Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 3855 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Applying computer settings takes to much time

ropi

Hi,

we use Sophos Endpoint Protection 9.5. We have Win XP clients with sp3 and the boot procecc takes to much time on "Applying computer settings"   (5 minutes until the login screen).

I enabled the verbose logging and i found the problem:

USERENV(d5c.d74) 11:52:32:309 LibMain: Process Name:  C:\WINDOWS\System32\alg.exe
USERENV(dc4.dd0) 11:52:34:185 LibMain: Process Name:  C:\WINDOWS\system32\wbem\wmiprvse.exe
USERENV(b20.1d4) 11:52:37:656 LibMain: Process Name:  C:\WINDOWS\system32\reg.exe
USERENV(4ec.808) 11:52:40:063 GetProfileType:  Profile already loaded.
USERENV(4ec.808) 11:52:40:142 LoadProfileInfo:  Failed to query central profile with error 2
USERENV(4ec.808) 11:52:40:157 GetProfileType: ProfileFlags is 0
USERENV(d08.22c) 11:52:40:345 LibMain: Process Name:  C:\WINDOWS\system32\userinit.exe
USERENV(fc0.fc4) 11:52:41:470 LibMain: Process Name:  C:\WINDOWS\system32\wbem\wmiprvse.exe
USERENV(208.be4) 11:53:46:005 IsSyncForegroundPolicyRefresh: Synchronous, Reason: policy set to SYNC

You can see the bold line - here it takes 1 minute, something is waiting for the wmi feedback.

If i disable the sophos services the boot process speeds up and there is no "waiting for wmi feedback".

How can i disalbe this waiting? I can not disable the sophos services on the clients ;)

It would be nice if someone can help me.

Cheers,

Steffen

:24519


This thread was automatically locked due to age.
  • 0

    Hi,

    i found a solution on this thread -> /search?q= 5878

    befor excluding this files from the on access scan the boot time was 4:04 after excluding the files the boot time is 2:22.

    So i would say - problem solved.

    :24527
  • 0

    Which files did you exclude from on-access scanning? I might test this myself as I also have the same problem in my environment of PCs taking ages to boot up. 

    :24531
  • 0

    Hi,

    i did following:

    Exclude remote files.

    Exclude the following from On access scanning

    %windir%\system32\netwin32\netwin32.dll
    %windir%\security\templates\policies\gpt00000.dom (hidden file)
    %windir%\system32\drivers\fips.sys
    %windir%\system32\drivers\srv.sys
    %windir%\system32\TxfAux.dll
    %windir%\system32\mswsock.dll
    %windir%\system32\sp3res.dll
    %windir%\system32\rnr20.dll
    %windir%\system32\rpcss.dll
    %windir%\system32\authz.dll
    %windir%\system32\es.dll
    %windir%\system32\netman.dll
    %windir%\system32\oakley.dll
    %windir%\system32\pstorsvc.dll
    %windir%\system32\rasadhlp.dll
    %windir%\system32\regsvc.dll
    %windir%\system32\winipsec.dll

    And i exclude the file mentioned in the log file (bold line).

    :24537