Issue that occurred
After an in-place OS Upgrade from Sierra to Catalina, the Mac started crashing with errors pointing to McAfee Anti-Virus. Issue was the the version of McAfee was too old for the Operating System. There was also new awareness of a McAfee Agent.
Components to be aware of
Version checking of McAfee Agent
Uninstalling manually
Installing McAfee Endpoint Security for Mac (includes Agent)
Upgrading McAfee Agent
Addressing apparent slowness
Ref then delete
20200303 The latest version of McAfee Endpoint Protection for Mac is 10.6.8. and the underlying McAfee Agent is version 5.6.3
Procedure to resolve which version of McAfee Endpoint Protection for Mac is installed
-Finder, Applications, McAfee Endpoint Security for Mac
-Right click, Get Info, version #
Procedure to resolve which version of McAfee Agent you have installed
-Note: It’s important that we have the correct version of McAfee Agent as it relates to Endpoint Protection for Mac as it relates to the computer’s OS (eg Catalina)
XREF to: Link: https://kc.mcafee.com/corporate/index?page=content&id=KB61125
-For identifying the version of McAfee navigate to /Library/McAfee/Agent/bin and once in that location type ./cmdagent -i
Procedure for uninstalling EndPoint Protection for Mac using SUDO commands
>Open a Terminal window.
>Invoke the uninstallation command from the Terminal:
Module to remove Command to use
All modules sudo /usr/local/McAfee/uninstall EPM
Firewall module sudo /usr/local/McAfee/uninstall Firewall
Threat Prevention module sudo /usr/local/McAfee/uninstall ThreatPrevention
Web Control module sudo /usr/local/McAfee/uninstall WebControl
NOTE: The uninstallation command is case sensitive.
Procedure if you get an error returned — something like: “Unable to execute – Bad CPU type in executable” after /uninstall EPM
If you are unable to remove ENSM using the commands mentioned above, perform the following steps to manually remove ENSM and then reinstall.
-Boot the Mac system into Safe Mode:
-Ensure that the system is shut down and not ‘sleeping’.
-Press the power button.
-Immediately after you hear the startup tone, press and hold the SHIFT key.
NOTE: Press and hold the SHIFT key as soon as possible after the startup tone, but not before the tone.
Release the SHIFT key when you see the gray Apple logo and the progress bar.
-Manually remove ENSM. In Safe Mode, type the following commands and press ENTER after each:
sudo su
NOTE: When prompted, type the administrator password.
cd /usr/local/
rm –rf McAfee/
cd /Library/Application\ Support/
rm –rf McAfee/
cd /Library/LaunchDaemons/
rm –rf com.mcafee.*
cd /Library/LaunchAgents/
rm –rf com.mcafee.*
cd /Library/Preferences/
rm –rf com.mcafee.*
When the removal process is complete, reboot the system and confirm that it starts normally.
Confirm that whatever Mac AntiVirus you may have installed is completely removed
Note: In my case, I had Sophos Anti-Virus installed. I downloaded an uninstaller from Sophos that completely removes all versions of this software
Procedure for installing the McAfee Endpoint Security for Mac on OSMojave and OSCatalina
Note: This is for running a clean install of McAfee
Ran the DMG named: McAfee-Endpoint-Security-for-Mac-10.6.8-RTW-standalone-112.dmg
Note: In my case, the newest version is 10.6.8
Additional Configuration after installation
-System Extension Blocked
A Program tried to load new system extensions signed by McAfee, Inc. If you want to enable these extensions, open Security and Privacy System Preferences
-Preferences
Check “ON” for Threat Prevention and Firewall
Procedure to verify the version of the McAfee Agent
Note: For new installs, the installer should automatically install the latest linked McAfee Agent
For identifying the version of McAfee navigate to /Library/McAfee/Agent/bin and once in that location type ./cmdagent -i
Note: In my case it returned Version: 5.6.2.209
Procedure to upgrade McAfee Agent
Note: In my case version 5.6.3 is the latest
To upgrade the McAfee agent to 5.6.3.
Copy over the installer
Double-click on MFEma.x86_64.dmg
Double-click on MA pkg
“Installer” would like to administer your computer. Administration can include modifying passwords, networking, and system settings – Yes
NOTE: Now I have Agent version 5.6.3.157