Categories
Uncategorized

Troubleshooting Slow Logins with the Windows Performance Tool Kit

1.) First install the performance toolkit if not already, its a sub component of the Windows Assessment and Deployment Kit. https://docs.microsoft.com/en-us/windows-hardware/get-started/adk-install

2.)Then open windows performance Recorder and show extra options.

3.)For boot/login issues change the performance senerio to fullboot. Pick the number of iterations you want to record, this is the number of startups its going to record. The default is 3.

4.)Click start . Its going to ask you where you want to save the file, make sure its somewhere your user can access

5.)Click save. It will ask you if your want to reboot click Ok to continue

6.)Login again, let if finish what its doing, and repeat for as many iterations you picked . Each login will show it tracing whats going on

7.) Open the etl file where you save it with the performance analyzer app or just double clicking on it. To start you will see a window like

8.)Click Trace and Load Symbols(This may take time)

9.)Click Profiles and Apply

10.)Click browser catalog and pick FullBoot.Boot

11.)This will open a few Windows. Start with the Time line. Here you can drill into what happened in during the full boot. For logon times we are interested in the Winlogon-Phase and the ExplorerInit. If you look when you highlight a phase it highlights it everywhere. This way you can see the process started and running at that time. What we are looking for is large gaps between start time and stop time, and determine if whats its doing it needed and should take that long. 

12.)The deep Analysis will show you a graph of system processes during startup. In this case cylance is using alot of processing. If you right click in on a peak and zoom in, you can see sylance for 10 seconds or so during login was using over a full core. Over all if you look at the idle percentage there is only about 10% cpu left . You can unzoom by right clicking and click unzoom.

Categories
Uncategorized

Using procmon for troubleshooting virtual desktop

Saw this today on the vmware communites page, DEMDev wrote a short explanation on how to use psexec.exe and procmon.exe, to capture things by running procmon as the system user and logging in as another user.

The steps are

  *   Log on to the console with an admin account

  *   Copy PSExec.exe and ProcMon.exe to folder C:\X

  *   Run C:\X\PSExec.exe -accepteula -sd C:\X\ProcMon.exe -accepteula -quiet -backingfile C:\X\Log.PML

  *   Log off

  *   Log on “the normal way”, with your test user

  *   From an elevated prompt, run C:\X\PSExec.exe -accepteula -s C:\X\ProcMon.exe -accepteula -quiet -terminate

https://communities.vmware.com/message/2928133#2928133