Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

2mins+ System Startup


  • Please log in to reply
6 replies to this topic

#1 sayeo87

sayeo87

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:11:02 AM

Posted 27 December 2007 - 05:09 PM

Hi, I've been having this problem for a long time but never had the time to solve it until now, so I won't know what I installed/removed during the time the problems started.

The main problem is that Windows will take > 2 minutes at the part where it says "loading your personal settings" during startup.

- A while ago I checked my system for spyware/viruses in these forums and determined that system was completely clean and am quite certain is still clean right now.
- I have basically nothing running during startup except for a VPN client which I need and which I already tested by disabling but determined it didn't have much effect on startup time at all.
- I have also just defragged my harddrive and currently it says I have 0% fragmentation.
- I installed Microsoft's bootvis to track what is going on during startup and it showed that a lot of time was spent at $MFT and the disk defragmenter analysis report showed that my MFT was 99% in use and 223 MB in size - is that something to worry about?
- I installed PCPitstop's Disk MD and it showed that a restore snapshot file\REGISTRY_MACHINE_SOFTWARE has 310 fragments - could this be the problem?
- What's strange is I set up a new user and it starts up much faster without any problems!

I know I can just move everything to the new user and use that but I want to refrain from that and actually find out what's causing the problems on this user.

Can anyone offer any help on this? It will be much appreciated. Thanks!

BC AdBot (Login to Remove)

 


m

#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,571 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:02 PM

Posted 27 December 2007 - 05:31 PM

This can sometimes occur if you have a mapped network drive that is no longer available.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 Tomo2

Tomo2

  • Members
  • 402 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wanganui, Aotearoa NZ
  • Local time:03:02 PM

Posted 27 December 2007 - 05:42 PM

Hi,
(As you have said, you have completed steps 1 & 2 on this list.)
1. Defrag your hard drive. Use the built in XP defragmenter (dfrg.msc). It's the only one that properly optimizes your system's prefetching to speed up boot time.

2. Go to Microsoft's website and download BootVis.exe. It will optimize your prefetching even further than the built in defragmenter. Use both to get the best results: dfrg.msc first, then BootVis.exe->Tools menu->Optimize. Also, you can use it to benchmark your boot time before and after system tweaks and software installations.

3. Go to Start->Run... and type or paste "Rundll32.exe advapi32.dll,ProcessIdleTasks". This will start a built in optimization routine that runs in the System Idle Process
and shows up as "rundll32.exe" in task manager. It normally runs automatically
every 3 days. It will run for 15 mins to half an hour, so don't try to do anything too intensive while its running. If you get sick of it running, you should probably log off or restart to be safe, rather than killing the process.

4. Delete anything that you don't need in the Start->Programs->Startup folder, and in the Registry under HKLM->Software->Microsoft->Windows->Run and HKCU->Software->Microsoft->Windows->Run.

5. Go to Start->Control Panel->Administrative Tools->Services or go to Start->Run... and type "services.msc" to display services running on your machine. About 1/3 should be automatic, 1/3 should be manual, and 1/3 should be disabled, IMHO. If you don't know which to change, search google for "XP services" and read one of the many webpages that describe each service.

6. Use a partition manager to create a separate partition for your swap-file. Set its size to about 2.5 times the amount of physical RAM you have. You can do this by right-clicking my computer and selecting Properties->Advanced tab->Performance section->Settings button->Advanced tab again->Virtual Memory section->Change button. Whew! They don't make that one easy to get to. Just don't completely remove your swap file, cause your system might not boot after that, unless you have a lot of physical RAM. :flowers:

7. Repeat steps 1-3.

Ideally, XP on a clean install should boot in about 12 seconds from the time that you see the XP logo to useable (can open a program). With all my device drivers and third-party utilities, the best I can acheive so far is 18 seconds on my Dell. Don't use Norton SpeedDisk!--It may slow your XP system boot time by about 6 seconds. :thumbsup:

:inlove: You can also try enabling verbose logon messages which will show you each file being loaded. If there is one particular file or a string of them taking a long time to load, then google them to see if they are viruses. :trumpet:

Another thing... Have you ever cleared things like your user cache etc.? If not then you need to get CCleaner Here

Hope this helps!!

P.S. I had a problem with this once. I don't know if it was a virus or not but I just tweaked a few things with my many tweaking apps (careful not to conflict) and the problem went away. I boot up incredibly fast now (about the best 12 secs) but it does take another couple of seconds to logon.

Edited by Tomo2, 27 December 2007 - 05:47 PM.

L&P, World Famous in New Zealand since ages ago!
Posted Image
Avast! Antivirus : Spybot S&D : Trend Micro Housecall : Hosts file : HiJack This
Don't be too open minded - your brains will fall out


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 54,863 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:02 PM

Posted 27 December 2007 - 05:53 PM

It's been my "observation" that my 3d-party firewall will not allow any program to open until it (the firewall) is properly engaged. It seems to be the last item to set up (after the AV, after the Antispyware, after Windows Defender, etc.).

My boot times are 2-3 minutes, which is fine with me.

ICW the great suggestions by Tomo, you might want a tool for startups: AutoRuns for Windows v8.73 - http://www.microsoft.com/technet/sysintern...s/AutoRuns.mspx

Louis

#5 sayeo87

sayeo87
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:11:02 AM

Posted 27 December 2007 - 06:17 PM

Thanks every1 for your help.....Budapest you were right on! I had 4 university network drives mapped which can't be connected to until the VPN client is run.....I disabled them all and my startup time is maybe 20 secs now :thumbsup:

#6 thaebich

thaebich

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:02 PM

Posted 03 January 2008 - 01:10 AM

Hi,
I have a "similar" problem of a delay/pause for 2 minutes but I don't think it is related to mapped network drives because as far as can determine, I am not the far into the startup when it occurs. There are no errors in Event Viewer. If you logon as soon as you get the login window, it is 2 minutes before disk starts working (i.e. startup has continued). If you wait for at least two minutes then logon, the system "starts up" ok i.e.no delay.

I have done a far bit of searching on the Web and have yet to find an answer

Using the tool gmer (http://www.gmer.net/files.php), it shows me the following (the space shows the 2 minute delay):

2008-01-03 14:41:09 gmer.sys System [4]: LoadDriver system32\DRIVERS\msgpc.sys
2008-01-03 14:41:10 gmer.sys System [4]: LoadDriver system32\DRIVERS\ipnat.sys
2008-01-03 14:41:10 gmer.sys System [4]: LoadDriver system32\DRIVERS\wanarp.sys
2008-01-03 14:41:10 gmer.sys System [4]: LoadDriver system32\DRIVERS\arp1394.sys
2008-01-03 14:41:10 gmer.sys System [4]: CreateProcess C:\WINDOWS\system32\smss.exe
2008-01-03 14:41:10 gmer.sys smss.exe [1344]: CreateProcess C:\WINDOWS\system32\autochk.exe
2008-01-03 14:41:11 gmer.sys smss.exe [1344]: LoadDriver \Registry\Machine\System\CurrentControlSet\Services\Cdfs
2008-01-03 14:41:13 gmer.sys smss.exe [1344]: CreateProcess C:\WINDOWS\system32\csrss.exe
2008-01-03 14:41:13 gmer.sys csrss.exe [1400]: LoadDriver \SystemRoot\System32\drivers\dxg.sys
2008-01-03 14:41:15 gmer.sys csrss.exe [1400]: LoadDriver \SystemRoot\System32\ati2dvag.dll
2008-01-03 14:41:15 gmer.sys csrss.exe [1400]: LoadDriver \SystemRoot\System32\ati2cqag.dll
2008-01-03 14:41:15 gmer.sys csrss.exe [1400]: LoadDriver \SystemRoot\System32\atikvmag.dll
2008-01-03 14:41:15 gmer.sys csrss.exe [1400]: LoadDriver \SystemRoot\System32\vga.dll
2008-01-03 14:41:15 gmer.sys csrss.exe [1400]: LoadDriver \SystemRoot\System32\ati2dvag.dll
2008-01-03 14:41:15 gmer.sys csrss.exe [1400]: LoadDriver \SystemRoot\System32\ati2cqag.dll
2008-01-03 14:41:15 gmer.sys csrss.exe [1400]: LoadDriver \SystemRoot\System32\atikvmag.dll
2008-01-03 14:41:15 gmer.sys csrss.exe [1400]: LoadDriver \SystemRoot\System32\ati2dvag.dll
2008-01-03 14:41:15 gmer.sys csrss.exe [1400]: LoadDriver \SystemRoot\System32\ati2cqag.dll
2008-01-03 14:41:15 gmer.sys csrss.exe [1400]: LoadDriver \SystemRoot\System32\atikvmag.dll
2008-01-03 14:41:16 gmer.sys csrss.exe [1400]: LoadDriver \SystemRoot\System32\ati3duag.dll
2008-01-03 14:41:16 gmer.sys csrss.exe [1400]: LoadDriver \SystemRoot\System32\ativvaxx.dll
2008-01-03 14:41:16 gmer.sys smss.exe [1344]: CreateProcess C:\WINDOWS\system32\winlogon.exe
2008-01-03 14:41:18 gmer.sys winlogon.exe [1432]: CreateProcess C:\WINDOWS\system32\services.exe
2008-01-03 14:41:18 gmer.sys winlogon.exe [1432]: CreateProcess C:\WINDOWS\system32\lsass.exe
2008-01-03 14:41:20 gmer.sys csrss.exe [1432]: LoadDriver \SystemRoot\System32\ATMFD.DLL
2008-01-03 14:41:20 gmer.sys services.exe [1476]: CreateProcess C:\Program Files\lotus\notes\nslsvice.exe
2008-01-03 14:41:20 gmer.sys nslsvice.exe [1636]: CreateProcess C:\Program Files\lotus\notes\nsl.exe
2008-01-03 14:41:22 gmer.sys services.exe [1476]: CreateProcess C:\WINDOWS\system32\ibmpmsvc.exe
2008-01-03 14:41:22 gmer.sys services.exe [1476]: CreateProcess C:\WINDOWS\system32\svchost.exe
2008-01-03 14:41:23 gmer.sys services.exe [1476]: CreateProcess C:\WINDOWS\system32\svchost.exe
2008-01-03 14:41:23 gmer.sys services.exe [1476]: CreateProcess C:\WINDOWS\system32\svchost.exe
2008-01-03 14:41:24 gmer.sys services.exe [1476]: LoadDriver system32\DRIVERS\irda.sys
2008-01-03 14:41:24 gmer.sys services.exe [1476]: LoadDriver System32\drivers\omdrv.sys
2008-01-03 14:41:24 gmer.sys services.exe [1476]: LoadDriver system32\DRIVERS\ndisuio.sys
2008-01-03 14:41:24 gmer.sys winlogon.exe [1432]: CreateProcess C:\WINDOWS\system32\ati2evxx.exe
2008-01-03 14:41:24 gmer.sys services.exe [1476]: LoadDriver \SystemRoot\System32\drivers\vpn.sys
2008-01-03 14:41:24 gmer.sys services.exe [1476]: CreateProcess C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
2008-01-03 14:41:26 gmer.sys services.exe [1476]: CreateProcess C:\Program Files\CheckPoint\SecuRemote\bin\SR_Watchdog.exe
2008-01-03 14:41:28 gmer.sys services.exe [1476]: CreateProcess C:\WINDOWS\system32\svchost.exe
2008-01-03 14:41:28 gmer.sys services.exe [1476]: CreateProcess C:\WINDOWS\system32\svchost.exe
2008-01-03 14:41:30 gmer.sys services.exe [1476]: CreateProcess C:\WINDOWS\system32\spoolsv.exe
2008-01-03 14:41:30 gmer.sys svchost.exe [1976]: LoadDriver system32\DRIVERS\rdbss.sys
2008-01-03 14:41:30 gmer.sys svchost.exe [1976]: LoadDriver system32\DRIVERS\mrxsmb.sys
2008-01-03 14:41:34 gmer.sys svchost.exe [1732]: LoadDriver \Registry\Machine\System\CurrentControlSet\Services\tdtcp
2008-01-03 14:41:34 gmer.sys svchost.exe [1732]: LoadDriver \Registry\Machine\System\CurrentControlSet\Services\rdpwd

2008-01-03 14:43:35 gmer.sys services.exe [1476]: LoadDriver system32\DRIVERS\mrxdav.sys
2008-01-03 14:43:44 gmer.sys services.exe [1476]: CreateProcess C:\WINDOWS\system32\svchost.exe
2008-01-03 14:43:45 gmer.sys services.exe [1476]: LoadDriver \??\C:\WINDOWS\system32\EGATHDRV.SYS
2008-01-03 14:43:45 gmer.sys services.exe [1476]: LoadDriver System32\Drivers\HTTP.sys
2008-01-03 14:43:45 gmer.sys services.exe [1476]: CreateProcess C:\Program Files\McAfee\Common Framework\FrameworkService.exe
2008-01-03 14:43:45 gmer.sys svchost.exe [1976]: LoadDriver system32\DRIVERS\srv.sys
2008-01-03 14:43:46 gmer.sys services.exe [1476]: CreateProcess C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
2008-01-03 14:43:47 gmer.sys svchost.exe [1732]: CreateProcess C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
2008-01-03 14:43:47 gmer.sys services.exe [1476]: CreateProcess C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
2008-01-03 14:43:49 gmer.sys services.exe [1476]: LoadDriver system32\DRIVERS\mdmxsdk.sys
2008-01-03 14:43:50 gmer.sys services.exe [1476]: CreateProcess C:\Program Files\lotus\notes\ntmulti.exe
2008-01-03 14:43:51 gmer.sys services.exe [1476]: CreateProcess C:\WINDOWS\system32\svchost.exe
2008-01-03 14:43:52 gmer.sys services.exe [1476]: CreateProcess C:\WINDOWS\system32\svchost.exe
2008-01-03 14:43:54 gmer.sys mcshield.exe [1876]: LoadDriver system32\drivers\mfehidk.sys
2008-01-03 14:43:54 gmer.sys services.exe [1476]: CreateProcess C:\Program Files\Dimension Data\AdminChooser\AdminChooser.exe
2008-01-03 14:43:54 gmer.sys System [4]: LoadDriver \Registry\Machine\System\CurrentControlSet\Services\mfefeatk
2008-01-03 14:43:55 gmer.sys System [4]: LoadDriver \Device\mfefeatk01.sys
2008-01-03 14:43:55 gmer.sys System [4]: LoadDriver system32\drivers\mfebopk.sys
2008-01-03 14:43:56 gmer.sys System [4]: LoadDriver system32\drivers\mfeapfk.sys
2008-01-03 14:43:57 gmer.sys System [4]: LoadDriver system32\drivers\mfeavfk.sys
2008-01-03 14:44:02 gmer.sys services.exe [1476]: CreateProcess C:\Program Files\Canon\CAL\CALMAIN.exe
2008-01-03 14:44:03 gmer.sys services.exe [1476]: CreateProcess C:\WINDOWS\system32\CCM\CcmExec.exe
2008-01-03 14:44:07 gmer.sys svchost.exe [1976]: LoadDriver system32\DRIVERS\ipnat.sys
2008-01-03 14:44:13 gmer.sys services.exe [1476]: CreateProcess C:\WINDOWS\system32\alg.exe
2008-01-03 14:44:15 gmer.sys services.exe [1476]: CreateProcess C:\WINDOWS\system32\msiexec.exe
2008-01-03 14:44:21 gmer.sys svchost.exe [1732]: CreateProcess C:\WINDOWS\system32\wbem\wmiprvse.exe
2008-01-03 14:44:34 gmer.sys svchost.exe [1732]: CreateProcess C:\WINDOWS\system32\wbem\wmiprvse.exe
2008-01-03 14:44:37 gmer.sys svchost.exe [1732]: CreateProcess C:\WINDOWS\system32\wbem\wmiprvse.exe
2008-01-03 14:44:39 gmer.sys services.exe [1476]: LoadDriver \??\C:\WINDOWS\system32\CCM\prepdrv.sys
2008-01-03 14:44:41 gmer.sys svchost.exe [412]: CreateProcess C:\WINDOWS\system32\wuauclt.exe
2008-01-03 14:44:48 gmer.sys naPrdMgr.exe [1888]: CreateProcess C:\Program Files\McAfee\VirusScan Enterprise\mcupdate.exe
2008-01-03 14:44:50 gmer.sys FrameworkServic [132]: CreateProcess C:\Program Files\McAfee\Common Framework\McScript_InUse.exe
2008-01-03 14:45:13 gmer.sys winlogon.exe [1432]: CreateProcess C:\WINDOWS\system32\userinit.exe
2008-01-03 14:46:35 gmer.sys winlogon.exe [1432]: CreateProcess C:\WINDOWS\system32\mpnotify.exe
2008-01-03 14:46:38 gmer.sys winlogon.exe [1432]: CreateProcess C:\WINDOWS\system32\ati2evxx.exe
2008-01-03 14:46:59 gmer.sys winlogon.exe [1432]: CreateProcess C:\WINDOWS\system32\userinit.exe
2008-01-03 14:46:59 gmer.sys winlogon.exe [1432]: CreateProcess C:\WINDOWS\system32\userinit.exe
2008-01-03 14:46:59 gmer.sys winlogon.exe [1432]: CreateProcess C:\WINDOWS\system32\WgaTray.exe
2008-01-03 14:47:00 gmer.sys userinit.exe [4060]: CreateProcess C:\WINDOWS\explorer.exe
2008-01-03 14:47:02 gmer.sys SR_Watchdog.exe [432]: CreateProcess C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.exe
2008-01-03 14:47:03 gmer.sys userinit.exe [4000]: CreateProcess C:\WINDOWS\system32\wscript.exe
2008-01-03 14:47:09 gmer.sys explorer.exe [200]: CreateProcess C:\WINDOWS\system32\verclsid.exe
2008-01-03 14:47:09 gmer.sys explorer.exe [200]: CreateProcess C:\WINDOWS\system32\verclsid.exe
2008-01-03 14:47:10 gmer.sys explorer.exe [200]: CreateProcess C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
2008-01-03 14:47:10 gmer.sys explorer.exe [200]: CreateProcess C:\Program Files\McAfee\Common Framework\UdaterUI.exe
2008-01-03 14:47:10 gmer.sys explorer.exe [200]: CreateProcess C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
2008-01-03 14:47:10 gmer.sys explorer.exe [200]: CreateProcess C:\WINDOWS\system32\ctfmon.exe
2008-01-03 14:47:11 gmer.sys UdaterUI.exe [2696]: CreateProcess C:\Program Files\McAfee\Common Framework\Mctray.exe
2008-01-03 14:47:11 gmer.sys explorer.exe [200]: CreateProcess C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe
2008-01-03 14:47:12 gmer.sys services.exe [1476]: CreateProcess C:\WINDOWS\system32\imapi.exe
2008-01-03 14:47:22 gmer.sys winlogon.exe [1432]: CreateProcess C:\WINDOWS\system32\userinit.exe
2008-01-03 14:47:37 gmer.sys explorer.exe [200]: CreateProcess C:\WINDOWS\system32\rundll32.exe
2008-01-03 14:47:45 gmer.sys explorer.exe [200]: CreateProcess C:\WINDOWS\system32\verclsid.exe
2008-01-03 14:47:45 gmer.sys explorer.exe [200]: CreateProcess C:\WINDOWS\system32\verclsid.exe
2008-01-03 14:48:22 gmer.sys explorer.exe [200]: CreateProcess C:\WINDOWS\system32\notepad.exe

ntbtlog shows (not easy to compare with the gmer output):
Service Pack 2 1 3 2008 14:41:00.375
Loaded driver \WINDOWS\system32\ntkrnlpa.exe
Loaded driver \WINDOWS\system32\hal.dll
Loaded driver \WINDOWS\system32\KDCOM.DLL
Loaded driver \WINDOWS\system32\BOOTVID.dll
Loaded driver ACPI.sys
Loaded driver \WINDOWS\system32\DRIVERS\WMILIB.SYS
Loaded driver pci.sys
Loaded driver isapnp.sys
Loaded driver compbatt.sys
Loaded driver \WINDOWS\system32\DRIVERS\BATTC.SYS
Loaded driver pciide.sys
Loaded driver \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Loaded driver aliide.sys
Loaded driver cmdide.sys
Loaded driver toside.sys
Loaded driver viaide.sys
Loaded driver intelide.sys
Loaded driver pcmcia.sys
Loaded driver MountMgr.sys
Loaded driver ftdisk.sys
Loaded driver dmload.sys
Loaded driver dmio.sys
Loaded driver PartMgr.sys
Loaded driver ACPIEC.sys
Loaded driver \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
Loaded driver VolSnap.sys
Loaded driver cpqarray.sys
Loaded driver \WINDOWS\system32\DRIVERS\SCSIPORT.SYS
Loaded driver iaStor.sys
Loaded driver atapi.sys
Loaded driver aha154x.sys
Loaded driver sparrow.sys
Loaded driver symc810.sys
Loaded driver aic78xx.sys
Loaded driver dac960nt.sys
Loaded driver ql10wnt.sys
Loaded driver amsint.sys
Loaded driver asc.sys
Loaded driver asc3550.sys
Loaded driver mraid35x.sys
Loaded driver i2omp.sys
Loaded driver ini910u.sys
Loaded driver ql1240.sys
Loaded driver aic78u2.sys
Loaded driver symc8xx.sys
Loaded driver sym_hi.sys
Loaded driver sym_u3.sys
Loaded driver ABP480N5.SYS
Loaded driver asc3350p.sys
Loaded driver cd20xrnt.sys
Loaded driver ultra.sys
Loaded driver adpu160m.sys
Loaded driver dpti2o.sys
Loaded driver ql1080.sys
Loaded driver ql1280.sys
Loaded driver ql12160.sys
Loaded driver perc2.sys
Loaded driver perc2hib.sys
Loaded driver hpn.sys
Loaded driver cbidf2k.sys
Loaded driver dac2w2k.sys
Loaded driver symmpi.sys
Loaded driver vmscsi.sys
Loaded driver disk.sys
Loaded driver \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Loaded driver fltMgr.sys
Loaded driver sr.sys
Loaded driver KSecDD.sys
Loaded driver Ntfs.sys
Loaded driver NDIS.sys
Loaded driver sisagp.sys
Loaded driver viaagp.sys
Loaded driver ohci1394.sys
Loaded driver \WINDOWS\system32\DRIVERS\1394BUS.SYS
Loaded driver Mup.sys
Loaded driver alim1541.sys
Loaded driver amdagp.sys
Loaded driver agp440.sys
Loaded driver agpCPQ.sys
Loaded driver \SystemRoot\system32\DRIVERS\intelppm.sys
Loaded driver \SystemRoot\system32\DRIVERS\ati2mtag.sys
Loaded driver \SystemRoot\system32\DRIVERS\HDAudBus.sys
Loaded driver \SystemRoot\system32\DRIVERS\b57xp32.sys
Loaded driver \SystemRoot\system32\DRIVERS\NETw4x32.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbuhci.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbehci.sys
Loaded driver \SystemRoot\system32\DRIVERS\nic1394.sys
Loaded driver \SystemRoot\system32\drivers\tifm21.sys
Loaded driver \SystemRoot\system32\DRIVERS\sdbus.sys
Loaded driver \SystemRoot\system32\DRIVERS\i8042prt.sys
Loaded driver \SystemRoot\system32\DRIVERS\kbdclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\SynTP.sys
Loaded driver \SystemRoot\system32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\nscirda.sys
Loaded driver \SystemRoot\system32\DRIVERS\irenum.sys
Loaded driver \SystemRoot\system32\DRIVERS\atmeltpm.sys
Loaded driver \SystemRoot\system32\DRIVERS\CmBatt.sys
Loaded driver \SystemRoot\system32\DRIVERS\ibmpmdrv.sys
Loaded driver \SystemRoot\system32\DRIVERS\imapi.sys
Loaded driver \SystemRoot\system32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\system32\DRIVERS\redbook.sys
Loaded driver \SystemRoot\system32\DRIVERS\VMNetSrv.sys
Loaded driver \SystemRoot\system32\DRIVERS\fw.sys
Loaded driver \SystemRoot\system32\DRIVERS\audstub.sys
Loaded driver \SystemRoot\system32\DRIVERS\rasirda.sys
Loaded driver \SystemRoot\system32\DRIVERS\rasl2tp.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndistapi.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndiswan.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspppoe.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspptp.sys
Loaded driver \SystemRoot\system32\DRIVERS\ptilink.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspti.sys
Loaded driver \SystemRoot\system32\DRIVERS\vnasc.sys
Loaded driver \SystemRoot\system32\DRIVERS\rdpdr.sys
Loaded driver \SystemRoot\system32\DRIVERS\termdd.sys
Loaded driver \SystemRoot\system32\DRIVERS\psadd.sys
Loaded driver \SystemRoot\system32\DRIVERS\swenum.sys
Loaded driver \SystemRoot\system32\DRIVERS\update.sys
Loaded driver \SystemRoot\system32\DRIVERS\mssmbios.sys
Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Loaded driver \SystemRoot\system32\drivers\ADIHdAud.sys
Loaded driver \SystemRoot\system32\drivers\AEAudio.sys
Loaded driver \SystemRoot\system32\DRIVERS\HSFHWAZL.sys
Loaded driver \SystemRoot\system32\DRIVERS\HSF_DPV.sys
Loaded driver \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
Loaded driver \SystemRoot\System32\Drivers\Modem.SYS
Loaded driver \SystemRoot\system32\DRIVERS\usbhub.sys
Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS
Did not load driver \SystemRoot\System32\Drivers\Sfloppy.SYS
Loaded driver \SystemRoot\System32\Drivers\i2omgmt.SYS
Did not load driver \SystemRoot\System32\Drivers\Changer.SYS
Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\DRIVERS\gmer.sys
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Did not load driver \SystemRoot\system32\DRIVERS\kbdhid.sys
Loaded driver \SystemRoot\System32\drivers\vga.sys
Loaded driver \SystemRoot\System32\Drivers\mnmdd.SYS
Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rasacd.sys
Loaded driver \SystemRoot\system32\DRIVERS\hidusb.sys
Loaded driver \SystemRoot\system32\DRIVERS\msgpc.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipsec.sys
Loaded driver \SystemRoot\system32\DRIVERS\tcpip.sys
Loaded driver \SystemRoot\system32\drivers\mfetdik.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipnat.sys
Loaded driver \SystemRoot\system32\DRIVERS\wanarp.sys
Loaded driver \SystemRoot\system32\DRIVERS\netbt.sys
Loaded driver \SystemRoot\system32\DRIVERS\arp1394.sys
Loaded driver \SystemRoot\System32\drivers\afd.sys
Loaded driver \SystemRoot\system32\DRIVERS\netbios.sys
Did not load driver \SystemRoot\system32\DRIVERS\serial.sys
Did not load driver \SystemRoot\System32\Drivers\PCIDump.SYS
Loaded driver \??\C:\WINDOWS\system32\Drivers\vmm.sys
Loaded driver \SystemRoot\system32\DRIVERS\rdbss.sys
Loaded driver \SystemRoot\system32\drivers\nipplpt.sys
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb.sys
Loaded driver \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys
Loaded driver \SystemRoot\System32\Drivers\tcusb.sys
Loaded driver \SystemRoot\System32\Drivers\Fips.SYS
Loaded driver \SystemRoot\System32\Drivers\BANTExt.sys
Loaded driver \SystemRoot\system32\DRIVERS\mouhid.sys
Loaded driver \SystemRoot\System32\Drivers\Cdfs.SYS
Loaded driver \SystemRoot\system32\DRIVERS\irda.sys
Loaded driver \SystemRoot\System32\drivers\omdrv.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndisuio.sys
Loaded driver \SystemRoot\System32\drivers\vpn.sys
Did not load driver \SystemRoot\system32\DRIVERS\rdbss.sys
Did not load driver \SystemRoot\system32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\System32\Drivers\TDTCP.SYS
Loaded driver \SystemRoot\System32\Drivers\RDPWD.SYS
Loaded driver \SystemRoot\system32\DRIVERS\mrxdav.sys
Loaded driver \??\C:\WINDOWS\system32\EGATHDRV.SYS
Loaded driver \SystemRoot\System32\Drivers\HTTP.sys
Loaded driver \SystemRoot\system32\DRIVERS\srv.sys
Loaded driver \SystemRoot\system32\DRIVERS\mdmxsdk.sys
Did not load driver \Device\mfefeatk01.sys
Loaded driver \SystemRoot\system32\drivers\mfehidk.sys
Loaded driver \SystemRoot\system32\drivers\mfebopk.sys
Loaded driver \SystemRoot\system32\drivers\mfeapfk.sys
Loaded driver \SystemRoot\system32\drivers\mfeavfk.sys
Did not load driver \SystemRoot\system32\DRIVERS\ipnat.sys
Loaded driver \??\C:\WINDOWS\system32\CCM\prepdrv.sys
Loaded driver \SystemRoot\system32\drivers\wdmaud.sys
Loaded driver \SystemRoot\system32\drivers\sysaudio.sys
Loaded driver \SystemRoot\system32\drivers\splitter.sys
Loaded driver \SystemRoot\system32\drivers\aec.sys
Loaded driver \SystemRoot\system32\drivers\swmidi.sys
Loaded driver \SystemRoot\system32\drivers\DMusic.sys
Loaded driver \SystemRoot\system32\drivers\kmixer.sys
Loaded driver \SystemRoot\system32\drivers\drmkaud.sys
Loaded driver \SystemRoot\system32\drivers\kmixer.sys
Loaded driver \SystemRoot\system32\drivers\kmixer.sys
Loaded driver \SystemRoot\system32\drivers\kmixer.sys

Thanks

#7 thaebich

thaebich

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:02 PM

Posted 04 January 2008 - 01:31 AM

More info to my previous post

I disabled the Workstation (lanmanworkstation) service and now no delay

The gmer output is the same except for where the 2 minute delay was:
The rdbss.sys and mrxsmb.sys drivers are no longer loaded - mrxdav.sys is loaded then instead of being loaded after rdpwd
Now
snip-----------------------------
2008-01-04 12:20:46 gmer.sys services.exe [1472]: CreateProcess C:\WINDOWS\system32\spoolsv.exe
2008-01-04 12:20:47 gmer.sys services.exe [1472]: LoadDriver system32\DRIVERS\mrxdav.sys
2008-01-04 12:20:51 gmer.sys svchost.exe [1728]: LoadDriver \Registry\Machine\System\CurrentControlSet\Services\tdtcp
2008-01-04 12:20:51 gmer.sys svchost.exe [1728]: LoadDriver \Registry\Machine\System\CurrentControlSet\Services\rdpwd
2008-01-04 12:20:56 gmer.sys services.exe [1472]: CreateProcess C:\WINDOWS\system32\svchost.exe
unsnip--------------------------
Was
snip-----------------------------
2008-01-03 14:41:30 gmer.sys svchost.exe [1976]: LoadDriver system32\DRIVERS\rdbss.sys
2008-01-03 14:41:30 gmer.sys svchost.exe [1976]: LoadDriver system32\DRIVERS\mrxsmb.sys
2008-01-03 14:41:34 gmer.sys svchost.exe [1732]: LoadDriver \Registry\Machine\System\CurrentControlSet\Services\tdtcp
2008-01-03 14:41:34 gmer.sys svchost.exe [1732]: LoadDriver \Registry\Machine\System\CurrentControlSet\Services\rdpwd
2008-01-03 14:43:35 gmer.sys services.exe [1476]: LoadDriver system32\DRIVERS\mrxdav.sys
2008-01-03 14:43:44 gmer.sys services.exe [1476]: CreateProcess C:\WINDOWS\system32\svchost.exe
unsnip--------------------------

This doesn't help in a networked configuration as the Workstation (lanmanworkstation) service is needed to run other services

Does anybody know what rdbss.sys and mrxsmb.sys are doing as they appear to be the ones causing the delay before mrxdav.sys is loaded.

I am doing a a domain login and there is network drive mapping occuring when I log in.
Am I correct in assuming that the network drive mapping would not occur until after I have actually logged in?
As described in my first post, if I wait for two minutes after first getting the login window before I actually login, then there is no delay, which, if my above assumption is correct, means that the problem is not network drive mapping.

I have not yet found anything that describes what mrxdav.sys, rdbss.sys and mrxsmb.sys do in terms that I can understand.

Other sites were suggesting that it had something to do with DHCP so I "hard coded" the IP address using my DHCP supplied IP address but it did not make any difference.

Using XP Pro, SP2 with all patches applied

TIA




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users