Mcafee Startup

[Michael C]

For some reason, my mcafee security software is taking longer to load onto
windows on startup. I disabled anything that loads in my system tray from
msconfig, so the only thing that loads is the mcafee. It still starts slow
and mcafee said they do not know what the problem is. What else can I do?
Should I disable more stuff in my ms config?

 

[BillW50]

In Michael C typed on Fri, 25 Sep 2009 07:37:01 -0700:

For some reason, my mcafee security software is taking longer to load
onto windows on startup. I disabled anything that loads in my system
tray from msconfig, so the only thing that loads is the mcafee. It
still starts slow and mcafee said they do not know what the problem
is. What else can I do? Should I disable more stuff in my ms config?

Well disable McAfee and if the slowness is gone, you know it was McAfee
right?

 

[LVTravel]

For some reason, my mcafee security software is taking longer to load onto
windows on startup. I disabled anything that loads in my system tray from
msconfig, so the only thing that loads is the mcafee. It still starts slow
and mcafee said they do not know what the problem is. What else can I do?
Should I disable more stuff in my ms config?

One of the worst security suites out there, running a close second to
Norton's product.

Free Zone Alarm firewall and either free Avast or AVG anti-viral programs
are faster, leave a much smaller footprint of memory use and greater program
and operating system reliability.

Download and run Malwarebytes and Spybot Search and Destroy (after
installing and updating) to ensure there are no nasties that McAfee missed.

 

[Ken Blake, MVP]

For some reason, my mcafee security software is taking longer to load onto
windows on startup. I disabled anything that loads in my system tray from
msconfig, so the only thing that loads is the mcafee. It still starts slow
and mcafee said they do not know what the problem is. What else can I do?
Should I disable more stuff in my ms config?

Three points.

1. You say you "disabled anything that loads in [your] system tray,"
and want to know whether you should disable more "stuff." Whether it
loads into the tray is completely irrelevant. If a background program
loads when you boot, it may impact your performance, whether or not
it's in the tray.

2. McAfee, in my view (and that of lots of others here) is the second
worst security software available. Only Norton is worse.

3. Here's my standard message on slow startup:

My personal view is that the attention many people pay to how long it
takes to boot is unwarranted. Assuming that the computer's speed is
otherwise satisfactory, it may not be worth worrying about. Most
people start their computers once a day or even less frequently. In
the overall scheme of things, even a few minutes to start up isn't
very important. Personally I power on my computer when I get up in the
morning, then go get my coffee. When I come back, it's done booting. I
don't know how long it took to boot and I don't care.

However if you do want to address it, it may be because of what
programs start automatically, and you may want to stop some of them
from starting that way. On each program you don't want to start
automatically, check its Options to see if it has the choice not to
start (make sure you actually choose the option not to run it, not
just a "don't show icon" option). Many can easily and best be stopped
that way. If that doesn't work, run MSCONFIG from the Start | Run
line, and on the Startup tab, uncheck the programs you don't want to
start automatically.

However, if I were you, I wouldn't do this just for the purpose of
running the minimum number of programs. Despite what many people tell
you, you should be concerned, not with how *many* of these programs
you run, but *which*. Some of them can hurt performance severely, but
others have no effect on performance.

Don't just stop programs from running willy-nilly. What you should do
is determine what each program is, what its value is to you, and what
the cost in performance is of its running all the time. You can get
more information about these with google searches and asking about
specifics here.

 

[PA Bear [MS MVP]]

Post here instead: http://forums.mcafeehelp.com/search.php

 

[Guest]

Michael,

Had a similar problem on a 2003 R2 domain controller not long ago with 8.5
Enterprise. When connecting to it via another machine and computer
management I stopped setting to manual & the problem went away. It created a
normal startup but without any protection. It turned out to be McCrappy was
doing a zero percent startup scan. Re-enabling the services & removing the
startup scan solved the issue. Another thing you could check is if virus
updating is set to computer startup.

The best people to ask are the Support Team at McCrappy unless you aren't
legit

 

[Michael C]

One of the worst security suites out there, running a close second to
Norton's product.

Free Zone Alarm firewall and either free Avast or AVG anti-viral programs
are faster, leave a much smaller footprint of memory use and greater program
and operating system reliability.

Download and run Malwarebytes and Spybot Search and Destroy (after
installing and updating) to ensure there are no nasties that McAfee missed.

Thank you, I have heard enough about mcafee sucks and I am ready to switch!
does AG have a firewall? Do I need one? Can I use the windows firewall with
AVG?

 

[Ken Blake, MVP]

Thank you, I have heard enough about mcafee sucks and I am ready to switch!

Excellent!


does AG have a firewall?

Does you mean AVG? No, at least not the basic free program.

By the way, I highly recommend that you get Avast, which LVTravel also
recommended above, instead of AVG. It's considerably better, in my
view.

Do I need one?

Yes, but you don't need a third-party one.

Can I use the windows firewall with AVG?

Yes. What anti-virus program you run, or even whether you run any
anti-virus program, is irrelevant. There's no "with" to be considered
here.

I recommend the built-in Windows firewall. There's no reason to use a
third-party firewall.

I used to recommend third-party firewalls over the Windows one
because they were two-way, and the Windows firewall only monitored
incoming traffic.

I've become convinced, however, that outbound protection is
meaningless. Once one of the nasties gets into your computer, it can
essentially do whatever it wants, including circumventing the
firewall. So the extra protection provided by a firewall that monitors
outbound traffic is more apparent than real.

 

[BillW50]

In Ken Blake, MVP typed on Fri, 25 Sep 2009 12:38:46 -0700:
[...]

I used to recommend third-party firewalls over the Windows one
because they were two-way, and the Windows firewall only monitored
incoming traffic.

I've become convinced, however, that outbound protection is
meaningless. Once one of the nasties gets into your computer, it can
essentially do whatever it wants, including circumventing the
firewall. So the extra protection provided by a firewall that monitors
outbound traffic is more apparent than real.

Actually the Windows XP firewall does monitor some outbound traffic. As
Windows XP tells me it has blocked some outbound communication and
allows me to select allow or block.

 

[Daave]

In Ken Blake, MVP typed on Fri, 25 Sep 2009 12:38:46 -0700:
[...]

I used to recommend third-party firewalls over the Windows one
because they were two-way, and the Windows firewall only monitored
incoming traffic.

I've become convinced, however, that outbound protection is
meaningless. Once one of the nasties gets into your computer, it can
essentially do whatever it wants, including circumventing the
firewall. So the extra protection provided by a firewall that
monitors outbound traffic is more apparent than real.

Actually the Windows XP firewall does monitor some outbound traffic.
As Windows XP tells me it has blocked some outbound communication and
allows me to select allow or block.

That's news to me.

 

[Ken Blake, MVP]

In Ken Blake, MVP typed on Fri, 25 Sep 2009 12:38:46 -0700:
[...]

I used to recommend third-party firewalls over the Windows one
because they were two-way, and the Windows firewall only monitored
incoming traffic.

I've become convinced, however, that outbound protection is
meaningless. Once one of the nasties gets into your computer, it can
essentially do whatever it wants, including circumventing the
firewall. So the extra protection provided by a firewall that
monitors outbound traffic is more apparent than real.

Actually the Windows XP firewall does monitor some outbound traffic.
As Windows XP tells me it has blocked some outbound communication and
allows me to select allow or block.

That's news to me.

Me too. I've never seen such a message. Bill, the next time you see
one, please note the exact verbatim text of the message and post it
here.

 

[BillW50]

In Ken Blake, MVP typed on Sat, 26 Sep 2009 07:07:12 -0700:

In Ken Blake, MVP typed on Fri, 25 Sep 2009 12:38:46 -0700:
[...]
I used to recommend third-party firewalls over the Windows one
because they were two-way, and the Windows firewall only monitored
incoming traffic.

I've become convinced, however, that outbound protection is
meaningless. Once one of the nasties gets into your computer, it
can essentially do whatever it wants, including circumventing the
firewall. So the extra protection provided by a firewall that
monitors outbound traffic is more apparent than real.

Actually the Windows XP firewall does monitor some outbound traffic.
As Windows XP tells me it has blocked some outbound communication
and allows me to select allow or block.

That's news to me.

Me too. I've never seen such a message. Bill, the next time you see
one, please note the exact verbatim text of the message and post it
here.

I could do better than that. Here is a snapshot of it in action.

http://img132.imageshack.us/img132/8030/windowsfirewallhasblock.gif

If you open up your Windows Firewall Settings and open the Exceptions
tab. The ones with the checkmarks are the ones you selected to unblock
at some moment in the past. I just deleted Dimension 4 from the list and
opened it up. And then I get the offer to block and unblock once again.
<vbg>

 

[suneelkumar85]

I was just writing a utility assembly for the startup handling of m
applications. That thing is called ....Startup.dll, which kind of mad
sense to me and resides within a folder called Startup in my sourc
code hierarchy. No problem that far. Things started to behave weirdl
when I created a small test app, a separate project in a subfolder o
the Startup folder. Suddenly I got an error from Visual Studio: CS0016
... can't write to file ...\test.startup.exe: access denied.

Usually this kind of problem has something to do with the funny method
that VS uses to access IntelliSense information for the IDE. That's bee
a known problem in VS.NET 2003 for a long time and although I was usin
v2005, I thought maybe it had to do with that. Restarted, looke
around... no change. I tried to create another project in another plac
and found out bit by bit that actually the path where the project wa
stored was the issue here.

To make a long story short: I found that McAfee VirusScan was th
source of the problem. I'm using the Enterprise 8 version, no ide
about others. That thing has a feature called "Access protection"
which performs some port blocking and others functions. Under th
option name Prevent access to suspicious startup items (.exe) i
implements a protection for the Startup folder... but not only for th
Startup folder, but for all folders that are called Startup. Wow.

By configuring the access protection via the VirusScan Console, it'
possible to switch that option off and everything's back to normal. No
back to my startup utility

 

[Daave]

In Ken Blake, MVP typed on Sat, 26 Sep 2009 07:07:12 -0700:

BillW50 wrote:
In Ken Blake, MVP typed on Fri, 25 Sep 2009 12:38:46 -0700:
[...]
I used to recommend third-party firewalls over the Windows one
because they were two-way, and the Windows firewall only monitored
incoming traffic.

I've become convinced, however, that outbound protection is
meaningless. Once one of the nasties gets into your computer, it
can essentially do whatever it wants, including circumventing the
firewall. So the extra protection provided by a firewall that
monitors outbound traffic is more apparent than real.

Actually the Windows XP firewall does monitor some outbound
traffic. As Windows XP tells me it has blocked some outbound
communication and allows me to select allow or block.

That's news to me.

Me too. I've never seen such a message. Bill, the next time you see
one, please note the exact verbatim text of the message and post it
here.

I could do better than that. Here is a snapshot of it in action.

http://img132.imageshack.us/img132/8030/windowsfirewallhasblock.gif

If you open up your Windows Firewall Settings and open the Exceptions
tab. The ones with the checkmarks are the ones you selected to unblock
at some moment in the past. I just deleted Dimension 4 from the list
and opened it up. And then I get the offer to block and unblock once
again. <vbg>

According to the Windows Firewall message, it "has blocked this program
from *accepting* [emphasis mine] connections." That would mean it is an
example of the firewall blocking *incoming* traffic.

In your post, you stated that the firewall "has blocked some outbound
communication and allows me to select allow or block." If you can post a
similar message that states something along the lines of "has blocked
this program from sending data to the Internet," I would be interested
to see that because it's something that Windows Firewall is *not*
supposed to be capable of doing (to the best of my knowledge).

 

[BillW50]

In Daave typed on Sat, 26 Sep 2009 12:26:41 -0400:

In Ken Blake, MVP typed on Sat, 26 Sep 2009 07:07:12 -0700:

BillW50 wrote:
In Ken Blake, MVP typed on Fri, 25 Sep 2009 12:38:46 -0700:
[...]
I used to recommend third-party firewalls over the Windows one
because they were two-way, and the Windows firewall only
monitored incoming traffic.

I've become convinced, however, that outbound protection is
meaningless. Once one of the nasties gets into your computer, it
can essentially do whatever it wants, including circumventing the
firewall. So the extra protection provided by a firewall that
monitors outbound traffic is more apparent than real.

Actually the Windows XP firewall does monitor some outbound
traffic. As Windows XP tells me it has blocked some outbound
communication and allows me to select allow or block.

That's news to me.

Me too. I've never seen such a message. Bill, the next time you see
one, please note the exact verbatim text of the message and post it
here.

I could do better than that. Here is a snapshot of it in action.

http://img132.imageshack.us/img132/8030/windowsfirewallhasblock.gif

If you open up your Windows Firewall Settings and open the Exceptions
tab. The ones with the checkmarks are the ones you selected to
unblock at some moment in the past. I just deleted Dimension 4 from
the list and opened it up. And then I get the offer to block and
unblock once again. <vbg>

According to the Windows Firewall message, it "has blocked this
program from *accepting* [emphasis mine] connections." That would
mean it is an example of the firewall blocking *incoming* traffic.

In your post, you stated that the firewall "has blocked some outbound
communication and allows me to select allow or block." If you can
post a similar message that states something along the lines of "has
blocked this program from sending data to the Internet," I would be
interested to see that because it's something that Windows Firewall
is *not* supposed to be capable of doing (to the best of my
knowledge).

Yeah sorry, I apologize! I remembered wrong. As it blocks all incoming
communications to an application or malware. It is a half ass way to do
it, but it does the job nonetheless. As if the Windows Firewall blocks
incoming communications to say something you want blocked (say a virus
or malware), nothing is going to happen anyway. As the protocol requires
two way communication for something to happen. Does it not?

 

[Ken Blake, MVP]

In Ken Blake, MVP typed on Sat, 26 Sep 2009 07:07:12 -0700:

BillW50 wrote:
In Ken Blake, MVP typed on Fri, 25 Sep 2009 12:38:46 -0700:
[...]
I used to recommend third-party firewalls over the Windows one
because they were two-way, and the Windows firewall only monitored
incoming traffic.

I've become convinced, however, that outbound protection is
meaningless. Once one of the nasties gets into your computer, it
can essentially do whatever it wants, including circumventing the
firewall. So the extra protection provided by a firewall that
monitors outbound traffic is more apparent than real.

Actually the Windows XP firewall does monitor some outbound traffic.
As Windows XP tells me it has blocked some outbound communication
and allows me to select allow or block.

That's news to me.

Me too. I've never seen such a message. Bill, the next time you see
one, please note the exact verbatim text of the message and post it
here.

I could do better than that. Here is a snapshot of it in action.

http://img132.imageshack.us/img132/8030/windowsfirewallhasblock.gif

Please note the message on that screen. It says "Windows firewall has
blocked this program from accepting connections from the internet or a
network." The Word "accepting" is clearly referring to incoming
traffic, not outbound.

 

[BillW50]

In Ken Blake, MVP typed on Sat, 26 Sep 2009 09:56:02 -0700:

In Ken Blake, MVP typed on Sat, 26 Sep 2009 07:07:12 -0700:

BillW50 wrote:
In Ken Blake, MVP typed on Fri, 25 Sep 2009 12:38:46 -0700:
[...]
I used to recommend third-party firewalls over the Windows one
because they were two-way, and the Windows firewall only
monitored incoming traffic.

I've become convinced, however, that outbound protection is
meaningless. Once one of the nasties gets into your computer, it
can essentially do whatever it wants, including circumventing the
firewall. So the extra protection provided by a firewall that
monitors outbound traffic is more apparent than real.

Actually the Windows XP firewall does monitor some outbound
traffic. As Windows XP tells me it has blocked some outbound
communication and allows me to select allow or block.

That's news to me.

Me too. I've never seen such a message. Bill, the next time you see
one, please note the exact verbatim text of the message and post it
here.

I could do better than that. Here is a snapshot of it in action.

http://img132.imageshack.us/img132/8030/windowsfirewallhasblock.gif

Please note the message on that screen. It says "Windows firewall has
blocked this program from accepting connections from the internet or a
network." The Word "accepting" is clearly referring to incoming
traffic, not outbound.

Yes sorry, I remembered incorrectly. But the effect is the same. Let's
say Virus.exe wants to phone home. So it sends out a request to
communicate with the server. The server response with okay I am ready.
But Windows Firewall blocks the message from getting to Virus.exe. So
nothing happens.

So all of the programs that are being blocked, has the effect of never
seeing being connected to the Internet. As they can't communicate with
anybody. So they can't do anything. While unblocked programs like
browsers, email, etc. has free access to the Internet.

 

[Ken Blake, MVP]

In Ken Blake, MVP typed on Sat, 26 Sep 2009 09:56:02 -0700:

In Ken Blake, MVP typed on Sat, 26 Sep 2009 07:07:12 -0700:
BillW50 wrote:
In Ken Blake, MVP typed on Fri, 25 Sep 2009 12:38:46 -0700:
[...]
I used to recommend third-party firewalls over the Windows one
because they were two-way, and the Windows firewall only
monitored incoming traffic.

I've become convinced, however, that outbound protection is
meaningless. Once one of the nasties gets into your computer, it
can essentially do whatever it wants, including circumventing the
firewall. So the extra protection provided by a firewall that
monitors outbound traffic is more apparent than real.

Actually the Windows XP firewall does monitor some outbound
traffic. As Windows XP tells me it has blocked some outbound
communication and allows me to select allow or block.

That's news to me.

Me too. I've never seen such a message. Bill, the next time you see
one, please note the exact verbatim text of the message and post it
here.

I could do better than that. Here is a snapshot of it in action.

http://img132.imageshack.us/img132/8030/windowsfirewallhasblock.gif

Please note the message on that screen. It says "Windows firewall has
blocked this program from accepting connections from the internet or a
network." The Word "accepting" is clearly referring to incoming
traffic, not outbound.

Yes sorry, I remembered incorrectly.

OK, thanks. No big deal. Glad it got straightened out.

 

[Daave]

In Daave typed on Sat, 26 Sep 2009 12:26:41 -0400:

In Ken Blake, MVP typed on Sat, 26 Sep 2009 07:07:12 -0700:
BillW50 wrote:
In Ken Blake, MVP typed on Fri, 25 Sep 2009 12:38:46 -0700:
[...]
I used to recommend third-party firewalls over the Windows one
because they were two-way, and the Windows firewall only
monitored incoming traffic.

I've become convinced, however, that outbound protection is
meaningless. Once one of the nasties gets into your computer, it
can essentially do whatever it wants, including circumventing
the firewall. So the extra protection provided by a firewall
that monitors outbound traffic is more apparent than real.

Actually the Windows XP firewall does monitor some outbound
traffic. As Windows XP tells me it has blocked some outbound
communication and allows me to select allow or block.

That's news to me.

Me too. I've never seen such a message. Bill, the next time you see
one, please note the exact verbatim text of the message and post it
here.

I could do better than that. Here is a snapshot of it in action.

http://img132.imageshack.us/img132/8030/windowsfirewallhasblock.gif

If you open up your Windows Firewall Settings and open the
Exceptions tab. The ones with the checkmarks are the ones you
selected to unblock at some moment in the past. I just deleted
Dimension 4 from the list and opened it up. And then I get the
offer to block and unblock once again. <vbg>

According to the Windows Firewall message, it "has blocked this
program from *accepting* [emphasis mine] connections." That would
mean it is an example of the firewall blocking *incoming* traffic.

In your post, you stated that the firewall "has blocked some outbound
communication and allows me to select allow or block." If you can
post a similar message that states something along the lines of "has
blocked this program from sending data to the Internet," I would be
interested to see that because it's something that Windows Firewall
is *not* supposed to be capable of doing (to the best of my
knowledge).

Yeah sorry, I apologize! I remembered wrong. As it blocks all incoming
communications to an application or malware. It is a half ass way to
do it, but it does the job nonetheless. As if the Windows Firewall
blocks incoming communications to say something you want blocked (say
a virus or malware), nothing is going to happen anyway. As the
protocol requires two way communication for something to happen. Does
it not?

Which protocol? If you have a program (especially a malicious one), it
can certainly "phone home" without requiring two-way communication.
(Depends on the program, of course!) At least that's my understanding...

I could see the following scenario:

Windows Firewall is turned on. Someone who has an unpatched system and
who is also without onboard antivirus protection clicks on a link on a
Web site that winds up installing a virus on their PC. That's incoming.

The virus turns the PC into a spambot (outgoing). There is no outgoing
protection so massive numbers of spam e-mails are sent out.

For those who point out this is a weakness of Windows Firewall (incoming
only), I would argue that the weakness was in having an unpatched system
without adequate antivirus protection (and PEBKAC error in visiting
dangerous sites and clicking on dangerous links!). Even if a two-way
firewall had been used, once the virus takes over the PC, I can easily
imagine it could reconfigure the firewall, thus eliminating any outbound
protection.

 

[BillW50]

In Daave typed on Sat, 26 Sep 2009 13:22:14 -0400:

In Daave typed on Sat, 26 Sep 2009 12:26:41 -0400:

BillW50 wrote:
In Ken Blake, MVP typed on Sat, 26 Sep 2009 07:07:12 -0700:
BillW50 wrote:
In Ken Blake, MVP typed on Fri, 25 Sep 2009 12:38:46 -0700:
[...]
I used to recommend third-party firewalls over the Windows one
because they were two-way, and the Windows firewall only
monitored incoming traffic.

I've become convinced, however, that outbound protection is
meaningless. Once one of the nasties gets into your computer,
it can essentially do whatever it wants, including
circumventing the firewall. So the extra protection provided
by a firewall that monitors outbound traffic is more apparent
than real.

Actually the Windows XP firewall does monitor some outbound
traffic. As Windows XP tells me it has blocked some outbound
communication and allows me to select allow or block.

That's news to me.

Me too. I've never seen such a message. Bill, the next time you
see one, please note the exact verbatim text of the message and
post it here.

I could do better than that. Here is a snapshot of it in action.

http://img132.imageshack.us/img132/8030/windowsfirewallhasblock.gif

If you open up your Windows Firewall Settings and open the
Exceptions tab. The ones with the checkmarks are the ones you
selected to unblock at some moment in the past. I just deleted
Dimension 4 from the list and opened it up. And then I get the
offer to block and unblock once again. <vbg>

According to the Windows Firewall message, it "has blocked this
program from *accepting* [emphasis mine] connections." That would
mean it is an example of the firewall blocking *incoming* traffic.

In your post, you stated that the firewall "has blocked some
outbound communication and allows me to select allow or block." If
you can post a similar message that states something along the
lines of "has blocked this program from sending data to the
Internet," I would be interested to see that because it's something
that Windows Firewall is *not* supposed to be capable of doing (to
the best of my knowledge).

Yeah sorry, I apologize! I remembered wrong. As it blocks all
incoming communications to an application or malware. It is a half
ass way to do it, but it does the job nonetheless. As if the Windows
Firewall blocks incoming communications to say something you want
blocked (say a virus or malware), nothing is going to happen anyway.
As the protocol requires two way communication for something to
happen. Does it not?

Which protocol? If you have a program (especially a malicious one), it
can certainly "phone home" without requiring two-way communication.
(Depends on the program, of course!) At least that's my
understanding...

Well I understand that nothing happens unless both lines of
communication is there. If one way is blocked, nothing is going to
happen anyway.

I could see the following scenario:

Windows Firewall is turned on. Someone who has an unpatched system and
who is also without onboard antivirus protection clicks on a link on a
Web site that winds up installing a virus on their PC. That's
incoming.
The virus turns the PC into a spambot (outgoing). There is no outgoing
protection so massive numbers of spam e-mails are sent out.

It can't! As all protocols used on the Internet requires the other end
to say something like ok I am here, okay I got the first packet, etc.
Without this two way communication, no malicious program can do
anything. As it can't establish any links to the outside world.

For those who point out this is a weakness of Windows Firewall
(incoming only), I would argue that the weakness was in having an
unpatched system without adequate antivirus protection (and PEBKAC
error in visiting dangerous sites and clicking on dangerous links!).
Even if a two-way firewall had been used, once the virus takes over
the PC, I can easily imagine it could reconfigure the firewall, thus
eliminating any outbound protection.

Yes true. Once your system has been compromised, you can't trust your
security software anymore anyway. Although I have never seen this on any
system I have, just on other people's systems. ;-)