We are experiencing similar problems, except we upgraded from VSE 8.8 P1 to P2.
McAfee hangs shortly *after* the daily update process has completed, and all windows end up 'Not Responding' for about a minute and a half, after which we receive the same event log message as you and the system is fine.
This happens on a clean install as well, with VSE 8.8 P2 repost installed directly (no upgrade).
Will let you know if we get anywhere on our McAfee case, I think we are up to Level 4 on the escalation ladder now...!
P.S. Some of the things already attempted to resolve:
- McAfee suggested excluding the files that are being scanned - but it is quite often different files on different PCs so this is no good.
- Setting up low/high risk policies as per https://kc.mcafee.com/corporate/index?page=content&id=PD22940 - reduced the errors somewhat, but did not eliminate
- Increasing 'Maximum Scan Time' from 45 to 55 seconds - still no good (just increases the timeout from 90000ms to 110000ms in the event, making them hang for longer)
- Re-downloading our VSE 8.8 P2 and VSE 8.8 P2 Repost packages and reinstalling to a computer - didn't do any good
- Make sure 'Processes on Enable' is disabled, and that Artemis sensitivity is set to Medium - which they both are already.
I have also independently tried changing the DAT update time - ours is not using Global Updating but instead a task which is set to 'Run if missed' 10 minutes after the system boots. I tried changing this to 5 minutes in case it was conflicting with another system process but this didn't help.
We can see *very* clearly in the logs that the issue only occurred after Patch 2 was installed (the dates match up perfectly) but McAfee are insistent this is not the cause...
What's odd for us is that it does not occur on every machine. Only a few machines have the problem but we definitely did not see this until we upgraded our VSE 8.7 P5 to 8.8 P2. It just seems like there is some sort of contention that occurs when McAfee tries to scan the file system while there are other system processes locking the files. I don't believe excluding would help because it just seems like random files are causing the problem.
As far as the best practice guide, process on enable is turned off and we do not scan archives. Again it's the exact same configuration we had with 8.7 as we used the mgiration tool to move the policies over. I sent McAfee support a process monitor scan last week that they are currently analyzing.
Minkus - did you ever hear back from support? They sent me the following KB article https://kc.mcafee.com/corporate/index?page=content&id=KB67648 to identify if the OAS was the cause of the problem which I already knew. Excluding the files from OAS scanning of course fixes the problem but I don't know that it really proves because it seems that most of the time a different process is responsible for the OAS conflict. I have a feeling that entering exclusions will just result in other processes contending with the OAS. They still have not commented on the procmon I sent.
I got the same article, and also found that excluding all files works (at least the one time I tried) - but of course this doesn't prove anything and the problem is intermittent anyway.
Our event logs are very clear that the issue started occurring when we installed Patch 2, and once I pointed this out again and had a bit of a moan I got up to Tier III who are now investigating for me.
I would suggest you push this angle as well - if you can install 8.8 Patch 1 onto a machine, demonstrate that the problem does not occur, and then upgrade to 8.8 Patch 2 and demonstrate that it does, you may have better luck in convincing them to escalate.