McAfee DLPe, Encryption, and HIPS processes fail to start or function with Endpoint Protection client installed
search cancel

McAfee DLPe, Encryption, and HIPS processes fail to start or function with Endpoint Protection client installed

book

Article ID: 163336

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Installing the Symantec Endpoint Protection client with default, out-of-the-box features and settings on the same computer with McAfee products may result in many McAfee processes failing to start or function as expected.

This issue may affect the following McAfee products:

  • Host Intrusion Prevention (HIPS)
  • Data Loss Prevention (DLP) Endpoint
  • Endpoint Encryption

While you may not observe specific errors, you may encounter the following symptoms with the McAfee software:

  • Software will not function as expected.
  • Processes may not start.
  • Software cannot be installed or upgraded and results with error.
  • Processes appear in a suspended state in Process Explorer.
  • Processes properties in Process Explorer show either "Error opening process" or "Error opening thread".

Cause

You should have the appropriate application exclusions for the Application and Device Control feature, and the appropriate "All Scans" folder exclusions for the other protection scans to allow McAfee software to function.

This ensures compatibility and minimizes any conflicts between Symantec and McAfee software.

Resolution

To work around this and prevent conflicts:

  1. Create a new "Exceptions" policy (or edit an existing policy) in the Symantec Endpoint Protection Manager, and assign the policy to the appropriate client groups where both Symantec and McAfee software is installed.
  2. Create "Application to Monitor" (log only) or file exceptions that include child processes for the following processes:
  • fcag.exe
  • fcags.exe
  • fcagswd.exe
  • FireSvc.exe
  • mfefire.exe
  • mfemms.exe
  • mfevtps.exe
  • mfehidin.exe
  • macompatsvc.exe
  1. Create "Folder" exceptions for "All Scans" for the following paths:
  • C:\Program Files\Common Files\McAfee\SystemCore\
  • C:\Program Files\McAfee\*
  • C:\Program Files (x86)\McAfee\*