Update on the McAfee problem

We have it reproduced locally and see the behavior others are experiencing.

Many customers are screaming at us to “fix” this. Our Product Management is
currently working with McAfee to get them to add us to their list of safe
programs. This is the only solution possible for product already in the field,
which is a massive install base. Going forward it is also the best long term
solution for future releases.

Without asking to fix it… It was hard to reproduce? Is it something we can
avoid in the configuration? Other then not using mcafee, not using toad (sorry:)
or excluding Toad directories in the Mcafee scan?

Groetjes,
Wim

On Fri, Jun 18, 2010 at 15:48, Mark Lerch wrote:

We have it reproduced locally and see the behavior others are experiencing.

 

Many customers are screaming at us to "fix" this. Our Product Management is
currently working with McAfee to get them to add us to their list of safe
programs. This is the only solution possible for product already in the
field, which is a massive install base. Going forward it is also the best
long term solution for future releases.

It was easy to reproduce. We haven’t had success in finding a work-around. I
personally have not spent a great deal of time in trying, because for the great
majority of customers coming to us, they state explicitly that they do not have
permissions to alter their McAfee in any way shape or form. So any kind of
exclusion work-around, were we to even find one, which we haven’t, would not be
of help to them.

But it sounds like you have some control over it Wim, so I’ll continue to look
at it this morning to see if I can find any way around it

look for toad binaries
ls -al *.exe
-rwxr-xr-x 1 fubar_user Administ 316104 Oct 10 2008 FmtOptions.exe
-rwxr-xr-x 1 fubar_user Administ 1633920 Aug 27 2008 SQLMonitor.exe
-rwxr-xr-x 1 fubar_user Administ 745088 Aug 7 2008 TOADServerSide.exe
-rwxr-xr-x 1 fubar_user Administ 823808 Sep 2 2008 UninstallClientFiles.exe
-rwxr-xr-x 1 fubar_user Administ 211072 Aug 27 2008 qsr.exe
-rwxr-xr-x 1 fubar_user Administ 9407616 Oct 10 2008 toad.exe

ls -al *.dll
-rwxr-xr-x 1 fubar_user Administ 580096 Sep 23 2008 CVS.dll
-rwxr-xr-x 1 fubar_user Administ 557056 Mar 30 2006 Cfx4032.dll
-rwxr-xr-x 1 fubar_user Administ 2322432 Apr 26 2007 FmtPlus.dll
-rwxr-xr-x 1 fubar_user Administ 49152 Mar 30 2006 INETWH32.dll
-rwxr-xr-x 1 fubar_user Administ 378880 Mar 30 2006 KXauth.dll
-rwxr-xr-x 1 fubar_user Administ 471552 Sep 23 2008 PVCS.dll
-rwxr-xr-x 1 fubar_user Administ 9629696 Oct 10 2008 QP5.dll
-rwxr-xr-x 1 fubar_user Administ 450560 Jul 8 2008 QSE.dll
-rwxr-xr-x 1 fubar_user Administ 1631232 Mar 30 2006 QTScan.dll
-rwxr-xr-x 1 fubar_user Administ 266240 Oct 17 2006 RNetPin.dll
-rwxr-xr-x 1 fubar_user Administ 151552 Feb 7 2008 Revbase.dll
-rwxr-xr-x 1 fubar_user Administ 446464 Aug 11 2008 SCC.dll
-rwxr-xr-x 1 fubar_user Administ 1331200 Jan 18 2006 SPServer.dll
-rwxr-xr-x 1 fubar_user Administ 364544 Mar 30 2006 SciLexer.dll
-rwxr-xr-x 1 fubar_user Administ 136464 Mar 30 2006 SfxBar.dll
-rwxr-xr-x 1 fubar_user Administ 207360 May 15 2006 UnidbHook.dll
-rwxr-xr-x 1 fubar_user Administ 607232 Sep 23 2008 VSS.dll
-rwxr-xr-x 1 fubar_user Administ 1015859 Jun 19 2003 mfc42.dll
-rwxr-xr-x 1 fubar_user Administ 204288 May 15 2006 unidbsrv.dll

add all of the above binaries (.exe and .dll) and *.a *.bin and *.so
to mc-afee white-list

Norm/Roger/Anyone?
Martin

Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité

Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger
sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung
oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem
Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung.
Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung
fuer den Inhalt uebernehmen.

Ce message est confidentiel et peut être privilégié. Si vous n’êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l’expéditeur. N’importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l’information seulement et n’aura pas n’importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni.

Well, isn’t this lovely. It’s no longer occurring.

I didn’t make any changes to my Toad configuration at all, in fact I was off
doing other work. When I came back to this, Toad is starting immediately.
Watching the McAfee process shows it to not be making the slightest blip when
Toad starts now - it remains at zero.

I’ve logged off, restarted my machine - nothing, no problem whatsoever.

Did you get an automatic McAfee update in between? Maybe your Product Management
people have done their job in excellent time!

Nate Schroeder

US Seed & Trait Commercial IT - Data Management Team

Monsanto Company

800 N. Lindbergh Blvd. LC4D - Saint Louis, MO - 63167

314-694-2592

That thought drifted through my head for about 10 milliseconds but if that were
true I’d have to go play the lottery today. : )

Mark,

Well, isn't this lovely. It's no longer occurring.
Just like my SQL Loader problem.

I didn't make any changes to my Toad configuration at all,
in fact I was off doing other work. When I came back to
this, Toad is starting immediately. Watching the McAfee
process shows it to not be making the slightest blip when
Toad starts now - it remains at zero.
Maybe McAfee has cached the fact that Toad passed muster when last
loaded and due to it not having changed has decided that it is not a
threat?

Possibly, if this is the case, on an update to McAfee (or Toad) the
delay will come back?

I've logged off, restarted my machine - nothing, no problem
whatsoever.
One of the people who reported this problem added an extract from the
logfile. It showed that McAfee was erroring out of the checks on Toad
and restarting immediately. The repeated a number of times and probably
led to the large delay.

(Sorry, I got distracted by work and now I can't remember the point I
was making here!)

Cheers,
Norm. [TeamT]

Norman Dunbar
Contract Senior Oracle DBA
CIS Engineering Services
Internal : 7 28 2051
External : 0113 231 2051

Information in this message may be confidential and may be legally privileged. If you have received this message by mistake, please notify the sender immediately, delete it and do not copy it to anyone else. We have checked this email and its attachments for viruses. But you should still check any attachment before opening it. We may have to make this message and any reply to it public if asked to under the Freedom of Information Act, Data Protection Act or for litigation. Email messages and attachments sent to or from any Environment Agency address may also be accessed by someone other than the sender or recipient, for business purposes. If we have sent you information and you wish to use it please read our terms and conditions which you can get by calling us on 08708 506 506. Find out more about the Environment Agency at www.environment-agency.gov.uk

Information in this message may be confidential and may be legally privileged. If you have received this message by mistake, please notify the sender immediately, delete it and do not copy it to anyone else.

We have checked this email and its attachments for viruses. But you should still check any attachment before opening it.
We may have to make this message and any reply to it public if asked to under the Freedom of Information Act, Data Protection Act or for litigation. Email messages and attachments sent to or from any Environment Agency address may also be accessed by someone other than the sender or recipient, for business purposes.

If we have sent you information and you wish to use it please read our terms and conditions which you can get by calling us on 08708 506 506. Find out more about the Environment Agency at www.environment-agency.gov.uk