How to collect a good boot trace on Windows 10 or Windows Server 2016 using WPRUI.



Applies to:

Windows Server 2016

Windows 10

Windows Server 2012 R2

Windows 8.1

Windows Server 2012

Windows 8.0


Ok, so you went through my old pal Jeff Stokes post:

How to collect a good boot trace on Windows 7

https://blogs.technet.microsoft.com/jeff_stokes/2012/09/17/how-to-collect-a-good-boot-trace-on-windows-7/



So how do you go about doing that in Windows 10 or Windows Server 2016?


Step 1.  Install the Windows 10 SDK

https://developer.microsoft.com/en-US/windows/downloads/windows-10-sdk


Click on "Download the .EXE"

image

Select the radio button for “Install the Windows Software Development Kit”

Click on “Next”

image

Select the radio button “Yes”
Click on “Next”

image

Click on “Accept” to the EULA.

image

Select the check box for “Windows Performance Toolkit”

Click on “Install”

image

image

Click on “Close”


Step 2.  Start the “Windows Performance Recorder” GUI (WPRUI.exe)

WARNING:  Before proceeding, save any data.

Note:  You need to be a “Local Admin”

For example, if your end-users are Domain users, you will need to temporarily add the the Domain user account to the Local Admin security group.

Note 2:  Make sure that the domain user or local user is in the right OU (for User policies and login scripts).

Note 3:  Make sure that the machine account is in the right OU (for Computer policies and startup scripts) 


image


image

Click on the drop down “More options”

image

Expand “Resource Analysis”

Check the boxes for:

“CPU Usage”

“Disk I/O activity”

“File I/O activity”

“Networking I/O activity”

You might want to check on “File I/O activity” but I usually do it on a 2nd pass, because it seems ‘heavy’.

image

Under “Performance Scenario”
Select “Boot”

image

Under “Number of iterations” change from 3 to 1.

image

The end result should look like the screen shot above.

When ready to reproduce the issue, click on “Start”.


image

Note 4:  If you are using folder redirection or roaming profiles, change the “Results Path:" to the local disk drive such as c:\temp

Note 5:  If you have a separate physical disk such as D: or E: drive, put the “Results Path:" there.

Note 6:  In the “Type a detailed description of the problem”:

Type in information that is relevant, such as:

Example 1:

All applications installed

Example 2:

Antivirus (AV) was uninstalled

Example 3:

AV and DLP were uninstalled

Example 4:

AV, DLP, and Host Intrusion Detection System (HIPS) were uninstalled

image

Your last prompt before the machine is rebooted.

When you are ready, click on “OK”

WARNING:  Your system will reboot within 5 seconds.  Save any data.


TIP:  Once your system reboots, login as soon as possible



image

There will be a 2 minutes (240 seconds) count countdown once you login.

TIP:  If this screen doesn’t show up, make sure that you are logging in with an account that has Local Admin rights.


image

image


Click on “Open Folder”


image

Select the .etl file and the NGENPDB folder, zip it up, it will compress nicely.


I hope it helps,
Yong


Comments (0)

Skip to main content