cancel
Showing results for 
Search instead for 
Did you mean: 

VSE 8.8 Patch 7 - High CPU

Hi all,

Thought I would start this thread now since we just received patch 7.   Right away, my pilot group has experienced a consistent 60-99% CPU load from the On-Access Scan process.  Is anyone else observing this?  Since these patches are meant to close a vulnerability, I hate to just throw it on the back burner but if this is normal behavior; its going to have to wait

Thanks,

PSG

5 Replies
tomz2
Level 11
Report Inappropriate Content
Message 2 of 6

Re: VSE 8.8 Patch 7 - High CPU

What patch level were you at previously? Starting with Patch 5, there have been some fixes for thread usage with the scanner.

Re: VSE 8.8 Patch 7 - High CPU

Tomz2,

I'm coming mostly from Patch 6 which was not too great for us in itself.  I was hoping that 7 would clear up some of these corrupt installs/performance issues.  I've looked at some of this but haven't found the "magic button" yet.  Do you have any of these articles for ref?

Thanks

wwarren
Level 15
Report Inappropriate Content
Message 4 of 6

Re: VSE 8.8 Patch 7 - High CPU

There are also fixes in TIE if you're using TIE, which address this type of symptom.

William W. Warren | S.I.R.R. | Customer Success Group | McAfee

Re: VSE 8.8 Patch 7 - High CPU

wwarren,

Not currently using TIE but thanks

wwarren
Level 15
Report Inappropriate Content
Message 6 of 6

Re: VSE 8.8 Patch 7 - High CPU

OK... that's the only "known" thing that comes to mind to cause an unexpected high CPU symptom in our on access scanner (mcshield.exe process).

Anything else ought to be investigated.

It's definitely unexpected if you're seeing this as new behavior when already being on P6 and then going to P7.
High CPU symptoms are actually easier to investigate than many other types of problems. Creating a dump of the process while it's in that high CPU state is the best starting point, so we can review the threads and see which ones are getting all the CPU (and why). Such an approach requires engaging Support though.

And, the possibility remains that a full system dump may be required to find root cause; it just depends on whether the thread activity is evident in the process dump or if it indicates that there's activity occurring in kernel that needs to be looked at.

William W. Warren | S.I.R.R. | Customer Success Group | McAfee