Machines are slow to boot after installing Symantec Endpoint Protection (SEP) or Symantec AntiVirus (SAV.)
Increased time waiting to log in to the machine when Symantec AntiVirus or Symantec Endpoint Protection are installed. The computer may seem to hang on "Applying Personal Settings."
There are multiple potential causes for this issue.
Establish Boot times and check for Mapped Drives:
Other factors that impact boot times:
Very useful blog about identifying the cause of slow logons with Process Monitor (procmon) http://blogs.technet.com/markrussinovich/archive/2010/01/13/3305263.aspx
How to configure when Auto-protect loads for Symantec AntiVirus managed clients:
How to configure when Auto-protect loads for Symantec Endpoint Protection managed clients:
How to disable/enable Startup Quick Scan on a Managed or Unmanaged Symantec AntiVirus client:
How to disable/enable Startup and Quick Scans within the Symantec Endpoint Protection Manager:
Windows' User Environmnet log (C:\WINDOWS\Debug\UserMode\userenv.log) is an excellent source of infomation about slow boot-ups, group policy application and profile loading.
"Where enabling Userenv logging is necessary to see exactly what is happening with group policy and profile loading.... One thing to remember is that if the logging is not enabled then do not try and interpret the log since very minimal logging is enabled by default!" (http://www.ditii.com/2008/11/12/how-to-read-a-userenv-log-in-vista-or-windows-server-2008-part-1/ ) Debug info for non-Vista: 221833 How to enable user environment debug logging in retail builds of Windows http://support.microsoft.com/kb/221833
Understanding How to Read a Userenv Log – Part 1 http://blogs.technet.com/askds/archive/2008/11/11/understanding-how-to-read-a-userenv-log-part-1.aspx
Understanding How to Read a Userenv Log – Part 2 http://blogs.technet.com/askds/archive/2008/11/11/understanding-how-to-read-a-userenv-log-part-2.aspx
Interpreting Userenv log files http://technet.microsoft.com/en-us/library/cc786775(WS.10).aspx
Sysinternals have a tool (LoadOrd.exe) which reveals the order that a system loads device drivers and services. http://technet.microsoft.com/en-us/sysinternals/bb897416.aspx
Examining the Windows System and Application Event Logs will also reveal much information about what is occuring during a boot. The following events are logged whenever a computer boots. Are there any errors which consistently appear afterward? Perhaps about services or minifilters that are attempting to load, but fail? Is SEP or SAV dependent on those? Will resolving that issue ensure prompt boot times?
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
This will clear the history and restart the chat.