Products
Applications
Support
Company
How To Buy
Skip to main content (Press Enter).
Sign in
Skip auxiliary navigation (Press Enter).
Register
Skip main navigation (Press Enter).
Toggle navigation
Search Options
Home
My Communities
Communities
All Communities
Application Networking and Security
Enterprise Software
Mainframe Software
Software Defined Edge
Symantec Enterprise
Tanzu
VMware Cloud Foundation
Blogs
All Blogs
Enterprise Software
Mainframe Software
Symantec Enterprise
Events
All Events
Enterprise Software
Mainframe Software
Symantec Enterprise
VMware
Water Cooler
Betas
Flings
Education
Groups
Enterprise Software
Mainframe Software
Symantec Enterprise
Members
Knowledge Base
Private Community
Private Community
View Only
Community Home
Threads
0
Library
0
Blogs
7.3K
Events
0
Members
1.2K
Cb Response: Slow Boot Time on Windows 10
By
CB_Support
posted
Sep 18, 2018 07:35 PM
1
Recommend
Environment
Microsoft Windows 10: April '18 Update
Cb Response Sensor: 6.1.6
Symptoms
Windows 10 machines with the 1803 April '18 build have been experiencing longer boot times
Cause
Events that arrive before the sensor's core driver attaches to the file system volume are added to the sensor's list of running processes.
When this happens, the binary hashing fails, because the sensor isn't attached to the volume and can't access the associated binary. However, 'event creation' for intercepted events still block and wait 10 seconds for the hashing to complete.
This is especially a problem during startup, because the SYSTEM process repeatedly accesses the registry, and the timeout has to occur multiple times.
Resolution
Upgrade sensor version from 6.1.6 to 6.1.7.80722
Related Content
[Cb Response] Slow Boot Times on Win10 April 2018 Update
[Cb Response] Announcing the General Availability of the server version 6.2.3 and Win sensor 6.1.7 for On-prem Customers
Cb Response Windows Sensor 6.1.7 Release Notes
Slow Boot for windows 1803
#EDR
3 comments
0 views
Permalink
Copyright 2019. All rights reserved.
Powered by Higher Logic