If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Watch Startup
There must be some app that will monitor exactly what is happening
during Win XP startup from boot to a stable windows desktop. What might it be? --- news://freenews.netfront.net/ - complaints: --- |
Ads |
#2
|
|||
|
|||
Watch Startup
On 07/19/2014 01:06 PM, OldGuy wrote:
There must be some app that will monitor exactly what is happening during Win XP startup from boot to a stable windows desktop. What might it be? How would that happen? You power up a machine and the BIOS has full control. Then the BIOS hands the control over to the OS. No application can do anything until the OS is loaded. Say what interest do you have in what is happening anyway? Monitoring processes and services will tell you (unless they exited early), but after the fact. -- Bill Gateway M465e ('06 era) - Ubuntu 12.04.1 Centrino Core Duo T2300 1.66GHz - 1GB - Thunderbird v24.6.0 |
#3
|
|||
|
|||
Watch Startup
Microsoft BootVis would watch your Windows XP's startup.
On 7/19/2014 11:06 AM PT, OldGuy typed: There must be some app that will monitor exactly what is happening during Win XP startup from boot to a stable windows desktop. What might it be? -- "Forbear, thou great good husband, little ant." --Richard Lovelace /\___/\ Ant(Dude) @ http://antfarm.ma.cx (Personal Web Site) / /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net | |o o| | \ _ / If crediting, then use Ant nickname and AQFL URL/link. ( ) If e-mailing, then axe ANT from its address if needed. Ant is currently not listening to any songs on this computer. |
#4
|
|||
|
|||
Watch Startup
OldGuy wrote:
There must be some app that will monitor exactly what is happening during Win XP startup from boot to a stable windows desktop. What might it be? Bootvis. It logs stuff from ETW for analysis and draws a pretty graph. The software was discontinued long ago. When I tested it on WinXP SP3, it worked perfectly for the purpose of drawing the graph. (Note - I do not use it for making changes to the system, merely for logging.) http://www.online-tech-tips.com/comp...-windows-boot/ The Wikipedia doesn't do the tool justice. http://en.wikipedia.org/wiki/Bootvis This is my download link from my bootmarks (if it still works). https://web.archive.org/web/20100601...otVis-Tool.exe This is a sample screenshot of a Bootvis post-analysis. You can see some process names from my system startup, in the bottom trace. http://i59.tinypic.com/121dhew.gif You can see a lull in activity on the C: drive at around 34 seconds or so, which is presumably the end of boot. The T=0 in the graph, is not the instant the BIOS started running - it would be the time when ETW was available in Windows, to collect trace events. So perhaps some point after the kernel is loaded or something. If you took my sluggish BIOS into account, my total boot time is over a minute. The trace only shows the heroic Windows portion. Paul |
#5
|
|||
|
|||
Watch Startup
I want to see what services and startups take the most time.
Probably most do not needed. I do NOT want to use the very slow and tiresome process of elimination on several PCs. Hoping that it can be simplified and information obtained each and every boot. BootVis maybe better than nothing. Not sure of the difference. I found: BootVis-Tool.exe 329K and in another place BootVis.msi 968K BootVis and More 4528.pdf 7 pages http://blogs.technet.com/b/sysintern...12/452885.aspx That site still there. Read and inform. You understand this stuff much better than others. --- news://freenews.netfront.net/ - complaints: --- |
#6
|
|||
|
|||
Watch Startup
BillW50 presented the following explanation :
On 07/19/2014 01:06 PM, OldGuy wrote: There must be some app that will monitor exactly what is happening during Win XP startup from boot to a stable windows desktop. What might it be? How would that happen? You power up a machine and the BIOS has full control. Then the BIOS hands the control over to the OS. No application can do anything until the OS is loaded. Say what interest do you have in what is happening anyway? Monitoring processes and services will tell you (unless they exited early), but after the fact. Why don't you want to know what is going on? If the processor is running then an application can run and log whatever is happening. It just needs to be started. The BIOS I am not interested in, it is when the BIOS starts anything after it. i.e. what Windows is doing. A time stamped log would tell me what I want to know. --- news://freenews.netfront.net/ - complaints: --- |
#7
|
|||
|
|||
Watch Startup
OldGuy wrote:
snip Not sure of the difference. I found: BootVis-Tool.exe 329K and in another place BootVis.msi 968K BootVis and More 4528.pdf 7 pages http://blogs.technet.com/b/sysintern...12/452885.aspx That site still there. Read and inform. You understand this stuff much better than others. You can start with archive.org and view all the capture dates. https://web.archive.org/web/*/http:/...otVis-Tool.exe I may have selected 2010, as the last date or so with an exe file available. Some of the captures from later dates, may be redirection links. So just work your way back in time, until archive.org offers you an exe to download. I've seen a trace with more detail in it than I got, but maybe that takes "symbols". And any time I've been suckered into getting the necessary symbol download, it turns out to be ******** and a waste of time. So for starters, just be happy with the startup software program names. Crawling inside the programs isn't needed on a first run. I was working on Windows 7 the other day, and tried using symcheck to get more symbol files, and in the end, the stuff didn't work anyway. I've probably download four or five gig of symbol files, for nothing. The only time I will be tempted to do this again, is if I'm forced to use windbg. Paul |
#8
|
|||
|
|||
Watch Startup
On 7/19/2014 12:58 PM PT, Paul typed:
Bootvis. It logs stuff from ETW for analysis and draws a pretty graph. The software was discontinued long ago. When I tested it on WinXP SP3, it worked perfectly for the purpose of drawing the graph. (Note - I do not use it for making changes to the system, merely for logging.) http://www.online-tech-tips.com/comp...-windows-boot/ The Wikipedia doesn't do the tool justice. http://en.wikipedia.org/wiki/Bootvis This is my download link from my bootmarks (if it still works). https://web.archive.org/web/20100601...otVis-Tool.exe http://download.microsoft.com/downlo...otVis-Tool.exe still works from it, but mine is v1.3.37. :/ -- "Caution is not cowardice; even the ants march armed." --Ugandan Proverb /\___/\ Ant(Dude) @ http://antfarm.ma.cx (Personal Web Site) / /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net | |o o| | \ _ / If crediting, then use Ant nickname and AQFL URL/link. ( ) If e-mailing, then axe ANT from its address if needed. A song (i/wa)s playing on this computer: OK Go - Writing's on the Wall |
#9
|
|||
|
|||
Watch Startup
In ,
Paul typed: OldGuy wrote: There must be some app that will monitor exactly what is happening during Win XP startup from boot to a stable windows desktop. What might it be? Bootvis. It logs stuff from ETW for analysis and draws a pretty graph. The software was discontinued long ago. When I tested it on WinXP SP3, it worked perfectly for the purpose of drawing the graph. (Note - I do not use it for making changes to the system, merely for logging.) What about when you boot Windows in safe mode for example, you see everything that is being loaded right on the screen? I seem to recall that Windows logs this somewhere for both safe mode and normal mode. -- Bill Gateway M465e ('06 era) - Kingston 120GB SSD - OE-QuoteFix v1.19.2 Centrino Core2 Duo T5600 1.83GHz - 4GB - Windows XP SP2 |
#10
|
|||
|
|||
Watch Startup
BillW50 wrote:
In , Paul typed: OldGuy wrote: There must be some app that will monitor exactly what is happening during Win XP startup from boot to a stable windows desktop. What might it be? Bootvis. It logs stuff from ETW for analysis and draws a pretty graph. The software was discontinued long ago. When I tested it on WinXP SP3, it worked perfectly for the purpose of drawing the graph. (Note - I do not use it for making changes to the system, merely for logging.) What about when you boot Windows in safe mode for example, you see everything that is being loaded right on the screen? I seem to recall that Windows logs this somewhere for both safe mode and normal mode. That log is the very definition of useless. I hate it. I don't know why it even gets mentioned on web pages. The "offender" is often the item one past the end of the log on a crash, which you cannot see, and since the order in the log makes no sense, you can't even guess which one it might be. What fun... C:\WINDOWS\ntbtlog.txt Did not load driver \SystemRoot\System32\DRIVERS\mrxsmb.sys Loaded driver \SystemRoot\System32\DRIVERS\srv.sys Did not load driver NVIDIA GeForce FX 5200 Did not load driver Microsoft WINMM WDM Audio Compatibility Driver Did not load driver Microsoft WINMM WDM Audio Compatibility Driver That's the kind of useful info that is in there. Both Win2K and WinXP have that file. There are no time stamps. The first line is likely identifying the OS version. Service Pack 3 3 9 2011 18:11:34.375 HTH, Paul |
#11
|
|||
|
|||
Watch Startup
In ,
Paul typed: BillW50 wrote: In , Paul typed: OldGuy wrote: There must be some app that will monitor exactly what is happening during Win XP startup from boot to a stable windows desktop. What might it be? Bootvis. It logs stuff from ETW for analysis and draws a pretty graph. The software was discontinued long ago. When I tested it on WinXP SP3, it worked perfectly for the purpose of drawing the graph. (Note - I do not use it for making changes to the system, merely for logging.) What about when you boot Windows in safe mode for example, you see everything that is being loaded right on the screen? I seem to recall that Windows logs this somewhere for both safe mode and normal mode. That log is the very definition of useless. I hate it. I don't know why it even gets mentioned on web pages. The "offender" is often the item one past the end of the log on a crash, which you cannot see, and since the order in the log makes no sense, you can't even guess which one it might be. What fun... C:\WINDOWS\ntbtlog.txt Did not load driver \SystemRoot\System32\DRIVERS\mrxsmb.sys Loaded driver \SystemRoot\System32\DRIVERS\srv.sys Did not load driver NVIDIA GeForce FX 5200 Did not load driver Microsoft WINMM WDM Audio Compatibility Driver Did not load driver Microsoft WINMM WDM Audio Compatibility Driver That's the kind of useful info that is in there. Both Win2K and WinXP have that file. There are no time stamps. The first line is likely identifying the OS version. Service Pack 3 3 9 2011 18:11:34.375 HTH, Paul Oh... okay... well that idea suddenly got shot to hell. Thanks Paul. -- Bill Gateway M465e ('06 era) - Kingston 120GB SSD - OE-QuoteFix v1.19.2 Centrino Core2 Duo T5600 1.83GHz - 4GB - Windows XP SP2 |
#12
|
|||
|
|||
Watch Startup
On 7/19/2014 3:06 PM, OldGuy wrote:
There must be some app that will monitor exactly what is happening during Win XP startup from boot to a stable windows desktop. What might it be? SysInternals Process Monitor can do boot logging. http://technet.microsoft.com/en-ca/s.../bb896645.aspx John |
#13
|
|||
|
|||
Watch Startup
In ,
John John MVP typed: On 7/19/2014 3:06 PM, OldGuy wrote: There must be some app that will monitor exactly what is happening during Win XP startup from boot to a stable windows desktop. What might it be? SysInternals Process Monitor can do boot logging. http://technet.microsoft.com/en-ca/s.../bb896645.aspx John It does? I had to quit using SysInternals Process Monitor years ago because some Electronic Arts Games saw SysInternals Process Monitor, as a tool for bypassing the copy protection. Thus the games would refuse to run until you got rid of SysInternals Process Monitor. -- Bill Gateway M465e ('06 era) - Kingston 120GB SSD - OE-QuoteFix v1.19.2 Centrino Core2 Duo T5600 1.83GHz - 4GB - Windows XP SP2 |
#14
|
|||
|
|||
Watch Startup
On 7/21/2014 9:45 AM, BillW50 wrote:
In , John John MVP typed: On 7/19/2014 3:06 PM, OldGuy wrote: There must be some app that will monitor exactly what is happening during Win XP startup from boot to a stable windows desktop. What might it be? SysInternals Process Monitor can do boot logging. http://technet.microsoft.com/en-ca/s.../bb896645.aspx John It does? I had to quit using SysInternals Process Monitor years ago because some Electronic Arts Games saw SysInternals Process Monitor, as a tool for bypassing the copy protection. Thus the games would refuse to run until you got rid of SysInternals Process Monitor. Yes, it does. It's an NT native application that can run just after the boot loader selects the operating system, much the same as chkdsk might be started before Windows starts to load. Instructions are shown here (at the bottom half of the page: http://www.symantec.com/business/sup...t&id=TECH92496 The tool cannot by itself allow any one to bypass copy protection but during real time monitoring it can monitor file and registry activity so your game vendors probably think that someone is trying to snoop out how the copy mechanism works. In any case, this is not a tool that you would run at all times for no specific reason, it can produce profuse amounts of information and real time monitoring always has a hit of some sort on performance. John |
#15
|
|||
|
|||
Watch Startup
In ,
John John MVP typed: On 7/21/2014 9:45 AM, BillW50 wrote: In , John John MVP typed: On 7/19/2014 3:06 PM, OldGuy wrote: There must be some app that will monitor exactly what is happening during Win XP startup from boot to a stable windows desktop. What might it be? SysInternals Process Monitor can do boot logging. http://technet.microsoft.com/en-ca/s.../bb896645.aspx John It does? I had to quit using SysInternals Process Monitor years ago because some Electronic Arts Games saw SysInternals Process Monitor, as a tool for bypassing the copy protection. Thus the games would refuse to run until you got rid of SysInternals Process Monitor. Yes, it does. It's an NT native application that can run just after the boot loader selects the operating system, much the same as chkdsk might be started before Windows starts to load. Instructions are shown here (at the bottom half of the page: http://www.symantec.com/business/sup...t&id=TECH92496 The tool cannot by itself allow any one to bypass copy protection but during real time monitoring it can monitor file and registry activity so your game vendors probably think that someone is trying to snoop out how the copy mechanism works. Yes that is how I saw it too. In any case, this is not a tool that you would run at all times for no specific reason, it can produce profuse amounts of information and real time monitoring always has a hit of some sort on performance. Wow! Way back when I used to have the Task Manager in the Startup folder (minimized). As it would display an icon in the tray and you could see how busy the CPU was. If things are slow and the CPU is pegged, that is why. Next see what is taking all of the CPU power. One problem is especially with Asus EeePC netbooks DPC (Deferred Procedure Call) will peg the CPU if any EMF are nearby. The Task Manager will show the CPU being pegged, but it won't show you that DPC is causing it. Ah but SysInternals Process Monitor will show that DPC is sucking the life out of the CPU. So I put that in the Startup instead. I ran it 100% of the time and I saw nothing noteworthy to SysInternals Process Monitor is using a lot of CPU power for anything. Maybe 5% or something, but that is acceptable to me. That is until some Electronic Arts games had a problem with it. Then I dropped it and moved on to AnVir Task Manager and Process Lasso. Not exactly the same or anything, but they do other stuff too. Neither one tells you about DPCs either, but high CPU usage and no process accounts for it is virtually a give away it is DPCs. -- Bill Gateway M465e ('06 era) - Kingston 120GB SSD - OE-QuoteFix v1.19.2 Centrino Core2 Duo T5600 1.83GHz - 4GB - Windows XP SP2 |
|
Thread Tools | |
Display Modes | |
|
|