The school I work at is lucky enough to have a site license for McAfee VirusScan Enterprise 8.0i, working in concert with McAfee ePolicy Orchestrator (ePO). As anti-virus software goes, McAfee makes the best (and more importantly, updates it every hour), even though it causes its share of headaches. One of these headaches is the “Could not start CMA processes” error that crops up from time to time, seemingly at random. The culprit is in fact ePO, which places a log file in “…\Documents and Settings\All Users\Application Data\Network Associates\Common Framework\Db” and then goes ahead and messes itself all up, forcing you to reinstall it…then begins the fun. Every time you try and reinstall it, even forcing the install, it fails miserably.
The error message, however, does point you to the NAILogs folder in your Temp folder. You can get there easily by going to Start -> Run -> %temp% -> Ok. Open the NAILogs folder. If the log shows an error to the effect that it couldn’t create the “Db” folder in “Common Framework,” simply go back to the “Application Data” folder and toast the “Network Associates” folder. Then, reinstall ePO and watch it work perfectly.
On a side note, this file is the target mentioned in a vulnerability disclosure listed on knowledge.mcafee.com entitled McAfee ePolicy Orchestrator Information Disclosure Vulnerability [NAI29993]. Apparently, a remote machine can access the log file through a web page, if the setting to allow such a thing is turned on. Turn it off, and you’re fine.