK. 

Installing on Windows using ePolicy Orchestrator 4.5 

You must have administrator rights on the Windows system to perform this task. The agent extension must be installed 

on the ePolicy Orchestrator server before the agent is installed on any clients. 




a. In the ePolicy Orchestrator 4.5 console, click Menu->Software->Extensions. 

b. Click “Install Extension” and browse to the location containing EPOAGENTMETA.zip, select it and click OK. 

The Install Extensions summary page appears. 




3. Check in the agent package to the ePolicy Orchestrator repository: 

Note: If installing on a computer running Common Management Agent 3.6, the package must be checked in to 

the Current repository branch. 

a. In the ePolicy Orchestrator 4.5 console, click Menu->Software->Master Repository. 

b. Click Actions->Check In Package. 

c. Browse to the location containing MA400P3WIN.zip, select it and click Next. 

d. Ensure that Current is selected in the Branch field. 

e. Click Save. 

4. Create a deployment task or push the agent to client systems. If using the push method, follow these steps: 

a. In the ePolicy Orchestrator 4.5 console, click System Tree. 

b. Select the target systems or groups. 

c. Click Actions->Agent->Deploy Agent 

d. Select the version of the agent to be deployed. 

e. Type valid credentials in the Domain, User name, and Password fields. 

f. Click OK. 

Installing on Windows using third-party deployment methods 

The agent extension must be installed on the ePolicy Orchestrator server before the agent is installed on any clients. 

Tip: This task requires the creation of an agent installation package, FramePkg.exe (see Step 4). Installation of the 

package requires administrator rights. 




a. In the ePolicy Orchestrator 4.0 console, click Configuration. 

b. On the Extensions tab, click Install extension. 




3. Using the ePolicy Orchestrator 4.0 console, check in the agent package to the Current (default) repository 

branch. 

4. Create an installation package: 

a. In the ePolicy Orchestrator 4.0 console, click Systems. 

b. At the bottom of the System Tree, click New Systems. 

c. Select Create and download the agent installation package.

d. Deselect Use Credentials. 

e. Click OK. The Download file dialog box opens. 

f. Select FramePkg.exe and save it to the desktop. 

5. Note the location of the downloaded FramePkg.exe to identify it when using your third-party deployment 

system. You can add parameters and switches as allowed by your deployment system. For a list of available 

parameters, see Installing, upgrading and uninstalling using Windows command-line switches. 

Upgrading 

This section provides instructions for upgrading the agent from versions 3.5.5 and 3.6 to McAfee Agent 4.0. 

Upgrading on Windows using FramePkg_upd.exe 

You must have administrator rights to perform this task. 

1. Download and extract the Patch 3 agent package, MA400P3WIN.zip, to a temporary location. 

2. Copy FramePkg_upd.exe to a location on the target client. 

3. From the command line on the client, type /FramePkg_upd.exe /upgrade, where is the location 

containing the copied file. This command is the equivalent of double-clicking FramePkg_upd.exe in the folder 

containing the installation package. 

Installing, upgrading and uninstalling using Windows command-line 

switches 

This section describes using selected command-line and MSI parameters to specify installation and upgrading 

preferences. Use the list of tasks as a menu from which to select those that suit your circumstances and preferences. 

Tasks 

Installing the agent and data in their default locations using default site list and key information 

Installing the agent in specified folders 

Installing the agent with user-selected policies 

Installing the agent and specifying the log folder 

Installing the agent with user-selected site information and user-selected keys 

Installing the agent by force 

Installing without requiring specific user privileges 

Installing silently 

Installing with specification of interface and log file language 

Upgrading agent to a new version 

Uninstalling the agent 

Converting from unmanaged mode to managed mode 

Converting from managed mode to unmanaged mode 

Changing server 

Installing the agent and data in their default locations using default site 

list and key information 

Use this command to install the agent, site list and keys in their default locations. This command is the equivalent of 

double-clicking the program file in the installation package. 

framepkg.exe 

Installing the agent in specified folders 

Use this command to install the agent in a folder other than the default. The example shown here specifies a folder for 

the installation files (instdir) and a folder for the data files (datadir). These can be the same or different folders.

framepkg.exe /install=agent /instdir= /datadir= 

Installing the agent with user-selected policies 

Use this command for installation and upgrade to include policies selected by the administrator rather than the default 

policies. 

framepkg.exe /install=agent /agentpolicy= 

Note: Policies are stored in the server.xml file. 

The following steps illustrate how to create a server.xml file: 

1. Configure the policies on an ePolicy Orchestrator server. 

2. Enforce the policies on a selected client. The client’s server.xml file now includes the user-selected policies. The 

server.xml can be found on the client at Documents and Settings\All Users\Application Data\McAfee\Common 

Framework. 

3. Copy the new server.xml file from the client to a shared location. 

Installing the agent and specifying the log folder 

Use this command to install the agent in its default location and specify a log file other than the default log file as the 

record of the agent’s activities. 

framepkg.exe /install=agent /logdir= 

Note: The /logdir parameter can be appended to other installation commands. 

Installing the agent with user-selected site information and user-selected 

keys 

Use this command to install the agent and specify a site list file and security keys (srpubkey.bin and reqseckey.bin) 

other than the defaults. This command is useful when upgrading an agent using FramePkg_upd.exe. It specifies the 

server with which the agent communicates, irrespective of the site information embedded in the original installation 

package. 

framepkg.exe /install=agent /siteinfo= 

The security keys must be located in the same folder as the site list. Use ePolicy Orchestrator to export the files: 

1. Export the Sitelist file: 

a. Select Software | Master Repository. 

b. Click Export Sitelist. 

c. Save the file to a new location. 

2. Export the security keys: 

a. Select Configuration | Server Settings | Security Keys, and click Edit. 

b. Select Master Agent-server secure communication key, and click Export. 

c. Save the files to the same location as the Sitelist file. 

Installing the agent by force 

Use this command to delete the currently installed agent and force install a different agent only when: 

Downgrading to an earlier version of the agent. 

Changing the names of the folders that contain the agent.

Restoring the agent’s settings to a default state. 

framepkg.exe /install=agent /forceinstall 

Note: McAfee strongly advises that you only use /forceinstall to install the McAfee Agent under the conditions stated 

above, because the command: 

Deletes current program files and restores data files to a default state. As a result, all user-configured 

repositories and user-created tasks are lost. 

Removes the currently installed agent and introduces the risk that installation of the replacement agent could 

fail. As a result, one or more systems could have no agent at all. 

Sometimes requires a restart of the system. 

Installing without requiring specific user privileges 

Use this command to allow all users access to agent files and registry, regardless of their user privileges. 

framepkg.exe /install=agent /defaultpermissions 

Installing silently 

Use this command to install the agent without displaying information dialog boxes on the client. 

framepkg.exe /install=agent /s or framepkg.exe /install=agent /silent 

Installing with specification of interface and log file language 

Use this command to install the agent and specify a language other than the target computer’s native language. 

framepkg.exe /install=agent /uselanguage= 

Language codes are: 

Language Code 

Chinese (Simplified) 0804 

Chinese (Traditional) 0404 

Dutch 0413 

English 0409 

French 040C 

German 0407 

Italian 0410 

Japanese 0411 

Korean 0412 

Polish 0415

Portuguese 0416 

Spanish 040A 

Swedish 041D 

Note: To restore the computer’s native language, type /resetlanguage 

Upgrading the agent to a new version 

Use either of these commands to upgrade the agent to a new version. 

framepkg_upd.exe or framepkg.exe /upgrade 

Using these commands is the equivalent of double-clicking FramePkg_upd.exe in the installation package. 

Uninstalling the agent 

Some managed products, such as McAfee VirusScan Enterprise and McAfee Host Intrusion Prevention, incorporate their 

own copies of the agent. 

Disconnect the agent from its ePO server, and if there are no point-products using it for updating, remove it 

completely: 

frminst.exe /remove=agent 

Remove the agent completely, but only if it is not connected to an ePO server and no point-products are using it 

for updating: 

frminst.exe /uninstall 

Remove the agent completely, even if it is connected to an ePO server or point-products are using it for 

updating: 

frminst.exe /forceuninstall 

Converting from unmanaged mode to managed mode 

Use this task to convert a client currently operating in unmanaged mode to managed mode. 

If the sitelist.xml file is from ePolicy Orchestrator 4.0.0 or later, the security keys must be located in the same folder as 

the site list. 

frminst.exe /install=agent /siteinfo= 

Converting from managed mode to unmanaged mode 

Use this task to convert a client currently operating in managed mode to unmanaged mode. 

frminst.exe /remove=agent 

Changing server

Use this task to change the server with which a client communicates. 

The security keys must be located in the same folder as the site list. 

frminst.exe /siteinfo= 

Allowing users to configure proxy settings 

Laptop users of Windows can configure proxy settings for downloading McAfee VirusScan Enterprise updates while in 

the field. This requires making changes in the ePolicy Orchestrator console and in the VirusScan console. The ePolicy 

Orchestrator changes must be completed before making the VirusScan changes. 

Tasks 

Changes in the ePolicy Orchestrator console 

Changes in the VirusScan console 

Changes in the ePolicy Orchestrator console 

You must have ePolicy Orchestrator administrator rights to perform this task. 

1. Select Systems | System Tree and select or create the systems where proxy settings are to be allowed. 

2. Select Systems | Policy Catalog. 

3. In the Product field, select McAfee Agent. 

4. In the Category field, select General. 

5. Select a policy (for example, “My Default”) and click “Edit.” 

6. Click Proxy. 

7. Select “Use Internet Explorer settings (Windows only),” then select “Allow user to configure proxy settings.” The 

new policy is enforced at the next agent-to-server communication interval (ASCI). Alternatively, you can trigger 

enforcement by invoking an agent wake-up call. See the ePolicy Orchestrator Product Guide for instructions. 

Changes in the VirusScan console 

Any remote user who can access VirusScan Enterprise can perform this task. 

1. From the Tools menu of the VirusScan Console, select Edit AutoUpdate Repository List. 

2. Select the Proxy settings tab. 

3. Select “Use Internet Explorer settings (Windows only),” then select “Allow user to configure proxy settings.” 

4. Click Configure, then supply the required HTTP or FTP information, then click OK. 

Finding documentation for McAfee enterprise products 

1. Go to the McAfee ServicePortal (mysupport.mcafee.com) and, under Support by Reading, click Product 

Documentation. 

2. Select a Product. 

3. Select a Version. 

4. Select a product document. 

License attributions 

This product includes or may include: 

Software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). | Cryptographic 

software written by Eric A. Young and software written by Tim J. Hudson | Some software programs that are licensed 

(or sublicensed) to the user under the GNU General Public License (GPL) or other similar Free Software licenses which, 

among other rights, permit the user to copy, modify and redistribute certain programs, or portions thereof, and have

access to the source code. The GPL requires that for any software covered under the GPL, which is distributed to 

someone in an executable binary format, that the source code also be made available to those users. For any such 

software covered under the GPL, the source code is made available on this CD. If any Free Software licenses require 

that McAfee provide rights to use, copy or modify a software program that are broader than the rights granted in this 

agreement, then such rights shall take precedence over the rights and restrictions herein. * Software originally written 

by Henry Spencer, Copyright 1992, 1993, 1994, 1997 Henry Spencer. | Software originally written by Robert Nordier, 

Copyright © 1996-7 Robert Nordier. | Software written by Douglas W. Sauder. | Software developed by the Apache 

Software Foundation (http://www.apache.org/). A copy of the license agreement for this software can be found at 

www.apache.org/licenses/LICENSE-2.0.txt. | International Components for Unicode (“ICU”) Copyright © 1995-2002 

International Business Machines Corporation and others. | Software developed by CrystalClear Software, Inc., 

Copyright © 2000 CrystalClear Software, Inc. | FEAD® Optimizer® technology, Copyright Netopsystems AG, Berlin, 

Germany. | Outside In® Viewer Technology © 1992-2001 Stellent Chicago, Inc. and/or Outside In® HTML Export, © 

2001 Stellent Chicago, Inc. | Software copyrighted by Thai Open Source Software Center Ltd. and Clark Cooper, © 

1998, 1999, 2000. | Software copyrighted by Expat maintainers. | Software copyrighted by The Regents of the 

University of California, © 1996, 1989, 1998-2000. | Software copyrighted by Gunnar Ritter. | Software copyrighted by 

Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, U.S.A., © 2003. | Software copyrighted by 

Gisle Aas. © 1995-2003. | Software copyrighted by Michael A. Chase, © 1999-2000. * Software copyrighted by Neil 

Winton, © 1995-1996. | Software copyrighted by RSA Data Security, Inc., © 1990-1992. | Software copyrighted by 

Sean M. Burke, © 1999, 2000. | Software copyrighted by Martijn Koster, © 1995. | Software copyrighted by Brad 

Appleton, © 1996-1999. | Software copyrighted by Michael G. Schwern, © 2001. | Software copyrighted by Graham 

Barr, © 1998. | Software copyrighted by Larry Wall and Clark Cooper, © 1998-2000. | Software copyrighted by Frodo 

Looijaard, © 1997. | Software copyrighted by the Python Software Foundation, Copyright © 2001, 2002, 2003. A copy 

of the license agreement for this software can be found at www.python.org. | Software copyrighted by Beman Dawes, 

© 1994-1999, 2002. | Software written by Andrew Lumsdaine, Lie-Quan Lee, Jeremy G. Siek © 1997-2000 University 

of Notre Dame. | Software copyrighted by Simone Bordet & Marco Cravero, © 2002. | Software copyrighted by Stephen 

Purcell, © 2001. | Software developed by the Indiana University Extreme! Lab (http://www.extreme.indiana.edu/). | 

Software copyrighted by International Business Machines Corporation and others, © 1995-2003. | Software developed 

by the University of California, Berkeley and its contributors. | Software developed by Ralf S. Engelschall 

for use in the mod_ssl project (http:// www.modssl.org/). | Software copyrighted by Kevlin 

Henney, © 2000-2002. | Software copyrighted by Peter Dimov and Multi Media Ltd. © 2001, 2002. | Software 

copyrighted by David Abrahams, © 2001, 2002. See http://www.boost.org/libs/bind/bind.html for documentation. | 

Software copyrighted by Steve Cleary, Beman Dawes, Howard Hinnant & John Maddock, © 2000. | Software 

copyrighted by Boost.org, © 1999-2002. | Software copyrighted by Nicolai M. Josuttis, ©1999. | Software copyrighted 

by Jeremy Siek, © 1999-2001. | Software copyrighted by Daryle Walker, © 2001. | Software copyrighted by Chuck 

Allison and Jeremy Siek, © 2001, 2002. | Software copyrighted by Samuel Krempp, © 2001. See http://www.boost.org 

for updates, documentation, and revision history. | Software copyrighted by Doug Gregor (gregod@cs.rpi.edu), © 

2001, 2002. | Software copyrighted by Cadenza New Zealand Ltd., © 2000. | Software copyrighted by Jens Maurer, © 

2000, 2001. | Software copyrighted by Jaakko Järvi (jaakko.jarvi@cs.utu.fi), © 1999, 2000. | Software copyrighted by 

Ronald Garcia, © 2002. | Software copyrighted by David Abrahams, Jeremy Siek, and Daryle Walker, © 1999-2001. | 

Software copyrighted by Stephen Cleary (shammah@voyager.net), © 2000. | Software copyrighted by Housemarque 

Oy , © 2001. | Software copyrighted by Paul Moore, © 1999. | Software copyrighted 

by Dr. John Maddock, © 1998-2002. | Software copyrighted by Greg Colvin and Beman Dawes, © 1998, 1999. | 

Software copyrighted by Peter Dimov, © 2001, 2002. | Software copyrighted by Jeremy Siek and John R. Bandela, © 

2001. | Software copyrighted by Joerg Walter and Mathias Koch, © 2000-2002. | Software copyrighted by Carnegie 

Mellon University © 1989, 1991, 1992. | Software copyrighted by Cambridge Broadband Ltd., © 2001-2003. | Software 

copyrighted by Sparta, Inc., © 2003-2004. | Software copyrighted by Cisco, Inc and Information Network Center of 

Beijing University of Posts and Telecommunications, © 2004. | Software copyrighted by Simon Josefsson, © 2003. | 

Software copyrighted by Thomas Jacob, © 2003-2004. | Software copyrighted by Advanced Software Engineering 

Limited, © 2004. | Software copyrighted by Todd C. Miller, © 1998. | Software copyrighted by The Regents of the 

University of California, © 1990, 1993, with code derived from software contributed to Berkeley by Chris Torek. 

COPYRIGHT 

Copyright © 2009 McAfee, Inc. All Rights Reserved. 

No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into 

any language in any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate 

companies. 

TRADEMARK ATTRIBUTIONS

AVERT, EPO, EPOLICY ORCHESTRATOR, FOUNDSTONE, GROUPSHIELD, INTRUSHIELD, LINUXSHIELD, MAX (MCAFEE 

SECURITYALLIANCE EXCHANGE), MCAFEE, NETSHIELD, PORTALSHIELD, PREVENTSYS, SECURITYALLIANCE, 

SITEADVISOR, TOTAL PROTECTION, VIRUSSCAN, WEBSHIELD are registered trademarks or trademarks of McAfee, Inc. 

and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee 

brand products. All other registered and unregistered trademarks herein are the sole property of their respective 

owners. 

LICENSE INFORMATION 

License Agreement 

NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE 

YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED 

SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND 

OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR SOFTWARE 

PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE 

PRODUCT CD, OR A FILE AVAILABLE ON THE WEB-SITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). 

IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF 

APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND.

McAfee Agent 4.0 Patch 3 for Windows Release Notes

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?