Slow login times

greg9891greg9891 Posts: 1,165Member ■■■■■■□□□□
Hey guys I have installed kasperkey anti virus on my server and all of my pcs within the company where I work and am now experiencing extremely slow log in times. I have since uninstalled it from the servers and still getting the slow log in times of 3 to 4 hours and in some cases the entire day goes by and I am still not able to log in. I run a domain enviroment with server 2012 standard. Helpppp Guys !
Certs Gained 2018: CCENT ,210-255 ( Cyber Security Operations)
Upcoming: ICND2, CTT, 210-250 (Cyber Security Fundamentals)

Isaiah 28:10 - For precept must be upon precept, precept upon precept; line upon line; here a little, and there a little.

Comments

  • gespensterngespenstern Posts: 1,243Member ■■■■■■■□□□
    Check for leftovers of KAV in a form of processes and kernel-mode drivers. Inspect process list and threads under "system" in process explorer. Inspect HKLM\System\Services for leftover services/drivers.

    Do a network capture to see what could be wrong. For example, you may see SMB exchanges being extremely slow. Compare to captures you get from healthy environment.

    SMB issues? If you log on, how fast is access to SMB shares on this server?

    Did you uninstall it on endpoints as well? If not uninstall at least on some of them to see if it improves the situation.

    Did you reboot your domain controllers after uninstallation? Are they healthy, replicate fine?

    Name resolution issues? DNS works fine? How names on workstations get resolved and are DCs IPs set as DNS servers?
  • greg9891greg9891 Posts: 1,165Member ■■■■■■□□□□
    The issues only seems to be when logging on. when once you are logged in the network shares are fine. i have some internal users and they say that the access to shared drives are fine. so its only related to the slow logon times. I can't seem to figure whats causing them.
    Certs Gained 2018: CCENT ,210-255 ( Cyber Security Operations)
    Upcoming: ICND2, CTT, 210-250 (Cyber Security Fundamentals)

    Isaiah 28:10 - For precept must be upon precept, precept upon precept; line upon line; here a little, and there a little.
  • DojiscalperDojiscalper Posts: 266Member ■■□□□□□□□□
    I agree, look for services still running somewhere. I can't really think of anything else right now, but will be interested to hear what you find.
    After you finish logging in, then log out, then try to go back in does it still take forever? Just a thought.

    Also maybe you could try logging into a workstation under a local admin account if you have any. If its faster than it might start to give you a clue, you could even compare that machine to another logged into the domain.
  • iBrokeITiBrokeIT Posts: 1,186Member ■■■■■■■■□□
    What do your domain controller event logs show?
  • AndersonSmithAndersonSmith Posts: 471Member ■■■□□□□□□□
    Try booting in Safe Mode With Networking and see if you have the same issue. If it doesn't take as long to login with that then it's probably something a process running in the background that you'll have to do some digging around to figure out what's going on. Check your event logs to see if they provide any good info (they should).
    All the best,
    Anderson

    "Everything that has a beginning has an end"
  • TrucidoTrucido Posts: 250Member
    I had the same slowness issue when I installed Kaspersky, it seemed to be a hog so I uninstalled it. I use Malwarebytes and ESET NOD 32.
    2017 Certification Goals
    CompTIA A+ [ ] CompTIA Net+ [ ] CompTIA Sec+ [ ] CCENT [ ] ITIL [ ]
  • greg9891greg9891 Posts: 1,165Member ■■■■■■□□□□
    I logged in under safe mode with networking and was able to log in very fast. We need to figure out why its taking so long without safe mode. I know that safe mode only runs the necessary services needed to run windows so I guess we need to isolate the service that's running that could be causing the issue.
    Certs Gained 2018: CCENT ,210-255 ( Cyber Security Operations)
    Upcoming: ICND2, CTT, 210-250 (Cyber Security Fundamentals)

    Isaiah 28:10 - For precept must be upon precept, precept upon precept; line upon line; here a little, and there a little.
  • Louie1277Louie1277 Posts: 491Member ■■■□□□□□□□
    try look at the start up services and seeing if there's a service running. (msconfig)

    That's the first place I always look when machines are running slow. I take out everything i don't like.
    2018 Goals: 70-410 [X], 70-411 [],70-412 [] :bow: 410- Passed!!!!!!

    My Goal for the Future
    2018 - *MCSA* / 2019 - *Security+*
    2019 - *CEH* / 2020 - * Pen Tester*
  • greg9891greg9891 Posts: 1,165Member ■■■■■■□□□□
    Solved it! we ran a program verbos I think that shows the services that start up during the login and log off process. its turns out that a group policy may have been the culprit. some how it may have got corrupted and did not allow the computers to log in in a timely manner. I have gotten rid of group policy for now and have since started to recreate them. I will need to investage as to how that happened.
    Certs Gained 2018: CCENT ,210-255 ( Cyber Security Operations)
    Upcoming: ICND2, CTT, 210-250 (Cyber Security Fundamentals)

    Isaiah 28:10 - For precept must be upon precept, precept upon precept; line upon line; here a little, and there a little.
Sign In or Register to comment.