Is This Content Helpful?
We're glad to know this article was helpful.
When the ArcGIS GIS Server Windows Service is stopped or restarted, the McAfee VirusScan Enterprise (VSE) Access Protection logs have entries that indicate that ArcGIS is attempting to terminate McAfee processes.
The McAfee VirusScan Enterprise Access Protection rule is designed to block all processes that run the terminate process privilege. This rule is triggered because it is a self-protection rule to avoid any third-party applications or malware from disabling VSE protection when a process explicitly interacts with a protected process. This is why VSE detects and blocks the ArcGIS GIS Server pkill.exe process.
The following are possible workarounds for this issue:
Note: Run the following command as an administrator.
Note: The following Microsoft document explains how to locate a PID for a process: Finding the Process ID.
Note: Apart from the two solution options mentioned above, the ArcGIS GIS Server pkill.exe process is designed to only terminate processes if the following three conditions are met: 1. The process has to be named javaw.exe, ArcSOC.exe or rmid.exe. 2. The ArcGIS GIS Server login account must be the owner of the processes. 3. The process must be started using an executable from within the ArcGIS GIS Server installation folder.