Jump to content
ritchie58

Immunet Slowing Down Windows Disk Cleaner

Recommended Posts

On occasion I'll use the Windows Disk Cleaner to clean up excess system restore points since I also use the system backup feature. When the cleaner is loading I've noticed that the System Tray Icon shows activity and it takes an excessively long time for the program to load. However after putting this program in the Exclusion List that seemed to allow the cleaner to open much quicker. For my Win 7 64bit machine the file path for the cleaner is: C:\Windows\System32\cleanmgr.exe. The same behavior was seen with Robert's XP Pro 32bit machine as well. Would it be possible to "whitelist" this Windows program for the benefit of everyone who uses the Windows cleaner?

Share this post


Link to post
Share on other sites

Ritchie,

Please grab the SHA-256 of C:\Windows\System32\cleanmgr.exe. On my Win7 x64 it is c108a4b579c3feb83ac6028ada0ee87cf9e60b47d5c34daf645f66eefc3edbf7 and it's already marked clean. Also, is this with the 3.0.5 or 3.0.6 agent?

--Millard

Share this post


Link to post
Share on other sites

Hi Millard, I'm currently using the 3.0.6 beta. This is what was produced with a SHA-256 hash generator:

hex: f2cad25c4884304b0978aeebadb0ef74f00cedab4a03f9eaf34675250d2497f1HEX: F2CAD25C4884304B0978AEEBADB0EF74F00CEDAB4A03F9EAF34675250D2497F1h:e:x: f2:ca:d2:5c:48:84:30:4b:09:78:ae:eb:ad:b0:ef:74:f0:0c:ed:ab:4a:03:f9:ea:f3:46:75:25:0d:24:97:f1base64: 8srSXEiEMEsJeK7rrbDvdPAM7atKA/nq80Z1JQ0kl/E=

Share this post


Link to post
Share on other sites

Hi Millard, I'm currently using the 3.0.6 beta. This is what was produced with a SHA-256 hash generator:

hex: f2cad25c4884304b0978aeebadb0ef74f00cedab4a03f9eaf34675250d2497f1HEX: F2CAD25C4884304B0978AEEBADB0EF74F00CEDAB4A03F9EAF34675250D2497F1h:e:x: f2:ca:d2:5c:48:84:30:4b:09:78:ae:eb:ad:b0:ef:74:f0:0c:ed:ab:4a:03:f9:ea:f3:46:75:25:0d:24:97:f1base64: 8srSXEiEMEsJeK7rrbDvdPAM7atKA/nq80Z1JQ0kl/E=

That one is marked clean as well.

Share this post


Link to post
Share on other sites

Cool! Thanks Millard! I would assume it's ok to delete the cleanmgr.exe exclusion then, right?

Yes, it's ok to delete the cleanmgr.exe exclusion. However, we still need to figure out what the original performance hit due to. Have you ever deleted your cache.db? We've added some indexes to the databases through various versions of the agent, back populate them. It might be a good idea to:

 

1) Open commandline as administrator

2) Run the following commands:

net stop immunetprotect

cd "%PROGRAMFILES%\ImmunetProtect"

move cache.db 20120411_cache.db

move history.db 20120411_history.db

move historyex.db 20120411_historyex.db

net start immunetprotect

 

And see if the performance is better.

Share this post


Link to post
Share on other sites

No, I've never deleted any of the DB files. I've got folders dating back to 2. something or other too. Old school. l'll give it a try and see what happens.

Share this post


Link to post
Share on other sites

Hi Millard, I got as far as cmd "%PROGRAMFILES%\ImmunetProtect" but after that the other commands read: " The system cannot find the file specified. I tried it several times too using separate commands. EDIT: Ok, I think I was successful this time. I typed in all the commands as one string and hit Enter. That did it to reset everything. As most PC users, I don't have a need to use command prompts that often as you could probably guess, lol! On another note Millard, I saw some strange activity the other night, agent.exe had opened over 700 internet connections, heavy disk I/O accompanied this and was "really slowing things down!' I did a restart of the system and that calmed things down to normal. Maybe this is the same hashing problem other users have seen but this is the first time I have personally encountered this. I hope this tweak helps with that not occurring again! If it does happen again I'll get some screenshots to document the behavior and send an SDT report.

Share this post


Link to post
Share on other sites

It's been a little over 24 hours after clearing the DB files and that unusual activity with agent hasn't manifested itself again. So I'll take that as a good sign.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...