.NET Framework 4.0: Impact On Startup?

P

(PeteCresswell)

I finally got my boot time to network availability down to a
little under 1:30.

Then I installed a transcoder called HandBrake - which included
..NET Framework 4.0 and the time to network availability shot up
to a truly heinous 3+ minutes.

OK.... So I uninstalled HandBrake, leaving .Net 4.0 in place.

Oops.... boot time still bad... down to 2:45, but that's still
too long.

Looking at Add/Remove Programs, I see that I have 4 or 5 versions
of .NET:

- 2.0 SP2

- 3.0 SP2

- 3.5 SP1

- 4.0 Client Profile
- 4.0 Extended


So... 2 Questions:

- Is .NET 4 a likely offender?

- Would it make any sense to delete all except
the two 4.0 versions?
 
P

Paul

(PeteCresswell) said:
I finally got my boot time to network availability down to a
little under 1:30.

Then I installed a transcoder called HandBrake - which included
.NET Framework 4.0 and the time to network availability shot up
to a truly heinous 3+ minutes.

OK.... So I uninstalled HandBrake, leaving .Net 4.0 in place.

Oops.... boot time still bad... down to 2:45, but that's still
too long.

Looking at Add/Remove Programs, I see that I have 4 or 5 versions
of .NET:

- 2.0 SP2

- 3.0 SP2

- 3.5 SP1

- 4.0 Client Profile
- 4.0 Extended


So... 2 Questions:

- Is .NET 4 a likely offender?

- Would it make any sense to delete all except
the two 4.0 versions?

Did you have a copy of Bootvis at one time ? Or was that someone else ?

http://en.wikipedia.org/wiki/Bootvis

Bootvis can give a breakdown on startup times.

http://www.tweakhound.com/xp/bootvis/bootvis_before.gif

DotNET is in theory, a library for the usage of DotNET executables.
But with Microsoft, you can never be sure they haven't jammed something
else in there.

http://en.wikipedia.org/wiki/.NET_Framework

"The size is around 54 MB for .NET 3.0, 197 MB for .NET 3.5, and
250 MB for .NET 3.5 SP1."

"The .NET 3.5 SP1 full installation package includes the full runtime
installation packages for .NET 2.0 SP2 as well as .NET 3.0 SP2 for
multiple operating systems"

"The size issue is partially solved with .NET 4 installer (x86 + x64)
being 54 MB and not embedding full runtime installation packages
for previous versions."

And rather than being "versions", DotNET is in layers, and each new
version is a new layer for the cake. While you might consider removing
1.0 or 1.1 if you're no longer using it, you can leave 2.0+ where they are,
as they're a part of the layer cake. The 4.0 installer, if no other installs
had been done, might have installed a lighter weight set of layers.

http://upload.wikimedia.org/wikipedia/commons/thumb/d/d3/DotNet.svg/513px-DotNet.svg.png

Paul
 
P

(PeteCresswell)

Per Paul:
Did you have a copy of Bootvis at one time ? Or was that someone else ?

http://en.wikipedia.org/wiki/Bootvis

Bootvis can give a breakdown on startup times.

http://www.tweakhound.com/xp/bootvis/bootvis_before.gif

DotNET is in theory, a library for the usage of DotNET executables.
But with Microsoft, you can never be sure they haven't jammed something
else in there.

No, it wasn't me with Bootvis. But a couple years back I had
*something* that recorded how long each entity took during boot
time. Been trying to recollect, but no luck so far.

After removing the problem app and seeing no change, I backed out
..NET 4 and, sure enough, boot tome was reduced back to what it
was before that install - so, as you suggest, *something* is
going on there.

Thanks for the layer cake analogy; now I know not to mess with
earlier versions of .NET.
 
J

jim

On Wed, 18 Apr 2012 08:51:37 -0400, in
After removing the problem app and seeing no change, I backed out
.NET 4 and, sure enough, boot tome was reduced back to what it
was before that install - so, as you suggest, *something* is
going on there.


Are you running XP? I was under the impression that 3.5 SP1 was the
highest version that was compatible with XP and that .net 4 was Windows 7.

BTW, I backed out of 3.5 SP1 and gained overall system performance and
lost one rather clever app (Jing). From all appearances, 3.5 SP1 was
causing a "phantom" -- but real -- CPU usage, as reported by Task Manager.
Where the System Idle may have been 90+% but the CPU usage at the bottom
of the task manager screen would be reporting CPU usage of 25-30%. While
I was allowing for a probable asynchronous update of those two figures the
readings were reasonably consistent and removing 3.5 SP1 made that problem
disappear.

jim
 
V

VanguardLH

jim said:
Are you running XP? I was under the impression that 3.5 SP1 was the
highest version that was compatible with XP and that .net 4 was
Windows 7.

"How to determine which versions and service pack levels of the
Microsoft .NET Framework are installed"
http://msdn.microsoft.com/en-us/kb/kbarticle.aspx?id=318785

Basically, go look under the following key to see which versions you
currently have installed:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP

You can also tell by going to %WINDIR%\Microsoft.NET\Framework in
Windows Explorer.
 
P

(PeteCresswell)

Per jim:
Are you running XP? I was under the impression that 3.5 SP1 was the
highest version that was compatible with XP and that .net 4 was Windows 7.

BTW, I backed out of 3.5 SP1 and gained overall system performance and
lost one rather clever app (Jing). From all appearances, 3.5 SP1 was

Seem like I am not the only one with this problem under 4.0.

There's quite a lengthy thread on it at
http://social.msdn.microsoft.com/Forums/en/netfxsetup/thread/cb75c4dc-e0af-4b22-85b2-c2c1b08bfea1

Suggested solutions do not sound consistent - and the few I have
tried did not work for one reason or another... but it's pretty
clear that *something* is going on with 4.0 under XP Pro SP3.
 
H

Henry

(PeteCresswell) said:
Per jim:



Seem like I am not the only one with this problem under 4.0.

There's quite a lengthy thread on it at
http://social.msdn.microsoft.com/Forums/en/netfxsetup/thread/cb75c4dc-e0af-4b22-85b2-c2c1b08bfea1

Suggested solutions do not sound consistent - and the few I have
tried did not work for one reason or another... but it's pretty
clear that *something* is going on with 4.0 under XP Pro SP3.


I'm running WinXP Pro SP3 and Net 4.0 with no problems. It installed with no
problems.

Henry
 
P

Paul

Henry said:
I'm running WinXP Pro SP3 and Net 4.0 with no problems. It installed
with no problems.

Henry

So did you read the thread Pete quotes ?

The aggravating factors seem to be:

1) .NET 4.0 installs a service with NGEN in the name.
2) NGEN service is "recompiling" dotNET executables already on the computer.

Perhaps if the NGEN service was already disabled, you'd get no symptoms to speak of.

One participant in the thread claims eventually the modifying activity will stop.
Perhaps if you have no dotNET applications at all, there is very little for it to do.
If it's doing an actual scan, it takes time even to list your entire hard
drive.

The delay in networking could also have to do with some network driver
having some dotNET code in it, and there being some interference that
early in the boot process, between what NGEN wants to do, and what
the OS needs to do to get the hardware running.

*******

http://en.wikipedia.org/wiki/Native_Image_Generator

"The Native Image Generator, or simply NGEN is the Ahead-of-time compilation
service of the .NET Framework. It allows a .NET assembly to be pre-compiled
instead of letting the Common Language Runtime do a Just-in-time compilation
at runtime. In some cases the execution will be significantly faster with AOT
than with JIT."

"Once NGEN is run against an assembly, the resulting native image is placed
into the Native Image Cache"

"NGEN is intended to make the assembly execute faster by removing the JIT
compilation process at runtime, but this does not always improve performance
because some optimizations can be done only by a JIT compiler"

Looks like a wee bit of over-optimization then...

Paul
 
P

(PeteCresswell)

Per Paul:
The delay in networking could also have to do with....

In an effort to find out which entity is holding things up, I've
been trying to run BootVis, but it's abended at every attempt.

Has anybody got BootVis working with XP?
 
P

(PeteCresswell)

Per Paul:
The aggravating factors seem to be:

FWIW, I started over (for about the 15th time...) with a clean
image, but this time installed .NET 4.0 from a standalone
installer that I downloaded many moons ago - instead of the
installer that came with the problem app.

This time, BootVis ran without abending - although I had no clue
as to how to interpret it's charts. Certainly they bore little
resemblance to those pictured/described in TechRepublic's article
at http://tinyurl.com/d6tb3dv.

But I took the article's advice and invoked BootVis | TGrace |
Optimize System and re-booted a couple of times.

Time to NAS availability improved slightly: from 3:15 down to a
little under 2:50.

Now I guess I have to test the often-made assertion that NGEN
needs some time to get all caught up. I *think* I've tested
this without thinking about it multiple times... but now I'll
leave the box up and running for more than just a few hours.
 
P

(PeteCresswell)

Per (PeteCresswell):
although I had no clue
as to how to interpret it's charts.

One thing that jumped out at me: 4 separate instances of
something called "sf.bin".

Googling it leaves me with the impression that it's some sort of
discovery service that is used to find universal-plug-and-play
devices (whatever *they* are....)- but not much else.
 
V

VanguardLH

(PeteCresswell) said:
Per (PeteCresswell):

One thing that jumped out at me: 4 separate instances of
something called "sf.bin".

Googling it leaves me with the impression that it's some sort of
discovery service that is used to find universal-plug-and-play
devices (whatever *they* are....)- but not much else.

Does it mention WHERE are the sf.bin files? The only sf.bin that I have
on my host is somewhere under Avast's installation folder and its
Version properties says it's their Emulation Engine. I believe it is
part of Avast's Behavior Shield for its "Monitor the system for malware
-like behavior" option. It monitors for changes in the system which
have a fingerprint typical of malware. sf.bin, their emulation engine,
is also used with their File Shield's "Code Emulation" option. The
emulator helps their unpacking engine so the scanner can detect
scrambled or obfuscated malicious executable files that wouldn't be
detected without code emulation.

So, if you have Avast installed, see if disabling Avast's Behavior
Shield (or just the "Monitor the system for malware-like behavior"
option) gets rid of the load time for Windows. If that doesn't work, go
in Avast's File Shield to disable the "Code Emulation" option under the
Sensitivity settings group. Lastly, you could uninstall Avast to see if
the boot time comes down. Code emulation will slow the opening of all
programs, including those in your startup list. Here is Avast's
description of their code emulation option in their help file:

Use code emulation - if this box is checked and avast! detects some
suspicious code in a file, it will attempt to run the code in a
virtual environment to determine how it behaves. If potential
malicious behavior is detected, it will be reported as a virus.
Running the code in this virtual environment means that if the code is
malicious it will not be able to cause damage to your computer.

So the suspicious file has its code emulated to interrogate what actions
it attempts. This is NOT the same as their [auto-]sandbox feature. It
means they look at what the executable does before allowing those
actions to get committed but blocking them and killing the process if
Avast thinks the executable is acting maliciously.

If you have multiple active security programs that overlap on their
functionality, like two concurrently active anti-virus programs, then
you better exclude each security program in the other security programs.
That is, if you have Avast active at the same time that MalwareBytes is
active (the payware version with its real-time monitor active) then go
into each one and add the other one to an exclusion list. You can have
multiple security products installed as long as they don't conflict with
each other, snag on each other, or just one is active and the others are
passive (you configure them to NOT load on startup and only use them
manually as a backup malware scanner).

Sometimes security software does scanning upon startup that incurs a
significant impact on the host. That's why I stopped using Microsoft
Security Essentials as it sometimes but not always slowed down starting
up and logging into Windows. If you have any startup programs that go
opening files (scanning, reading, opening) then your anti-virus program
is going to also be scanning all those file opens. If, for example,
NGEN which is setup for Automatic startup (but unloads when it has
nothing to do) is recompiling files then those files are getting opened
and your anti-virus and other security software will be watching all
those file opens and writes.

If the sf.bin you are seeing during startup is not the one for Avast
then you'll need to tell use WHERE is the sf.bin file(s) on your host.
 
P

(PeteCresswell)

Per VanguardLH:
Does it mention WHERE are the sf.bin files? The only sf.bin that I have
on my host is somewhere under Avast's installation folder and its
Version properties says it's their Emulation Engine.

Bingo!...

Looking at AnVir's log, I see that each instance is started by
AvastSvc.exe - and the runtimes are only a second or two.

FWIW, the strategy of letting nGen do it's thing for a few
hours/couple of boots seems to correlate with a reduction in time
to network availability down to 1:30 on a cold start - which is
all I would hope for. The BIOS takes about :31 or :32 before
the Windows splash screen shows, so I conclude that Windows' boot
time to network availability is a little less than a minute....
probably closer to 30 seconds if we're just talking a usable
desktop without network.

I really *like* AnVir - for the entertainment value if nothing
else.... -)
 
B

BillW50

In VanguardLH wrote on Sat, 21 Apr 2012 20:42:47 -0500:
For $50 you should get some entertainment value. For free,
SysInternals' Process Explorer would show you the parent or caller
process that opened sf.bin (in PE, do a search on "sf.bin" to see that
avastsvc.exe has an open file handle on sf.bin).

AnVir Task Manager also has a tree view, but it is toggled off by
default. Select the Processes tab, and then View --> Process Tree. And I
used to use Process Explorer all of the time. Although there is no need,
since AnVir Task Manager does this too plus tons more anyway.
I have the NGEN service but never saw (or don't recollect seeing) the
long bootup time that you reported; however, it's possible it was
masked by something else, like I rebooted and left the host
unattended during which NGEN finished its recompiling.

My NGEN is disabled and I didn't do it. ;-)
 
K

Ken Blake, MVP

I really *like* AnVir - for the entertainment value if nothing
else.... -)


I've tried AnVir, and it looks very good. But as far as I'm concerned,
it's not worth anywhere near $50.

Ken Blake, Microsoft MVP
 
P

(PeteCresswell)

Per VanguardLH:
I have the NGEN service but never saw (or don't recollect seeing) the
long bootup time that you reported; however, it's possible it was masked
by something else, like I rebooted and left the host unattended during
which NGEN finished its recompiling.

It does not show up on my logs as "NGEN". Instead, I see
something called "mscorsvw.exe" - which is described as "...NGEN
worker process...".
 
B

BillW50

In Ken Blake, MVP wrote on Sun, 22 Apr 2012 07:13:19 -0700:
I've tried AnVir, and it looks very good. But as far as I'm concerned,
it's not worth anywhere near $50.

That's the Pro version. The free one has the same with a few things
missing, but most of it is still there. I paid less than 21 bucks for
the middle version with a competitive discount (Process Lasso counted).
And that is a user license, not a per computer license. And since I have
over a dozen computers here, that is like 2 bucks a computer.

Although speaking of pricing...

Microsoft Windows 7 Ultimate $289.99
Microsoft Office 2010 Professional $424.99

These prices were found at Newegg. And I don't see these two worth
$714.98 either. But what are you going to do? If you need them, you need
them. And that is per computer. And that would cost me like $8580 for a
dozen computers.
 
P

(PeteCresswell)

Per BillW50:
These prices were found at Newegg. And I don't see these two worth
$714.98 either. But what are you going to do? If you need them, you need
them. And that is per computer. And that would cost me like $8580 for a
dozen computers.

Long, long ago I used to purchase something "MSDN" every few
years. They'd send a stack of DVDs with just about everything
"Microsoft" on them and something like 11 licenses for Windows.

I'm *still* using the last one for my several PC's XP installs.

I don't it ever cost more than a thousand dollars.

It's probably morphed into something online/downloadable-only by
now, but maybe they still offer a similar deal license-wise.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top