Solved

McShield.exe and McTray.exe high processor utilization

Posted on 2009-04-08
10
4,526 Views
Last Modified: 2013-12-09
We recently upgraded to McAfee VirusScan 8.7 and have noticed an increasing number of machines that have McShield.exe and McTray.exe utilizing almost all of the processor.  A reboot usually fixes the problem but it seems that random events trigger these processes to jump up so high.
There is not a scheduled scan or any McAfee tasks running when the processes spike and it seems the only way to stop them is to kill the processes or reboot.

We are running ePolicy Orchestrator management console 3.6.1 Patch4.  The workstation agent version we are running is 4.0.0.1345.

Has anyone else experienced similar issues with McAfee VirusScan, particularly 8.7?
0
Comment
Question by:junior049
  • 5
  • 3
  • 2
10 Comments
 
LVL 38

Expert Comment

by:younghv
Comment Utility
junior049 - Welcome to EE. I see that you have just started asking questions.
Please keep in mind that you need to respond to comments from the volunteer Experts. One of the most frustrating parts about trying to help here is when we take the time to post a suggestion, but then don't hear back.

With that said - and with the caveat that my ePO days are in the somewhat distant past - are you using the 'throttling' function to control what percentage of the processor that your McAfee client is allowed to use?

The most "ePO current" Expert on the site is legalsrl and he usually monitors the McAfee Zone pretty carefully. Stand by to hear from him and my 3 year old McAfee thoughts whatever consideration they deserve.

0
 

Author Comment

by:junior049
Comment Utility
Thank you for your response both yesterday and today.  The only reason that it took me so long to respond to you on the other problem was that I was trying to track down the info you requested.  By the time I had tracked down the info, it was late in the evening, time to go home and the problem was no longer occurring.  At that point I decided to call it a day and respond this morning.
I apologize for the delay.
Per your question above, yes, we throttle the processor usage at 30% during scans.  However, the scans are set to run at 2:00am local time.  Also, the process that McAfee uses for a scan is scan32.exe.  These McShield.exe and McTray.exe processes are spiking at random intervals when there are not any tasks scheduled.
0
 
LVL 38

Expert Comment

by:younghv
Comment Utility
I don't like posting links to other forums, but I think this is being discussed on McAfee (http://forums.mcafeehelp.com/showthread.php?s=23b668e996f117ef1cf63d612865ee7f&t=222427&page=5)

I'm going to drop a note to legalsrl, because I am in over my head and don't like to guess about solutions.

I'll monitor this, but only to learn what Si has to say.
0
 

Author Comment

by:junior049
Comment Utility
Thanks for the link.  It may be worth opening a case with McAfee.  I know there is currently not a publicly released hotfix for 8.7 yet but according to that forum you can sometimes get a hotfix from McAfee directly from support.
0
 
LVL 16

Accepted Solution

by:
legalsrl earned 500 total points
Comment Utility
Evening all,

Vic, thanks for the link

Junior, you're seeing exactly what everyone saw when 8.5 came out

We would see sudden VSTaskMGR spikes, normally at about 5pm.

I would contact Gold Support at your earliest opportunity.  I'd be interested to know the outcome as this looks very similar to the problem that the early adopters had with 8.5

Cheers
Si
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 

Author Comment

by:junior049
Comment Utility
I have an open case with Gold Support.  They referred me to KB50981.  Also, they mentioined a hotfix for 8.7 will be released on 4/17/09.  I will update with more info as I have it.  Thanks for the suggestions thus far.
0
 

Author Comment

by:junior049
Comment Utility
Sorry for the long delay but McAfee Gold Support was previously unable to provide me any relief to this problem.  They have been planning the release of a patch for 8.7i that is supposed to fix performance issues.  It went RTW last night and we have applied to a handful of our more troublesome machines.  I will update again in a day or two with the results from our testing.

Interesting side note about McAfee support:
About a week before the patch was scheduled for release, one McAfee technician actually suggested that I disable the On-Access scanner for all affected machines until the patch was released.  Pretty bad when McAfee techs are telling you to disable the real-time scanner to fix the problem.  I love dealing with tech support!
0
 
LVL 16

Expert Comment

by:legalsrl
Comment Utility
Thanks for the update, sorry it took me a while to post back, but I was on holiday

I'm really surprised that McAfee haven't learnt from the EXACT same problem that we had in 8.5, but hey ho.....

Let me know if the patch works for you....

Cheers
Si
0
 

Author Comment

by:junior049
Comment Utility
The patch seems to have resolved this issue.  However, McAfee recently removed the patch from their website because it caused another bug on Vista machines.  No problem for us since we are on XP.
Still seems like very buggy software.
0
 
LVL 16

Expert Comment

by:legalsrl
Comment Utility
Junior049,

Did any of the suggestions from the experts help you resolve your issue ?

If so, I would suggest that you accept their comment as it would have been the expert's answer that provided you with your solution

Also, that way it gets lodged in the knowledgebase so that anyone else with your problem now knows to contact McAfee Gold Support

Either way, a mod will review this

Cheers
Si
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

PREFACE The purpose of this guide is to explain what the SEPC Status Utility is and how it works. I have written the utility using AutoIt and have included the source code for your review. You are welcome to modify the code to your liking, but I wi…
By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now