|
What is wrong with the operating system? |
Post Reply 
|
Page 123 4> |
| Author | |
Logokiller 
Newbie 
Joined: 30 June 2009 Status: Offline Points: 26 |
 Post Options
 Thanks(0)
 Quote Reply
 Topic: What is wrong with the operating system?Posted: 30 June 2009 at 6:52am |
|
I have got a whole lot of action in Filemonitor! Why is that, what is wrong with the operating system?
The only thing I do is opening a textfile in Atlantis wordprocessor and immediately after that I close it.
Then I get 209 kB of text in Filemonitor of what the computer is doing inside.
MSI K8N Neo Platinum, Athlon 64, Windows XP Service Pack 2
generates 91,7 kB of text in Filemonitor after opening and closing a textfile.
P35 C2Q, Q9550, Windows XP Service Pack 3
generates 209 kB of text in Filemonitor after opening and closing a textfile.
Both computers are deeply cleaned, lot of services are stopped.
The only difference between the computers is Service Pack 2 and Service Pack 3.
|
|
 |
|
|
Meriadoc
Senior Member 
Joined: 22 August 2006 Status: Offline Points: 240 |
Post Options
Thanks(0)
Quote Reply
Posted: 30 June 2009 at 9:52am |
|
Hi Logokiller
 it would be hard to say not seeing the log, but even with your configuration I should imagine you are seeing actions from your network connection, explorer, svchost and other systems. Take a close look at the process and path with the action (Request) and result - you are able to right click on an entry for properties.
|
|
|
|
|
molotov
Moderator Group 
Joined: 04 October 2006 Status: Offline Points: 17506 |
Post Options
Thanks(0)
Quote Reply
Posted: 30 June 2009 at 10:29am |
|
Hi LogoKiller,
In addition to Meriadoc's guidance, I might also suggest having a look at Process Monitor - it can provide more details than Filemon. The type of software installed and running will have an impact on the amount of system activity at a given time. System activity need not be directly related to what someone is doing with the system at that precise moment. |
|
|
Daily affirmation:
net helpmsg 4006 |
|
|
|
|
Logokiller
Newbie
Joined: 30 June 2009 Status: Offline Points: 26 |
Post Options
Thanks(0)
Quote Reply
Posted: 30 June 2009 at 10:01pm |
|
I have used process monitor now on both computers and even more data has been generated. I only used the setting for the file monitoring. Both computers without any antivirus program, internet network programs were off.
Edited by Logokiller - 30 June 2009 at 10:10pm |
|
|
|
|
molotov
Moderator Group
Joined: 04 October 2006 Status: Offline Points: 17506 |
Post Options
Thanks(0)
Quote Reply
Posted: 01 July 2009 at 4:13am |
|
Excluding the renamed Procmon executable and altantis.exe, the number of events drops to ~5% of the original number in the capture, in the K8N log.
Filtering for "Path Contains rtf then Include" results in just 24 events. Somewhat similar with the q9550 log. I really can't say that there's anything atypical or unexpected about the logs... Programs start, they load DLLs, they read data files, etc... |
|
|
Daily affirmation:
net helpmsg 4006 |
|
|
|
|
Logokiller
Newbie
Joined: 30 June 2009 Status: Offline Points: 26 |
Post Options
Thanks(0)
Quote Reply
Posted: 01 July 2009 at 4:42am |
|
Thank you for taking a look.
But look at the following entry's, why should they be necessary:
This entry is there 17 times, but I never use wordpad.exe and it wasn't used during the test.
C:\Program Files\Windows NT\Bureau-accessoires\wordpad.exe
I wasn't using the program Better File Series during the test.
C:\Program Files\Better File Series\bfr.exe
I wasn't using the program Macro Express during the test. C:\Program Files\Macro Express3\MeProc.exe
I wasn't using the program Nero during the test. C:\Program Files\Nero\Nero 7\Core\nero.exe
I never get into 'my documents' because I only use drive D for those kind of things.
C:\Documents and Settings\Adrie\Mijn documenten\Mijn afbeeldingen
And it goes on like that.
Is it just the inefficient way the operating system works, or why is it really necessary?
Why does the newer quadcore have about 30% more data? Edited by Logokiller - 01 July 2009 at 4:51am |
|
|
|
|
molotov
Moderator Group
Joined: 04 October 2006 Status: Offline Points: 17506 |
Post Options
Thanks(0)
Quote Reply
Posted: 01 July 2009 at 10:19am |
|
Are the referenced folders in the PATH?
Configure symbols and check the stack of the events in question, to attempt to gather more information about what the cause may be. Also, try to use data from the other event classes to see if it may tell additional details about what is taking place, and why. Edited by molotov - 01 July 2009 at 10:20am |
|
|
Daily affirmation:
net helpmsg 4006 |
|
|
|
|
Logokiller
Newbie
Joined: 30 June 2009 Status: Offline Points: 26 |
Post Options
Thanks(0)
Quote Reply
Posted: 01 July 2009 at 11:19pm |
|
Yes all the files and folders in the PATH are always there except the last one 'mijn afbeeldingen'.
C:\Documents and Settings\Adrie\Mijn documenten\Mijn afbeeldingen
I don't know what to look for in the stack.
I copied the following to take a look at,
"Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS"
This line is there for about 25 times, why would that be? All in the same second. Remember I only opened and closed a textfile.
"Process Name","PID","Operation","Path","Result"
"Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","CreateFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryBasicInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","SetBasicInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","ReadFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","ReadFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","ReadFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","ReadFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","CloseFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","CreateFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryBasicInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryStandardInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryNameInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryDirectory","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryStandardInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryStandardInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","CloseFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryNameInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryNameInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryStandardInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CloseFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CloseFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryNameInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","BUFFER OVERFLOW" "Atlantis.exe","1776","QueryNameInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryDirectory","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","CreateFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryStandardInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","CloseFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryBasicInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","SetBasicInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","ReadFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryStandardInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryStandardInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CloseFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryBasicInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","SetBasicInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","ReadFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryStandardInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryStandardInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CloseFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryBasicInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","SetBasicInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","ReadFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryStandardInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryStandardInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CloseFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryBasicInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","SetBasicInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","ReadFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryStandardInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryStandardInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","CloseFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Atlantis.exe","1776","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","CreateFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","QueryStandardInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","CreateFileMapping","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "Explorer.EXE","1632","CloseFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "svchost.exe","904","QueryOpen","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "svchost.exe","904","CreateFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "svchost.exe","904","QueryFileInternalInformationFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" "svchost.exe","904","CloseFile","C:\Program Files\Atlantis Nova\Atlantis.exe","SUCCESS" |
|
|
|
|
Meriadoc
Senior Member
Joined: 22 August 2006 Status: Offline Points: 240 |
Post Options
Thanks(0)
Quote Reply
Posted: 02 July 2009 at 12:05am |
|
Explorer is querying the status of Atlantis as something is changing/updating eg notification icons can cause a lot of results, what you are seeing is probably normal for just opening Atlantis. Yes you would expect no output on an idle system but you just need to investigate it a little further.
Edited by Meriadoc - 02 July 2009 at 12:28am |
|
|
|
|
Logokiller
Newbie
Joined: 30 June 2009 Status: Offline Points: 26 |
Post Options
Thanks(0)
Quote Reply
Posted: 02 July 2009 at 1:34am |
It is a controlled situation I deliberately only open and close 1 textfile.
No output when a system is idle, how can that be achieved?
If it is possible.
|
|
|
|
|
Post Reply
|
Page 123 4> |
Tweet
|
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
Topic Options
Meriadoc wrote: