Monitor program activity during late boot process
I am running MS XP SP2 on a Dell Workstation 690. I have 4 GB RAM and 2 Quad Processors.
I am interested in being able to view the activities going on during the last stages of the boot process that occurs after the Windows Screen and up and running and it appears that most programs (virus protect, etc) are already running.
What happens is that although the Windows screen w/ background, icons is already displayed and all the programs that load during the boot process have been loaded the computer continues in some activities that last about another 4 minutes and almost completely prevent any programs from being run. I would like to be able to view not only the processes that are using a % of CPU but also see what related programs or activities are related to these activities.
I hope this will help me understand what is adding on to an already long boot process and that I can decide if these activities and related programs are really something I want loaded during the boot process.
I am interested in being able to view the activities going on during the last stages of the boot process that occurs after the Windows Screen and up and running and it appears that most programs (virus protect, etc) are already running.
What happens is that although the Windows screen w/ background, icons is already displayed and all the programs that load during the boot process have been loaded the computer continues in some activities that last about another 4 minutes and almost completely prevent any programs from being run. I would like to be able to view not only the processes that are using a % of CPU but also see what related programs or activities are related to these activities.
I hope this will help me understand what is adding on to an already long boot process and that I can decide if these activities and related programs are really something I want loaded during the boot process.
Download HijackThis from TrendMicro, it will tell you exactly of what is loading in the background and that will tell you what can be disabled. The link to download it is here:
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis
Alternatively, you can download CCleaner (www.ccleaner.com) and use that to disable or enable startup items.
Yet another option is: Click on the 'Start Orb' then type in msconfig and press enter. Everything that you see in the startup tab is what is starting in the background.
If you see lots of programs there and need help figuring out which ones are not needed at startup, feel free to ask us.
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis
Alternatively, you can download CCleaner (www.ccleaner.com) and use that to disable or enable startup items.
Yet another option is: Click on the 'Start Orb' then type in msconfig and press enter. Everything that you see in the startup tab is what is starting in the background.
If you see lots of programs there and need help figuring out which ones are not needed at startup, feel free to ask us.
You'll find that Process Explorer version 11.31 is useful for seeing in detail the processes that are using a high % of your CPU >
http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/ProcessExplorer.mspx
also >>
http://ask-leo.com/how_do_i_find_out_what_program_is_using_all_my_cpu.html
Additionally you may find the content of this article helpful in checking the XP services in use, for example scroll to sub-heading "Windows XP Services Guide" >>
"Optimise XP":
http://home.comcast.net/~SupportCD/OptimizeXP.html
http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/ProcessExplorer.mspx
also >>
http://ask-leo.com/how_do_i_find_out_what_program_is_using_all_my_cpu.html
Additionally you may find the content of this article helpful in checking the XP services in use, for example scroll to sub-heading "Windows XP Services Guide" >>
"Optimise XP":
http://home.comcast.net/~SupportCD/OptimizeXP.html
ASKER
General
I have downloaded and used the tools suggested above in addition to several others. While they present a considerable amount of information, they really don't tell me exactly what I'm looking for. Process Explorer seems to be the most useful as I can see what order the programs are loaded in. Bootvis seems to work on only 3 of the 6 categories it monitors and that information doesn't provide the information I am looking for.
What I'm still interested in figuring out is what is going on after I sign into my account until the activity on my hard drive stops. File Monitor and Reg Monitor stream an incredible amount of information, but I can't really tell which program is doing what. It would be useful to see how long each program that is being loaded takes during that period of time. Something is going on for about 4 to 5 minutes and it would be useful to know specifically what that is so I could be some intelligent decisions to shorten the boot time.
JW
I have downloaded and used the tools suggested above in addition to several others. While they present a considerable amount of information, they really don't tell me exactly what I'm looking for. Process Explorer seems to be the most useful as I can see what order the programs are loaded in. Bootvis seems to work on only 3 of the 6 categories it monitors and that information doesn't provide the information I am looking for.
What I'm still interested in figuring out is what is going on after I sign into my account until the activity on my hard drive stops. File Monitor and Reg Monitor stream an incredible amount of information, but I can't really tell which program is doing what. It would be useful to see how long each program that is being loaded takes during that period of time. Something is going on for about 4 to 5 minutes and it would be useful to know specifically what that is so I could be some intelligent decisions to shorten the boot time.
JW
Possibly "Process Monitor" in the "Advanced" section can provide more useful information, but beyond that, you may like to see if others here have additional suggestions >
A Windows XP Diagnostic Guide:
http://home.comcast.net/~SupportCD/DiagnoseXP.html
A Windows XP Diagnostic Guide:
http://home.comcast.net/~SupportCD/DiagnoseXP.html
I'm sorry to hear that you did not find BootVis to your liking. I wish you the very best of luck in finding a solution to your issue.
How about disabling all the programs at startup except for windows and antivirus and then enabling them one-by-one to see which one takes the most amount of time to load? That might tell you which is the heaviest process or taking the most amount of time to initialise.
Not really what you were looking for but Dependency Walker is a free utility that scans any 32-bit or 64-bit Windows module (exe, dll, ocx, sys, etc.) and builds a hierarchical tree diagram of all dependent modules. It's also very useful for troubleshooting system errors related to loading and executing modules, and it's conceivable you can use one of it's features >>
Dependency Walker 2.2
http://www.dependencywalker.com/
Dependency Walker 2.2
http://www.dependencywalker.com/
ASKER
General:
Thanks for the recent input. Guess I'm still hoping a utility is out there that shows in a more simple form what is going on with the specific programs that are being loaded. Some display ideas would be:
1) Bar or spreadsheet like chart that actively shows each program with it's sales name in terms of CPU activity during the boot process
2) Report generated after boot is complete that shows the total processing time for each program based on sales name
By sales name I mean the name of the program as it is marketed.
Thanks again,
JW
Thanks for the recent input. Guess I'm still hoping a utility is out there that shows in a more simple form what is going on with the specific programs that are being loaded. Some display ideas would be:
1) Bar or spreadsheet like chart that actively shows each program with it's sales name in terms of CPU activity during the boot process
2) Report generated after boot is complete that shows the total processing time for each program based on sales name
By sales name I mean the name of the program as it is marketed.
Thanks again,
JW
ASKER
General:
More thoughts on above comment. What I am thinking of is that the diplay of each sales name is a summary of activity of all processes related to that product.
JW
More thoughts on above comment. What I am thinking of is that the diplay of each sales name is a summary of activity of all processes related to that product.
JW
I'm not sure what will happen if you install Karen Kenworthy's "snooper" program and launch it as a startup program.
"Keep track of the programs your computer runs, even when you're away. This Power Tool runs invisibly, and creates a log file (snoop.log) that records the starting and stopping of every program. The program can be used to detect tampering, or just to track the time spent using each program."
http://www.karenware.com/powertools/ptsnoop.asp
http://www.karenware.com/progs/ptsnoop-setup.exe
http://www.karenware.com/newsletters/1999/1999-12-06.asp#1
I's an older program dating back to 1999 and I've only used it for other types of "monitoring" ;-) purposes, but I reckon that if it is launched early enough it should be able to capture the activity you want to see.
You don't want it in your Start menu's "Startup" program as a shortcut, because that's too late. Perhaps as a startup program in:
[HKEY_LOCAL_MACHINE\SOFTWA
You would just have to create a new String (REG_SZ) value with an appropriate name and set the path to it. You're not spying, so naming it "Snooper" makes it readily identifiable to you. The default install path is:
"C:\Program Files\Snoop\PTSnoop.exe"
To my knowledge it doesn't have any available command line switches or need any parameters.
So, the following *.reg file should work to set the program as a startup.
(leave 2 blank lines at the end of your *.reg file or it may fail to "merge").
It will show as "PTSnoop" in Task Manager, so you can end it any time you need.
"C:\Program Files\Snoop\Snoop.log" holds the full log.
I'm going to check it out and see what results it gives me when run as a startup.
"Keep track of the programs your computer runs, even when you're away. This Power Tool runs invisibly, and creates a log file (snoop.log) that records the starting and stopping of every program. The program can be used to detect tampering, or just to track the time spent using each program."
http://www.karenware.com/powertools/ptsnoop.asp
http://www.karenware.com/progs/ptsnoop-setup.exe
http://www.karenware.com/newsletters/1999/1999-12-06.asp#1
I's an older program dating back to 1999 and I've only used it for other types of "monitoring" ;-) purposes, but I reckon that if it is launched early enough it should be able to capture the activity you want to see.
You don't want it in your Start menu's "Startup" program as a shortcut, because that's too late. Perhaps as a startup program in:
[HKEY_LOCAL_MACHINE\SOFTWA
You would just have to create a new String (REG_SZ) value with an appropriate name and set the path to it. You're not spying, so naming it "Snooper" makes it readily identifiable to you. The default install path is:
"C:\Program Files\Snoop\PTSnoop.exe"
To my knowledge it doesn't have any available command line switches or need any parameters.
So, the following *.reg file should work to set the program as a startup.
(leave 2 blank lines at the end of your *.reg file or it may fail to "merge").
It will show as "PTSnoop" in Task Manager, so you can end it any time you need.
"C:\Program Files\Snoop\Snoop.log" holds the full log.
I'm going to check it out and see what results it gives me when run as a startup.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Snooper"="\"C:\\Program Files\\Snoop\\PTSnoop.exe\""
Nope, not nearly enough detail. Either it doesn't capture enough programs launching or I didn't leave it long enough after my desktop appeared to finish loading. Results in Code Snippet. It did slow the post-login process (ie. System Tray icons, Desktop, etc) down noticeably, so it's surprising it didn't capture much.
30/06/2009 08:37:43 - Logging Started
30/06/2009 08:37:51 - Start: Snoop
30/06/2009 08:37:51 - Start: Default IME
30/06/2009 08:37:51 - Start: mapisnd
30/06/2009 08:37:51 - Start: Default IME
30/06/2009 08:37:51 - Start: CtHelper
30/06/2009 08:37:51 - Start: Default IME
30/06/2009 08:37:51 - Start: Power Meter
30/06/2009 08:37:51 - Start: Default IME
30/06/2009 08:37:51 - Start: MS_WebcheckMonitor
30/06/2009 08:37:51 - Start: M
30/06/2009 08:37:51 - Start: Default IME
30/06/2009 08:37 <--------- I killed PTSnoop.exe here.
How about the simple XP Boot Log tool
http://www.greatis.com/utilities/bootlogxp/
http://www.greatis.com/security/bootlog.htm
another simple tool may not be what you want but I'll offer it anyway
windows start-up inspector and windows start-up monitor
http://www.windowsstartup.com/startupinspector.php
http://www.windowsstartup.com/startupmonitor.php
http://www.greatis.com/utilities/bootlogxp/
http://www.greatis.com/security/bootlog.htm
another simple tool may not be what you want but I'll offer it anyway
windows start-up inspector and windows start-up monitor
http://www.windowsstartup.com/startupinspector.php
http://www.windowsstartup.com/startupmonitor.php
Hah! I used to recommend the free BLA.EXE (Bootlog Analyzer) for Windows 98 all the time, but had no idea that there was a version that does the same for XP. Going by the screenshot the GUI hasn't changed much from the older freeware version and it looks to me as though this company bought it off the original author. It was a great utility. Pity it's now part of a retail package - Pah!
Yes, good suggestion though. It would be a great little utility to have use of again.
Yes, good suggestion though. It would be a great little utility to have use of again.
;)
There is free versions around
There is free versions around
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
General Comment
Thanks for the additional input. I have been on vacation and missed all the new input. It sounds like the best solutions that are available have been proposed. I guess I will remain curious about what goes on during a boot up that takes so much time and continue to try and figure it out.
Again thanks for the hard work.
Jeff
Thanks for the additional input. I have been on vacation and missed all the new input. It sounds like the best solutions that are available have been proposed. I guess I will remain curious about what goes on during a boot up that takes so much time and continue to try and figure it out.
Again thanks for the hard work.
Jeff
ASKER
Why grade of B...Solution was not completely provided.
Although it is no longer available on the Microsoft site, you can get it from many places on the internet; http://majorgeeks.com/BootVis_d664.html for example.