Knowledge Base

Search Knowledge Base

KB #240082: Secured Instance of SQL Server does not AutoStart if McAfee On Access Scanning is enabled




If running certain versions of McAfee On Access Virus Scanning, it has been found that secured instances of SQL Server may not AutoStart at boot time. They will, however, start manually.

Additional Information:

This appears to be an issue of timing as McAfee and the secured instance of SQL Server attempt to start at the same time. Adding Encryptionizer files and directories to the Exclude List or White List does not resolve the issue. In addition, since it is possible to start the secured instance manually, McAfee is clearly not interpreting Encryptionizer as a threat.We continue to explore this issue, however, in the meantime, you can workaround this problem by forcing the SQL Server Service to start after the McAfee On Access Scan Service (normally named McShield).

Use the following procedure:

  • First confirm that this is, in fact, the problem, by disabling the McAfee On Access Scanner and rebooting. If the secured instance of SQL Server still does not start, it is a different issue.
  • Start REGEDIT.EXE and Locate the the Service Entry for the McAfee Access Scanner: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McShield
  • If it exists, locate the Service Entry for the secured instance of SQL Server. E.g.,
    – or if default instance-
  • Add a new Multi String Value (REG_MULTI_SZ) named “DependOnService” and set the value to “McShield”.
  • Close Regedit.
  • Make sure the McAfee On Access scanner is re-enabled.
  • Reboot machine and the secured instance of SQL Server should now auto start successfully.

On a related note, for performance purposes, Microsoft recommends that you add SQL Data directory or database files to the On Access exclusion list, regardless of the AV software you are using. See topic “Directories to exclude from virus scanning” in Microsoft KB Article 309422