This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Community FAQ
Register | Log In
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Lansweeper Community
- Forums
- Archive
- tblAutorun table growing alarmingly quickly
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Register to ask a question, start a topic or share an idea
Join the Community
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-14-2009 12:46 AM
Hi,
I've just noticed that the 'tblAutorun' table in the lansweeper database is now the biggest table in our database server! And still growing 100Mb/day or so... currently the size is about 1.8Gb.
We have ~6,000 machines in lansweeper. Even so, I wouldn't have thought there would be enough things in the startup folders/run registry locations across all these computers to warrant a table of that size.
Looking at the table, I can see that a lot of our computers have literally thousands of records in this table - one machine has 18,072!
Looking closer at the entries, it looks like every system file on the machine has been added as being in the location 'startup', under the users NT AUTHORITY\SYSTEM and .DEFAULT. Here's a sample of the entries in the tblAutorun table:
Is this a bug or normal operation? I'm hoping a bug as I'm getting nervous about how quickly it is growing! As it is I'm going to set up a maintenance task to remove any entries in the 'startup' location.
Thanks
Michael
I've just noticed that the 'tblAutorun' table in the lansweeper database is now the biggest table in our database server! And still growing 100Mb/day or so... currently the size is about 1.8Gb.
We have ~6,000 machines in lansweeper. Even so, I wouldn't have thought there would be enough things in the startup folders/run registry locations across all these computers to warrant a table of that size.
Looking at the table, I can see that a lot of our computers have literally thousands of records in this table - one machine has 18,072!
Looking closer at the entries, it looks like every system file on the machine has been added as being in the location 'startup', under the users NT AUTHORITY\SYSTEM and .DEFAULT. Here's a sample of the entries in the tblAutorun table:
145814926 IT041357 mciseq mciseq.dll Startup NT AUTHORITY\SYSTEM 2009-05-13 09:54:41.170
145814928 IT041357 mciseq mciseq.drv Startup NT AUTHORITY\SYSTEM 2009-05-13 09:54:41.170
145814930 IT041357 mciwave mciwave.dll Startup NT AUTHORITY\SYSTEM 2009-05-13 09:54:41.170
145814932 IT041357 mciwave mciwave.drv Startup NT AUTHORITY\SYSTEM 2009-05-13 09:54:41.170
145814934 IT041357 mdhcp mdhcp.dll Startup NT AUTHORITY\SYSTEM 2009-05-13 09:54:41.170
145820474 IT041357 napstat napstat.exe Startup .DEFAULT 2009-05-13 09:54:47.717
145820475 IT041357 narrator narrator.exe Startup .DEFAULT 2009-05-13 09:54:47.733
145820476 IT041357 narrhook narrhook.dll Startup .DEFAULT 2009-05-13 09:54:47.750
145820477 IT041357 NavLogon NavLogon.dll Startup .DEFAULT 2009-05-13 09:54:47.750
145820478 IT041357 nbtstat nbtstat.exe Startup .DEFAULT 2009-05-13 09:54:47.763
Is this a bug or normal operation? I'm hoping a bug as I'm getting nervous about how quickly it is growing! As it is I'm going to set up a maintenance task to remove any entries in the 'startup' location.
Thanks
Michael
Labels:
- Labels:
-
Archive
12 REPLIES 12
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-19-2009 12:38 AM
Oh and yeah, that reg key was definitely the problem. I set it to a blank folder on a number of machines and triggered a manual scan - the number of autorun entries dropped from thousands to less than 20.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-19-2009 12:36 AM
lol yeah figured that out :-).
Since doing this, my lansweeper server is behaving much better. Before having to process all that data cpu usage was typically 80-100%. Now it's a much more sensible 2-5%!
Thanks for your help.
Since doing this, my lansweeper server is behaving much better. Before having to process all that data cpu usage was typically 80-100%. Now it's a much more sensible 2-5%!
Thanks for your help.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-19-2009 12:11 AM
Could you confirm that the "HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" setting was indeed the problem.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-18-2009 12:26 AM
That's true, although if you know about the issue and the problems it can cause - you can now program around it so that the effect of the problem is mitigated. Even if you just drop the query if it returns too many results.
For now I want to disable collecting the Autorun information. Using a GPO to set the registry key is going to take some time to get approval to do etc (and even then probably isn't going to happen!). If I set the AUTORUN 'scan every X days' to 0 I guess I can stop it updating, but is there a way to prevent lansweeper from collecting the autorun information at all?
For now I want to disable collecting the Autorun information. Using a GPO to set the registry key is going to take some time to get approval to do etc (and even then probably isn't going to happen!). If I set the AUTORUN 'scan every X days' to 0 I guess I can stop it updating, but is there a way to prevent lansweeper from collecting the autorun information at all?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-18-2009 10:10 AM
sticky wrote:
If I set the AUTORUN 'scan every X days' to 0 I guess I can stop it updating, but is there a way to prevent lansweeper from collecting the autorun information at all?
Don't set it to 0 !!!!
because it will update every time.
Preventing to collect information will be in the next version.
For now you can set it to a really high number.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-15-2009 12:31 PM
Technically speaking WMI is reporting the correct information because this setting is not correct on the computers.
This might also problems in other software and slower boot times.
I suggest changing this on your pc's with a GPO or startup script.
This might also problems in other software and slower boot times.
I suggest changing this on your pc's with a GPO or startup script.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-15-2009 12:21 AM
Ok but I still have the issues that approx 2,000 machines are exhibiting this problem. So you're saying I have to do this on every one of them and then monitor for new machines that exhibit the same problem so that I can apply the 'fix' to them as well??
I'm sorry, but a client-based solution isn't really going to work for me here as it is unmanageable. I'd rather lansweeper have some logic in it that says if an unrealistic number of results are returned (e.g. 100), then it ignores the data. Or ignore any results that appear to be windows system32 files in the 'startup' location.
I'm sorry, but a client-based solution isn't really going to work for me here as it is unmanageable. I'd rather lansweeper have some logic in it that says if an unrealistic number of results are returned (e.g. 100), then it ignores the data. Or ignore any results that appear to be windows system32 files in the 'startup' location.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-14-2009 01:36 PM
You don't need to reinstall WMI:
"HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" has no value or points to a non-existent folder then the problem described above occurs. This folder can be pointed to a dummy folder that is empty to prevent this problem or you can set this value to:
"C:\Documents and Settings\Default User\Start Menu\Programs\Startup"
"HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" has no value or points to a non-existent folder then the problem described above occurs. This folder can be pointed to a dummy folder that is empty to prevent this problem or you can set this value to:
"C:\Documents and Settings\Default User\Start Menu\Programs\Startup"
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-14-2009 04:38 AM
Thanks but it looks like the resolution in that thread was to reinstall WMI... which isn't really an option for me on all my devices!
You mentioned there that you fixed the problem in runscanner. Are you intending to fix this in Lansweeper also? Or has the fix already been done and I just need to clear out my db? Although I'm guessing not, as I'm running the latest version and the table is still getting larger very quickly...
You mentioned there that you fixed the problem in runscanner. Are you intending to fix this in Lansweeper also? Or has the fix already been done and I just need to clear out my db? Although I'm guessing not, as I'm running the latest version and the table is still getting larger very quickly...
Archive
This board contains archived posts from the retired Lansweeper Forum and Insiders Community.
New to Lansweeper?
Try Lansweeper For Free
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now