7 Replies Latest reply on Sep 25, 2013 4:55 PM by bzielin

    Mcafee taking too long

    nikkih

      I have McAfee running on several servers and PC's.  Lately noticed that on several PC's and 1 server when you try to do anything it is taking way too long and if you open McAfee, it takes about 2 mins to open and another 2 mins for anything that you click on...I believe that it is trying to reach out to a website however Internet Explorer is disabled on these machines.  Would like to know how to make this go faster on these machines.  Thanks.

        • 1. Re: Mcafee taking too long
          Peter M

          The home products don't work on servers.  Can you please identify which McAfee product and then I will move the thread accordingly.

          • 2. Re: Mcafee taking too long
            nikkih

            Sorry, I am running McAfee Enterprise 8.7.

            • 3. Re: Mcafee taking too long
              Peter M

              OK, moved from Home to Business > VSE for better attention.  Good luck ;-)

              • 4. Re: Mcafee taking too long
                wwarren

                Is there a reason to stay on 8.7i?

                If possible, you should upgrade the systems to 8.8 + Patch 2 + Hotfix 778101.

                 

                Establishing your baseline as the "latest and greatest" is always a good start.

                • 5. Re: Mcafee taking too long
                  nikkih

                  I would like to upgrade, however due to the work compliance, I cannot at this time.  I am wondering if there is a registry setting that could be causing the slowdown?  But wireshark shows it trying to reach a website which it can't do.  How would I turn that off if that is the case?  Thanks.

                  • 6. Re: Mcafee taking too long
                    wwarren

                    VSE 8.7 only has one process that would be interested in network traffic, and that's FrameworkService.exe (which actually belongs to our Updater component).

                    If it cannot reach the internet (or an internal ePO server) then VSE will not be able to update.

                     

                    If you have identified a different process responsible for the traffic, which process - and where was the traffic going?
                    We've seen in the past some ldap activity, which we inherited by using Microsoft cryptographic APIs - but that's a problem we've solved in 8.8.

                     

                    Anything else and I'd question whether it's malware or not. Being on 8.7i you don't have a lot of protection against current malware threats. i.e. the product protections could be circumvented.

                     

                    You haven't shown though that the network traffic is directly tied to the unresponsiveness of the device. So I wouldn't mention that unless you're certain that's where the issue is. Instead, I'd be wanting to cast a wider net - such as using XPerf or PerfMon - to demonstrate where CPU cycles are going, or what windows aspect is being heavily utilized. From there, use the appropriate tool to further inspect that windows aspect... is it the NIC, disk I/O, memory, CPU, etc.

                    • 7. Re: Mcafee taking too long
                      bzielin

                      can you post the pcap.

                       

                      run a procmon or process explorer or you can use the mcafee profiler.