If your Windows 7 systems need half an eternity to boot up, there’s clearly something odd going on. Dealing with slow boot problems is annoying and – let’s face it – is mostly guesswork. Guesswork that costs money and time. We have got you covered: Learn how to analyze the startup process, find the cause in no time, and get rid of bottlenecks once and for all!
Windows 7 is a fast beast, especially when it comes to its startup process which was optimized dramatically compared to Windows Vista. No wonder, as Microsoft has a dedicated team focusing strictly on startup performance. And it shows: On one- to two-year-old hardware, Windows 7 usually takes only 20 to 40 seconds to boot up. Even the performance-wise challenged netbooks rarely need more than a minute to be ready for work!
Certainly, boot times vary significantly from one computer to another. This is nothing new. But if Windows 7 clients need way longer – and we’re talking way over one or two minutes – then you’re looking at a resource hog. So what could be causing the problem?
- You just installed a new driver, which hasn’t been WHQL-certified and delays the boot up process. It could be a simple driver bug!
- You installed a piece of resource-intense software that initializes a process or a service during startup.
- You updated existing software or Windows 7 itself. Yes, it’s not unheard of that some updates cause a significant boot delay.
Maybe it’s a combination of all three causes. In any case, something is clearly taking up too much resources during startup time. To get to the bottom of the mystery, you need to follow a couple of step-by-step instructions to find and resolve the issue. Ready? Here’s how!
Find Out Exactly How Long Windows 7 Needs to Start Up
Let’s start off by finding out the exact time the Windows 7 client needs to start up. And guess what, no stopwatch is required! Windows 7’s very own Event Viewer does the trick. In the following four steps you learn to measure both the raw boot time and the real life boot time (and what both mean).
- Open up “Control Panel,” go to “System and Security” and head over to “Administrative Tools.” From here, launch “Event Viewer.”
- Expand “Applications and Services Logs,” “Microsoft,” “Windows,” “Diagnostics / Performance,” and finally “Operational.” Now look out for the Event ID 100:
This Event details how long your Windows 7 client takes for a full boot. This is what I call raw boot time.
The value represents the exact time necessary to go from the first startup phase (right before the animated Windows boot logo appear) to the final stages. This is when the desktop is visible, startup programs are being loaded, and network connectivity is up and running. Remember to take this value with a grain of salt — more in Step 4!
- As seen on the screenshot above, my test bed needed 103 seconds. That’s okay, but pretty bad compared to the original performance. The week after I installed and configured Windows 7, it needed about 46 seconds to start:
In my example, this is quite a loss in performance: From 46 to 103 seconds!
You can find the original boot up time if you sort the list by “Event ID” and look for the earlier couple of entries.
Note: I wouldn’t necessarily take the very first boot log for a comparison. In the first couple of days after installation, Windows 7 needs to adapt the SuperFetch feature to all programs and install updates during boot up.
- You have the “Raw boot time” value now. As I said, this value doesn’t necessarily represent the actual startup performance. Even though the desktop is visible and you have a working internet connection your PC may behave incredible sluggishly. For example, even launching a small footprint browser like Google Chrome can take up to 10 seconds in the first minute after boot. No surprise here; Windows is still busy initializing services and paging data in and out of RAM.To get the real life boot time, double-click on the latest Event ID 100 entry, go to “Details” and check the “MainPathBootTime” value:
Phew! Another 38 seconds until Windows 7 is done with all its “post-boot” workload and I am actually able to work with the PC.
It’s important to watch both the raw boot time and real life boot time to troubleshoot a slow startup!
Step-by-Step: Finding Boot Delays
If you’re plagued by a slow startup, there is probably more than one problem going on. And guess what: Windows 7 knows them all. The “Diagnostic Performance” category (mentioned above) keeps a record of all startup issues. Simply sort the list by “Task Category”…
…and go through all the events you see in the “Boot Performance” category. Look for “Warnings” and “Critical” errors. The following entry is a prime example:
This event clearly shows that MsMpEng.exe needs 26 seconds to start, which is 10 seconds longer than normal! If this event only crops up once, you don’t need to go to Red Alert. However, if you see the same warning more than once, then this is definitely a call to action.
Eliminating Boot Delays
Next up: Commonly found causes for boot delays! The following problems originate from a dozen computers of a client who asked me for troubleshooting advice. In each case, I’ll explain how I treated these issues.
Problem: WLIDSVC.EXE needs more time to start up.
Diagnosis/Solution: First of all, I evaluated if my client really needs the Windows Live ID Service, which is responsible for linking a local user account to the Windows Live ID for an automatic logon. As he really did not know what it is and never used it, I decided to completely uninstall the service:
Problem solved! That actually took three seconds off the startup process. It’s not much, but a penny saved is a penny earned. If his business depended on Windows Live, I would have used the repair option to reinstall the service or I would have looked for a newer version.
Problem: The Eventlog service suddenly needs more time to run.
Diagnosis/Solution: I did absolutely nothing. It’s important to pay attention to which service is slow; explicitly check the service or file you see (“File Name”). Make sure it’s not in any way crucial to your business. Google for it, if necessary! Also, “Total Time” and “Degradation Time” are in the milliseconds – nothing to worry about.
Problem: Prefetching took longer than usual.
Solution: Windows 7’s optimization features (Prefetch and SuperFetch) took longer than usual to optimize performance. This may be due to a newly installed program or a program that you start much more frequently. Both may cause Windows 7 to optimize its cache for faster application launch times.
In this particular case, I didn’t see a reason to react. I noticed this event coming up every one or two weeks; that’s normal behavior for Windows 7 as it’s adapting its caching routines mentioned above.
Problem: The Windows Audio service causes a delay during startup.
Diagnosis/Solution: This seemed like a bigger problem. Apparently, the Windows Audio service needs more time to get started. Hmm…a problem with the sound card, maybe? My first reaction proofed to be the answer. I checked the driver version of the build-in “Realtek HD Audio” sound chip and noticed that it was last updated in September 2008. I downloaded the latest drivers from Realtek and installed it; the error never came up again!
If you see these kinds of driver related issues in your event log, I suggest updating the related driver. This IT Expert Voice article helps: “Doing the Driver Dance: Updating and Maintaining PC Drivers.”
MsMpEng.exe causes a noticeable boot delay.
Diagnosis/Solution: Microsoft Security Essentials (MsMpEng.exe) added a significant amount of startup time to the boot process. Obviously, disabling it was out of the question; security comes first! Reinstalling MSE did not help things. In this case, I am basically powerless and need to wait for an update that might improve the performance of MSEs antivirus engine during startup.
Problem: NVIDIA Driver Helper Service causes a delay in startup time.
Diagnosis/Solution: The helper service that comes with all nVidia drivers doesn’t actually do much except maintain overclocked display settings. That ‘s something my client did not need. I immediately opened up “msconfig” and disabled the NVIDIA Driver Helper Service using the “Services” tab:
That took care of it.
Problem: Windows Live Messenger causes a boot delay.
Diagnosis/Solution: Although the client needed Live Messenger for external business communication, he did not necessarily want it to launch right after Windows 7’s startup. I opened up “msconfig” (see above), clicked on “Startup,” and removed the entry that belongs to “msnmsgr.exe.”
You get the drift: In each individual case I decided if the startup program or service was needed and tried to patch it. If it’s not needed, I uninstalled or disabled it. Keeping all the drivers up-do-date was also essential in reducing the Warning and Critical entries found in Event Viewer.
Step-by-Step: Finding CPU Hogs
In some cases, boot delays are not detected by Event Viewer, possibly because a specific process eats up CPU for a constant period of time. Finding this bottleneck is pretty easy using the Sysinternals Process Monitor utility. Here’s how it works:
- Download Process Monitor. Unzip the file and open
Procmon.exewith administrative privileges:
- Stop Process Monitor from logging all the current events by clicking on “File/Capture Events.” Now go to “Options,” where you will find the crucial entry: “Enable Boot Logging.” Enable it, click on “Generate profiling events” and click “OK.”
- Now reboot your PC. After the startup process is done, launch Process Monitor again and click on “Yes” once you see the following message:
- Save the boot log wherever you want (on your desktop, for example). Process Monitor now generates a huge list of basically each and every boot event.
591,892 events?! This is too much to bear, even for the geekiest of us. Instead, let’s focus on process that use a lot of CPU usage during boot time. To do that, click on “Tools” and go to “Process Activity Summary.”
You’ll get a list of all processes that keep your PC busy. Click on “CPU” and see for yourself which is the all-time CPU hog:
To get more information of its resource usage, double-click on the entry. In our example, CPU hog number one is – yet again – Microsoft’s Security Essentials. While it is relatively lightweight when Windows 7 is up and running, it can be quite a boot hog.
All the advice I gave above still stands: Go through the entire list and get rid of processes and programs that you don’t need. If you don’t know what is behind certain entries like this one…
…use your search engine to find and troubleshoot them.
- In this list you might come across a (unnecessary) process that you can’t find using any conventional means (for example, using msconfig). In that case, try out SysInternals very own Autoruns. Autoruns lists all processes and files that are used during boot up and lets you disable them individually – no exception!
That’s it! With all the given advice you should be able to handle each and every boot delay that crosses your way. Go back to the Event Viewer to check if and how much all these steps affected raw boot time and real life boot time — I bet there’s a huge difference! On my client’s PCs I was able to cut boot times in half (or even less). A nice side effect that you should also consider: Now that you’ve gotten problematic services and processes out of the way, overall Windows responsiveness and performance probably has gotten a lot of better as well.
Want more like this? Sign up for the weekly IT Expert Voice newsletter so you don’t miss a thing!