Real Time Protection: Very slow

  • Thread starter Thread starter reinerotto
  • Start date Start date
R

reinerotto

The time to open a Word document on my (old) notebook
increases from 1s to 5s when real time protection is
active.
Is that usual ?
 
No it is not, but enough people see this that I've been calling it a bug.

Here are a couple of thoughts that I have.

You can disable real-time protection, if you wish. The method to follow is
detailed in the workaround section of this KB document:

http://support.microsoft.com/kb/892375 End users may be prompted to allow or
block administrative actions that originate from a central management tool
after they install Windows AntiSpyware (Beta) on a computer that is managed
by Systems Management Server 2003

However, before you do that, I'd be interested in a couple of things, if you
are willing:

1) If you go to Tools, Advanced tools, system explorers, then look down the
left column to System, Shell Execute Hooks. If you click on that, do you
see more than two hooks in the result? I have URL Exec Hook (which is basic
to the Windows Shell), and Microsoft.AntiSpyware etc etc.

If you have more than those two, what are the others, including their
locations, if possible.

Could you also try going to Control Panel, add or remove programs, Microsoft
Antispyware, change, update?

I'm wondering whether there are other hooks involved on "slow"
machines--besides those I typically see. And, I've seen instances where
some symptoms seen in a particular install, are modified or cleared up by a
reinstall--hence the suggestion for the update, which is the equivalent of a
repair install.
 
-----Original Message-----
No it is not, but enough people see this that I've been calling it a bug.

Here are a couple of thoughts that I have.

You can disable real-time protection, if you wish. The method to follow is
detailed in the workaround section of this KB document:

http://support.microsoft.com/kb/892375 End users may be prompted to allow or
block administrative actions that originate from a central management tool
after they install Windows AntiSpyware (Beta) on a computer that is managed
by Systems Management Server 2003

However, before you do that, I'd be interested in a couple of things, if you
are willing:

1) If you go to Tools, Advanced tools, system explorers, then look down the
left column to System, Shell Execute Hooks. If you click on that, do you
see more than two hooks in the result? I have URL Exec Hook (which is basic
to the Windows Shell), and Microsoft.AntiSpyware etc etc.

If you have more than those two, what are the others, including their
locations, if possible.
Click to expand...

No, I just have the two hooks you mentioned.


Could you also try going to Control Panel, add or remove programs, Microsoft
Antispyware, change, update?
Click to expand...

I did it, no change in behaviour. To be on safe side, I
compared the times necessary for opening *.doc immediately
after fresh boot with same file, once with real-time
protection and ones without: Still a diiference of about
5s.
 
http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm

I did it, no change in behaviour. To be on safe side, I
compared the times necessary for opening *.doc immediately
after fresh boot with same file, once with real-time
protection and ones without: Still a diiference of about
5s.
Click to expand...

OK--Sounds like it really is something about the hook code that causes this
pause on some machines. I was hoping that there would turn out to be
something else in place that was adding to the mix, but if there is, we
haven't spotted it.

I've no way to know whether Microsoft has seen this one or not.

I didn't remember to ask you to be sure that you've upgraded to the .509
build, available by downloading again, did I?

They mention performance as something that has changed between the builds,
but I'll be surprised if that does the job.
 
-----Original Message-----
http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm



OK--Sounds like it really is something about the hook code that causes this
pause on some machines. I was hoping that there would turn out to be
something else in place that was adding to the mix, but if there is, we
haven't spotted it.

I've no way to know whether Microsoft has seen this one or not.

I didn't remember to ask you to be sure that you've upgraded to the .509
build, available by downloading again, did I?

They mention performance as something that has changed between the builds,
but I'll be surprised if that does the job.
Click to expand...
No, I did not use .509. But after explicit download
(wondering, why no automatic update) still no difference.
But another observation: The difference is speed opening a
*.doc is only obvious, in case I use a double-click in
Explorer on the *.doc filename.
In case, I start Word.exe explicitly first, this start is
as fast as usual, (I am using W2k and Office 2000) and
then open the same document from the recently-used file
list, no delay.
So it looks like, it is not the opening of the file *.doc
itself, which is slowed down, but it is already the launch
of Word.exe itself from Explorer or eaven earlier in the
chain.
Same behaviour applies to Excel, of course.
And I have it on two machines, my notebook, and a desktop.
SO I am wondering, whether it is really only "on some
machines". I have almost the same apps on both machines,
though.
 
SO I am wondering, whether it is really only "on some
machines". I have almost the same apps on both machines,
though.
Click to expand...

Some machines are overhelmed with spyware and
temporarily files.

Try a total clean, this page explains this excellent.

http://aumha.org/a/quickfix.htm

About hardware you need at least 512MB memory.

My memory consuming is for: ( uptime 3 days)
gcasDtserv - 6MB
gcasServ- 3 MB
No CPU.
 
No, I did not use .509. But after explicit download
(wondering, why no automatic update) still no difference.
But another observation: The difference is speed opening a
*.doc is only obvious, in case I use a double-click in
Explorer on the *.doc filename.
In case, I start Word.exe explicitly first, this start is
as fast as usual, (I am using W2k and Office 2000) and
then open the same document from the recently-used file
list, no delay.
So it looks like, it is not the opening of the file *.doc
itself, which is slowed down, but it is already the launch
of Word.exe itself from Explorer or eaven earlier in the
chain.
Same behaviour applies to Excel, of course.
And I have it on two machines, my notebook, and a desktop.
SO I am wondering, whether it is really only "on some
machines". I have almost the same apps on both machines,
though.
Click to expand...

Fair question. I just launched Word 2003 via a doc sitting on my desktop,
and it came up reasonably promptly on an old creaky PIII750 with 640 megs of
ram and a couple of 6 gig drives and a system partition with 125 megs free!

I don't do this all day, and I haven't run a compare with the real-time
hooks disabled. I'll try to do that. I have got this installed on a couple
of dozen machines in offices where that operation is one that is done all
day by some folks who are quite picky about things--and I haven't heard from
them. In fact I put the app in, hid the system tray icon, and mentioned it
briefly to them--and the only feedback I've received is that they find the
updates noticeable. That and blowing away the scan stats daily on the
machines that run 24x7. I haven't yet received an inquiry about a popup
message--and I put it in on these machines a day or two after the beta was
made available. I think I must have picked too "nice" a crew of testers.

No--there are regular posts here from folks who find that the app slows down
various operations on their machine to the point where they need to take it
off. Some say "slows internet connection" Others give the launch delay you
mention, and I think there's a third case which I'm not remembering at the
moment--but in all of these disabling real-time protection makes this go
away.

I'm afraid I have no idea what the root of this is--it seems frequent enough
that I would hope that Microsoft has seen it and is zeroing in on it--but
clearly it isn't fixed in the builds we've seen thus far.
 
I guess that is the other explanation I wonder about--is this "slow" really
a symptom of some underlying factor (infection?) that nothing has spotted
thus far.
 
Back
Top