Event ID/Source search
Keyword searchExample: Windows cannot unload your registry file
Event ID: 5022 Source: McLogEvent
MCSCAN32 Engine Initialisation failed. Engine returned error : Drivers (dat files) failed or are missing.
|English: Request a translation of the event description in plain English.|
Jan van Rijsewijk
I had the same situation and found a "quick and dirty" method to update the system in question:
0. Remove the old McAfee installation and reboot.
1. Perform a default client install.
Choose NOT to run an "update" or "on-demand scan" at the end of the installation.
2. Run the latest SDAT.
3. Stop the following services:
a. McAfee Framework Service
b. Network Associates McShield
c. Network Associates Task Manager
4. Stop the following processes through the Task Manager:
5. This will effectively stop McAfee.
Now copy from the directory ".\FALSE" behind the directory where the SDAT was run from to:
"C:\Program Files\Common Files\Network Associates\Engine":
6. Reboot the workstation.
7. Run an update to check the installation and watch the output. The output should run with no problems.
Run 5100eng.exe (from McAfee) to update the scan engine allowing the new dat files to work properly. For some reason the newer dat files you tried to update after a new install do not like the old scan engine.
Configure the McAfee DAT file location to point to a folder, share or Dfs link that is always accessible. Update older versions of McAfee with the latest McAfee SUPERDAT from the McAfee web site and restart the computer. Then, copy the latest DAT files to this location and update from them.
This problem may appear if one or more of the DAT files were not updated properly, causing the DAT files to not match each other. Read McAfee solution NAI34612 and NAI35939 for information on how to resolve the problem. Go to the "McAfee Knowledge Search" page and search for the specified solutions.
When running AutoUpdate manually, the update always failed saying definition files are not valid. To fix the problem I deleted files names.dat, san.dat, and clean.dat from C:\Program Files\Common files\Network Associates\Engine. Then I ran AutoUpdate again and everything updated fine.
Woodrow Wayne Collins
This event is directly related to event ID 7024 (Service: Network Associates McShield, error 5022). 5022 means the McShield couldn't start the virus scanning engine. This almost always means your DAT files have become corrupted or mismatched (a version mismatch in the dat files --> scan.dat is a different version to names.dat for example). Try running the latest superdat again.
|Private comment: Subscribers only. See example of private comment|
|Links: Event ID 7024, Yahoo McAfee Antivirus forum, McAfee Knowledge Search|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated