lots of HDD activity after reboot, can't find source

[Brad]

I have an XPproSp2(nowSp3) w/all updates, that was locking up for no
apparent reason. It started with SP2, so I updated all critical updates
w/Sp3 and I still have the issues.
I've shut down all programs in 'msconfig' startup and services (non-msoft)
and I get a lot of HDD activity after rebooting, for about an hour or so (I
haven't really been able to time it).
When I go into 'task manager' the performance tab says cpu is using 30% +/-
3 or 4, but the processes tab doesn't reflect the cpu usage as to what's
causeing the activity. I also don't see any obscure items in the processes
tab.
Any suggestion on how I can find out what's causing the HDD acitivity and
what's running? I'm kind of thinking that's what is causing my lockups
but...
Brad

 

[R. McCarty]

On basically any reoccurring issue, you should first check both the
System and Application Event logs. You'll want to scan for errors
and warnings. Best to sort the log by date so you can look through
the most recent events.
Click Start, Run (Type) EventVwr.Msc [Enter]

For hard drive activity, I'd suggest you download a tool from MS
SysInternals called FileMon.
http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx
This tool shows disk activity in real time.

Also if you have either Google Desktop or Microsoft Search 4.0 the
system may be indexing the contents of your drive. Finally some
forms of Malware may be running processes/services in the background
without your knowledge. A good tutorial on Malware detection &
removal can be found on Malke's site:
http://elephantboycomputers.com/page2.html#Removing_Malware

 

[Thee Chicago Wolf]

I have an XPproSp2(nowSp3) w/all updates, that was locking up for no

apparent reason. It started with SP2, so I updated all critical updates
w/Sp3 and I still have the issues.
I've shut down all programs in 'msconfig' startup and services (non-msoft)
and I get a lot of HDD activity after rebooting, for about an hour or so (I
haven't really been able to time it).
When I go into 'task manager' the performance tab says cpu is using 30% +/-
3 or 4, but the processes tab doesn't reflect the cpu usage as to what's
causeing the activity. I also don't see any obscure items in the processes
tab.
Any suggestion on how I can find out what's causing the HDD acitivity and
what's running? I'm kind of thinking that's what is causing my lockups
but...
Brad

Grab Process Explorer and fire it up. You'll be able to see the
specific program that's taking up CPU cycles. From there, you'll be
able to determine what's going on.

- Thee Chicago Wolf

 

[Twayne]

On basically any reoccurring issue, you should first check both the

System and Application Event logs. You'll want to scan for errors
and warnings. Best to sort the log by date so you can look through
the most recent events.
Click Start, Run (Type) EventVwr.Msc [Enter]

For hard drive activity, I'd suggest you download a tool from MS
SysInternals called FileMon.
http://technet.microsoft.com/en-us/sysinternals/bb896642.aspx
This tool shows disk activity in real time.

Also if you have either Google Desktop or Microsoft Search 4.0 the
system may be indexing the contents of your drive. Finally some
forms of Malware may be running processes/services in the background
without your knowledge. A good tutorial on Malware detection &
removal can be found on Malke's site:
http://elephantboycomputers.com/page2.html#Removing_Malware

"Brad" <[email protected]> wrote in message

Right. Often the indexing service and possibly antivirus, especially
heuristics if they're enabled can cause that. Norton, McAfee,
Winpatrol, etc., things lke that can also do a lot of prep/setup work
when the machine first boots up.

Disconnect the modem cable or turn off the moden and see if the activity
is still there, just in case something is at work online that you're not
able to see easily.

Process EXplorer, as Thee mentioned, is a great program for tacking down
things like that too. It gives a good record of what services are/were
running. Very handy tool for things like this. Filemon is OK if you
take the time to learn to use the filters, but in general until then all
you get is a helluva lot of screens of data that arean't meaningful
right away. It's a good adjunct, though, esp for offline analysis..

HTH

Twayne