What McAfee software is this please, so I can move it to the exact section?
I've never personally seen the app pools recycle due to VSE. Not saying it isn't VSE but I would definitely start by looking at the VSE logs to see if there is something OAS is doing around the same time you should also be getting event log notifications for the recycle. Then see if they correlate?
The VSE logs are found within C:\ProgramData\McAfee\DesktopProtection
Looking at the IIS exclusions we have set for our IIS servers, we are specifically excluding the IIS working folder:
**\IIS Temporary Compressed Files\
Not sure if that helps or not.
Thread moved to VSE for now - Moderator
Looks like this might be a known issue in VSE 8.8 Patch 4: https://kc.mcafee.com/corporate/index?page=content&id=KB81595
It specifically deals with .config files and w3wp.exe. I suspect that the change to the metadata that VSE makes is enough to spoof a config change.
Could be, try it out and let us know. I have VSE 8.8 patch 4 running on almost all of our 500+ servers without any real issues, but I am excluding those IIS directories I posted earlier for our web servers.
With VSE uninstalled (it's a customer's server), there's no good way for me to dig deeper on this without having it reinstalled (which will likely happen) and then having them ignore my exclusion recommendations (which would be a bad move on their part). I'd love to have them be a guinea pig and play with adding/removing that exclusion to see the results, but I don't see that happening. Maybe one of your servers wants to be a laboratory mouse?
Hah. Same here.. it's was a major pain even getting our customers servers upgraded to patch 4. Hopefully you'll be able to test it out at some point though..
Patch 5 addresses this issue, but it will be 2015 before that is available.
A hotfix exists that also addresses this issue, but that hotfix introduces a lot of new code to the product such that it would warrant retesting/validating of the entire product in the environment.
So, if that's an option, seek it out from McAfee Support. P.S. Patch 5 would warrant the same testing effort and is the safer migration path.
The workaround (exclusions, as described in KB81595) is the recommended way forward though. They work.
We have had people claim that it does not work, but those were due to a) a different issue that had not been identified, b) misconfiguration in trying to abide the article's advice.
VSE has been reinstalled, with the exclusions recommended, and so far so good.