+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 22
Windows Thread, FAO Kaspersky AV users in Technical; Just wondering if anyone using Kaspersky has performance issues with "Applying Computer Settings" on startup? Apart from that it seems ...
  1. #1
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,726
    Thank Post
    176
    Thanked 229 Times in 211 Posts
    Rep Power
    69

    FAO Kaspersky AV users

    Just wondering if anyone using Kaspersky has performance issues with "Applying Computer Settings" on startup? Apart from that it seems to run really well but not sure what it's trying to do scanning the GPOs... Sophos did exactly the same thing and it really bogs down the startup... any solutions out there?

  2. #2

    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,581
    Thank Post
    59
    Thanked 371 Times in 287 Posts
    Blog Entries
    7
    Rep Power
    134
    Interesting...

    We've just rebuilt the PCs in our college and part of the rollout this year was KAV. We're now seeing issues and that is one of them.

    Are you seeing instances where certain services aren't starting too? Usually they're network related such as the DHCP client, NLA and the Workstation/server processes?

    /edit May be worth putting a scanning exception in for the netlogon area?

  3. #3

    maniac's Avatar
    Join Date
    Feb 2007
    Location
    Kent
    Posts
    3,087
    Thank Post
    210
    Thanked 432 Times in 312 Posts
    Rep Power
    145
    Ahhhh, interesting.

    We've just brought into KAV as well this year, and we are also seeing a slowdown on Applying Computer Settings, although I put it down to there being a glitch on our new network as everything is totally new, but maybe I was chasing the wrong thing.

    If anyone can shed more light on this I'd be very interested.

    Mike.

  4. #4

    Join Date
    Jan 2009
    Location
    England
    Posts
    1,406
    Thank Post
    307
    Thanked 307 Times in 265 Posts
    Rep Power
    83
    Just moving to KAV here so would be interested in any fixes/workarounds for this issue

  5. #5
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,726
    Thank Post
    176
    Thanked 229 Times in 211 Posts
    Rep Power
    69
    Haven't had any service issues as yet but it seems this Computer Settings issue looks quite common... keep posting on here as evidence that Kaspersky support need to fix it up sharpish

    Quote Originally Posted by Norphy View Post
    Interesting...
    /edit May be worth putting a scanning exception in for the netlogon area?
    That could be worth a punt, KAV support gave me some policy settings to try that involved putting exceptions in DNS and DHCP folders but maybe that's worth a go... would I be right in thinking at logon the workstation would be querying \\domain.local\SYSVOL and \\domain.local\NETLOGON as I'm guessing KAV must be scanning the GPO objects before applying them?
    Last edited by gshaw; 2nd September 2009 at 10:47 AM.

  6. #6

    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,581
    Thank Post
    59
    Thanked 371 Times in 287 Posts
    Blog Entries
    7
    Rep Power
    134
    Any chance you could post those exceptions for DHCP and DNS here?

    I've put in exceptions for %domain%\sysvol and one for each of the DCs to cover all bases. I think netlogon is under sysvol so hopefully that should cover netlogon too!

  7. #7
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,726
    Thank Post
    176
    Thanked 229 Times in 211 Posts
    Rep Power
    69
    Just done a bit more investigation and tbh the exceptions won't make any difference if what I'm thinking is correct...

    - machine with no AV installed... lightning quick login
    - machine with AV and full policy... slow on Computer Settings
    - machine with test policy and protection components disabled... slow on Computer Settings
    - machine with test policy and Kaspersky startup disable... a bit quicker

    When manually starting AVP.exe (the main AV prog) you see frenzied HDD activity as it loads up, which then settles down after about 15-20 seconds (on a Core2Duo E8400)

    So my logic is that KAV seems to be loading just after Computer Settings starts, the frenzied HD activity is actually the AVP.exe starting and not caused by it scanning anything out the ordinary. Once it's started up the GPO then resumes and goes in as normal.

    For reference here's the exclusions I got from KAV support...

    Could you please edit your server policy, click on the Settings tab, then click Configure under Trusted Zone and do the following:
    1) Click on the Exclusion Masks tab
    2) Click Add
    3) Click Specify
    4) Enter %systemroot%\system32\dhcp and click OK (see below)

    5) Click OK
    6) Click Add
    7) Click Specify
    8) Enter %systemroot%\system32\dns and click OK
    9) Click OK and OK again
    10) Click Apply
    11) Click on the Enforcement tab
    12) Click Advanced
    13) Select ‘Modify all policy settings…’
    14) Click OK and OK again

    Now please open your workstation policy, click on the Settings tab and do the following:
    1) Click the drop down menu and select File Anti-Virus
    2) Click Customise
    3) Click on the Protection Scope tab
    4) Un-tick ‘All network drives’
    5) Click OK
    6) Click Apply
    7) Click on the Enforcement tab
    8) Click Advanced
    9) Select ‘Modify all policy settings…’
    10) Click OK and OK again

  8. Thanks to gshaw from:

    Norphy (2nd September 2009)

  9. #8

    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,581
    Thank Post
    59
    Thanked 371 Times in 287 Posts
    Blog Entries
    7
    Rep Power
    134
    OK, thanks!

    Out of curiosity, are you using an RM system?

  10. #9
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,726
    Thank Post
    176
    Thanked 229 Times in 211 Posts
    Rep Power
    69
    Quote Originally Posted by Norphy View Post
    OK, thanks!

    Out of curiosity, are you using an RM system?
    Hell no

    Plain vanilla for us

  11. #10

    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,581
    Thank Post
    59
    Thanked 371 Times in 287 Posts
    Blog Entries
    7
    Rep Power
    134
    Lucky you

  12. #11
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,726
    Thank Post
    176
    Thanked 229 Times in 211 Posts
    Rep Power
    69
    A few more things to try, might be worth you guys doing this as well and see if it helps...

    Could you please try the following:
    1) Open your Workstation policy in the Admin Kit
    2) Click on the Settings tab
    3) Click the drop down menu and click Additional
    4) Tick the options ‘Virus scan system scan’ & ‘Update systems tasks’ and click OK

    5) Now please test

    If this doesn’t help we to test to see if the issue is being caused by a specific component. If it is a specific component causing the issue we can create some trace logs with KAV running and the component disabled and another set of logs with KAV running and the component enabled and then pass this to our developers for analysis.
    To do this please disable the following components on a machine or via the policy and test the logon speed, if the logon issue is resolved turn the components on one by one until the problem component is located.

    Please disable:
    Mail Anti-Virus
    Web Anti-Virus
    Proactive Defence
    Anti-Hacker
    Anti-Spy
    Anti-Spam

    Please ensure you leave File Anti-Virus enabled

    If it is a specific component please do the following to create trace logs.

    1) Download KAVLOG7.EXE:
    http://www.kasperskylab.co.uk/kavfil...ls/kavlog7.zip

    Username - kavuser
    Password - Dfpt43

    2) Create logs with just File Anti-Virus enabled
    a. Logon to the workstation
    b. Run KAVLOG7.EXE
    c. Set the trace level to Notify 500
    d. Click Turn Trace ON
    e. Reboot the machine and logon
    f. Once logon has completed run KAVLOG7.EXE and click Turn Trace OFF
    g. The trace file will have now been created in:
    C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    Please zip and send me the files starting AVP... with the same date and time stamp and then delete the files on the workstation

    3) Create logs with just File Anti-Virus and the problem component enabled
    a. Logon to the workstation
    b. Run KAVLOG7.EXE
    c. Set the trace level to Notify 500
    d. Click Turn Trace ON
    e. Reboot the machine and logon
    f. Once logon has completed run KAVLOG7.EXE and click Turn Trace OFF
    g. The trace file will have now been created in:
    C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    Please zip and send me the files starting AVP... with the same date and time stamp and then delete the files on the workstation

  13. #12

    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,581
    Thank Post
    59
    Thanked 371 Times in 287 Posts
    Blog Entries
    7
    Rep Power
    134
    We're beginning to think it's the network agent and/or our configuration of the admin kit. Kaspersky support had me try the release candidate of KAV 6.0 MP4 and that worked without any issues. However, that necessitated uninstalling v6 of the network agent and installing v8 instead.

    As an experiment, we uninstalled the agent and KAV MP3 from a sacrificial lamb and reinstalled KAV without the network agent, it's been behaving itself properly since then. I've asked Kaspersky support to look into this, will let you know the outcome!

  14. #13
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,726
    Thank Post
    176
    Thanked 229 Times in 211 Posts
    Rep Power
    69
    Interesting stuff, might try whipping the agent off of my test machine to see if it speeds up... hope whatever update comes out soon as my machines would boot to desktop in under a minute if it wasn't for a 30 second lag on Computer Settings

  15. #14

    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,581
    Thank Post
    59
    Thanked 371 Times in 287 Posts
    Blog Entries
    7
    Rep Power
    134
    According to my support bod, v8 of the Admin kit and network agent and KAV v6 MP4 are all due out at the beginning of October.

  16. #15
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,726
    Thank Post
    176
    Thanked 229 Times in 211 Posts
    Rep Power
    69
    Confirmed: removal of network agent on my test PC removed the logon lag!

    Question is do we have to wait for the new release or can they fix the current agent I wonder... would love to have it working right before the start of term



SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. FAO: ELGG users and Moodle Users
    By thegrassisgreener in forum Virtual Learning Platforms
    Replies: 18
    Last Post: 3rd July 2009, 08:12 PM
  2. FAO firefox users
    By RabbieBurns in forum General Chat
    Replies: 4
    Last Post: 25th October 2008, 11:32 AM
  3. Kaspersky AntiVirus
    By deano in forum Network and Classroom Management
    Replies: 0
    Last Post: 10th January 2008, 01:36 PM
  4. FAO BGfL users!
    By _Bat_ in forum General Chat
    Replies: 18
    Last Post: 26th April 2007, 08:28 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •