Slow Visual Studio with McAfee

Posted on 2009-04-14
Last Modified: 2013-12-09
We are using Visual Studio 2008 as our primary development IDE. Our security team has set up McAfee to scan files in our \Local Settings\Temp folder. Unfortunately VS uses this directory during code builds which is slowing the developers down. We've reached an impasse with the security team on this.

Are there any guidelines availabile for using on-access virus scanners with something like Visual Studio that is making use of so many disk writes in order to increase performance?
Question by:HOPEWW
  • 3
  • 2
LVL 39

Expert Comment

ID: 24138226
Well, I'm not sure about some guidelines online, but the general guideline that any company should have towards developers, is to disable on-access scan. This is even more so when you use McAfee, because it is about the slowest scanners I have ever worked with.

Visual studio uses certain directories inside the Temp folder. Ask them to exclude the directories you need, including your project directories. Also tell them that there is no scanner that will allow malicious software to run or downloaded. If you open a link, before it is run it must be copied to the hard disk, where it is captured by the scanner. If it isn't captured, it will be captured the moment the virus starts to load itself as an executable.

Apparently your security team is not really aware of the risks and non-risks involved. Considering their choice for using McAfee in a professional environment is not really counting towards them, but maybe they're locked in by some management decisions.

On top of this, make sure that only certain filetypes are scanned and that any build directories are not scanned, because developing on a computer that uses (any type of!) on-access scanning is totally ridiculous because it slows you down so much that any sensible efficient working becomes impossible.

If your security guy needs a professional advice, you can give him/her my number.... ;-)

Author Comment

ID: 24144992
Hi Abel,

Thanks for the comment. Which system folders would you advise to exclude and also which visual studio file types?

You also mentioned that VS uses certain folders. Where can I get a list of these folders?

Much appreciated
LVL 39

Accepted Solution

abel earned 125 total points
ID: 24146102
McAfee has a setting for checking *all* files, or only the executable type files. Make sure you check the latter (if your sysadmin allows that).

I would exclude all of %TEMP%\Local\Microsoft\VisualStudio (this is Vista, may be different for XP). and %TEMP%\Roaming\Microsoft\VisualStudio (but there's not too much there).

Exclude as much as possible from %programfiles%\Microsoft Visual Studio 9 (depends on your version of VS) and possibly same for Common Files (but I didn't find so much there that slows down).

Then I would definitely exclude your main project dir, assuming you have all your SLN files in one place and the code below it. Most projects are compiled to a subdir of your solution directory.

Also exclude the target directory for any ASP.NET projects (publish locations, including temp, you can check the correct location by publishing your ASP.NET) and the local IIS folders that you use often for ASP.NET projects.

Finally, and maybe most important, download Process Monitor (was File Monitor) of the SysInternals suite: Create a filter to include only the Visual Studio process and keep it on while starting VS or compiling / publishing / debugging projects. Focus on the locations that occur very often, these locations you also want to exclude from scanning. If you do this while McAfee is on, you may visually see the slowdown (I did when fixing the same kind of problem with Paint Shop Pro + Comodo on my fathers system, and we found out where to look quite quickly using this tool).

-- Abel --

Author Comment

ID: 24151604
Hi Abel,

Will try this and let you know.


Author Closing Comment

ID: 31569852
Process Monitor was the deciding factor to identify the correct paths to use and then to identify which to exclude accroding to risk

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
Delivering innovative fully-managed cloud services for mission-critical applications requires expertise in multiple areas plus vision and commitment. Meet a few of the people behind the quality services of Concerto.
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now