Jump to content

Trace Windows 7 boot/shutdown/hibernate/standby/resume issues

MagicAndre1981

By MagicAndre1981
in Windows 7

 Share

Recommended Posts

Anomander

Anomander

Posted
Posted

Hi. I'm having some really annoying problems with WPT. Here it goes...

I've installed WPT last week and tried to optimize my boot using xbootmgr. So I've ran it, it completed succesfully the first step, I rebooted my laptop, and in the second step it freezed at the "Preparing system..." phase. I started Task Manager and I saw that the defragmenter (NtfsDfrg.exe) was active, which, from what I've read here, was normal. So I waited... for about 2 hours. Because it was taking so long, I finally stopped the xbootmgr process and decided to leave it for some another time. And then my problems started.

From that day, I'm constantly bombarded with "Very low disk space on drive C:" messages. The problem seems to be a HUGE file (more than 11 GB) from my "C:\Users\Username" directory. That file is a Windows Performance Analyzer file (I don't know its exact name, because now it's deleted). So I uninstalled WPT, hoping that my problems would go away. However, I still keep getting that message from time to time and that file still appears in my user folder, even if there is no xbootmgr of NtfsDfrg process active (I've checked). And the worst part is that, when I delete it, if I do a refresh it simply re-appears! I have to delete it multiple times until it disappears completely... to just reappear, usually after a reboot.

I'm really frustrated by this problem and any help would be appreciated.

Link to comment
Share on other sites

Anomander

Anomander

Posted
Posted

Yes, it was an .ETL file. And I'm quite sure that its name started with something like 'boot_BASE_...'.

I'm using a program similar to TreeSize (from TuneUp Utilities), but currently I have 11,4 GB free on C. But with that file on the disk, my free space drops to something like 100 MB. And the strange part is that I was able to see it increase in size: from 11,1 GB to 11,3 GB. So some process was clearly writing it. 2 more things:

1) Sometimes, when I tried to delete it I would get an "File in use" error. Unfortunately, I didn't see which program was using it (I know, really dumb from my part... but I was angry :D).

2) When I tried to open it, I got an xperf dialog, asking me if I would like to run it with lower privileges (I'm the computer administrator).

Link to comment
Share on other sites
MagicAndre1981

MagicAndre1981

Posted
  • Author
Posted

you can delete the ETL files.

Run 

xbootmgr -remove

to stop logging. Maybe it traces every boot doe to an error.

2) this is by design. MS wants to run it without admin rights (change in Version 4.8, the version 4.6 doesn't have this limitation).

Link to comment
Share on other sites
Anomander

Anomander

Posted
Posted

I just did that and a dialog with "Stopping trace" appeared briefly. Based on that, I have a strong impression that this has solved my problem. We'll see after the next boot... Anyway, thank you a lot, MagicAndre.

Link to comment
Share on other sites
2ukiwis

2ukiwis

Posted
Posted (edited)

I guess the logic for not looking further into these is that they are part of the OS so the "low hanging fruit" 3rd party drivers are the ones to jump on?

yes, first always look for 3rd party tools/drivers.

The mrxdav.sys belongs to the WebDAV Client, so stop this service for testing purpose.

Hi MagicAndre

Thanks for your help. I isolated my issue to the Intel Active Management driver IAMTVE.sys. It was not installed in Add Remove Programs so I deleted the .sys file then noticed a bang in device manager next to "Intel Active Management Technology - KVS" so I disabled that entirely. Voila, shutdown time is now only 8 seconds which is a nice reduction from 240 seconds. Woohoo, I'm a very happy camper.

Cheers

Edited by 2ukiwis
Link to comment
Share on other sites
MagicAndre1981

MagicAndre1981

Posted
  • Author
Posted

Thanks for your help. I isolated my issue to the Intel Active Management driver IAMTVE.sys .... "Intel Active Management Technology - KVS" so I disabled that entirely. Voila, shutdown time is now only 8 seconds which is a nice reduction from 240 seconds. Woohoo, I'm a very happy camper.

ok, nice to hear this :) So my guess was right.

Link to comment
Share on other sites
sandsrfr

sandsrfr

Posted
Posted (edited)

Hi MagicAndre,

Any chance you can take a look at this summaryboot.xml and give me some advice? Fresh install of Windows 7 64bit, with Office 2010, Adobe Acrobat, Symantec Endpoint Protection, Firefox and a all current updates (including SP1). Joined to a domain (remotely connected via VPN). I'm still getting a dragging 'welcome' screen on bootup, and not sure why. Other window's 7 machines in similar environment don't exhibit this.

Here is the summary_boot.xml fiel:

http://www.mediafire.com/?49blmgekd36otki

Here is the boot_BASE+CSWITCH+DRIVERS+POWER_1.etl file:

http://www.mediafire.com/?2sszi7bz9ixznlh

Thanks!!!

***I've run 'xbootmgr -trace boot -prepSystem -verboseReadyBoot' twice now and already 'disabled' startup programs via 'ccleaner' startup utility.

Edited by sandsrfr
Link to comment
Share on other sites
MagicAndre1981

MagicAndre1981

Posted
  • Author
Posted

Hi,

your Windows takes 75s to boot to the desktop and 89s to boot completely. PrepSystem worked, the ReadyBoot prefetcher is fine.

The WinlogonInit phase takes most time. I looked at the XMl and saw that the profile loading takes 32seconds. I looked at the ETL and sow that you're part of a domain. Do you use a roaming profile? How large is the profile? Try to elimiate this delay, this the part which slows down the boot most.

also the driver SRTSP takes 2.6s prePendTime. I thin the driver belongs to Symantec.

<pnpObject name="SRTSP" type="Driver" activity="Load" startTime="4499" endTime="7140" duration="2641" prePendTime="2641" />

Is version 10.3.3.4 the latest? Try to update the software.

André

Link to comment
Share on other sites
sandsrfr

sandsrfr

Posted
Posted

Thanks for the response.

Interestingly I'm getting 2.5minute boots now. The computer is part of a domain (remotely) but isn't using a 'roaming profile', just a local one.

The Symantec software is currently, and strangely I don't get these slow boots on similarly setup machines. I'm still seeing a 'hanging' welcome screen when logging in, whereas all other computers fly right thru the welcome to the desktop. Any other ideas?

Link to comment
Share on other sites
  • 1 month later...
MagicAndre1981

MagicAndre1981

Posted
  • Author
Posted

PreSMSS takes 19s, this is a bit too slow:

interval name="PreSMSS" startTime="0" endTime="19012" duration="19012">

if you look in the XML under the PNP node you can see that enumerating the connected drives to the IDE channels takes some time. Do you run the HDDs (WD5000ABYS-01TNA0, SAMSUNG HD501LJ) in AHCI or IDE mode?

The SMSSInit takes 18s:

<interval name="SMSSInit" startTime="19012" endTime="37052" duration="18039">

Here the Initialization of the Registry takes 6s.

interval name="WinlogonInit" startTime="37052" endTime="56186" duration="19134">

WinlogonInit takes 19s and here is the loading of the user profile slow with 4.5s.

Next, loading the NOD32 Service takes 20s and the loading of the SeaPort service takes 8.8. Update NOD32 from 4.0.474.0 to 4.2.71.2.

Next, the Explorer loading and the start of all applications at startup takes over 100s because the HDD is completely busy during that time and this slows down the boot a lot. I can also see that the ReadyBoot prefetcher generates a lot of misses during that time.

So, improve the boot speed by training the prefetcher which I wrote in this guide:

http://www.msfn.org/board/index.php?showtopic=140262

Link to comment
Share on other sites
visata

visata

Posted
Posted

Thanks for the feedback.

I use IDE mode. Should I change it to AHCI?

Can I improve Registry and User profile loading times? I'd like to learn more about how to analyse such reports. Could you please explain how did you figure out that? Is it based on etl or summary file?

You spotted misses of ReadyBoot prefetcher after looking at ReadyBoot I/O section of etl file? Does it mean it failed to load drivers, services into RAM and in later stages it had to use HDD instead of RAM and that's why HDD became bottleneck of my boot?

Will try to look at your guide and send you a new report when I apply it on my system.

PS is there an easy way to find out which hotfixes your system has? Search in "View update history" doesn't seem to work. I only managed to search through console like this:

wmic qfe get | grep KB2505454

Could you possibly post typical load values of each stage in your main post? For example PC with such specs 500gb HDD, CPU q6600... typical values of bootDoneViaPostBoot=100000, PreSMSS... possibly add some screenshots from Windows Performance analyser. People could compare with their own figures and find out whether it's slow or not.

PreSMSS takes 19s, this is a bit too slow:

interval name="PreSMSS" startTime="0" endTime="19012" duration="19012">

if you look in the XML under the PNP node you can see that enumerating the connected drives to the IDE channels takes some time. Do you run the HDDs (WD5000ABYS-01TNA0, SAMSUNG HD501LJ) in AHCI or IDE mode?

The SMSSInit takes 18s:

<interval name="SMSSInit" startTime="19012" endTime="37052" duration="18039">

Here the Initialization of the Registry takes 6s.

interval name="WinlogonInit" startTime="37052" endTime="56186" duration="19134">

WinlogonInit takes 19s and here is the loading of the user profile slow with 4.5s.

Next, loading the NOD32 Service takes 20s and the loading of the SeaPort service takes 8.8. Update NOD32 from 4.0.474.0 to 4.2.71.2.

Next, the Explorer loading and the start of all applications at startup takes over 100s because the HDD is completely busy during that time and this slows down the boot a lot. I can also see that the ReadyBoot prefetcher generates a lot of misses during that time.

So, improve the boot speed by training the prefetcher which I wrote in this guide:

http://www.msfn.org/board/index.php?showtopic=140262

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...