Jump to content

cluberti

Patron
  • Posts

    11,045
  • Joined

  • Last visited

  • Donations

    0.00 USD 
  • Country

    country-ZZ

Everything posted by cluberti

  1. It's always been possible with Azure VMs. You'd set up a vNet and then create VMs and configure it on those VMs as you would anywhere else. The tricky part is if you wanted to extend it on-prem, you'd need to configure ExpressRoute and some other things locally, but if everything will live in Azure, it's entirely possible.
  2. Same thing in the new trace - see my last post for options.
  3. I've edited my post above after digging deeper - I'd wager IRQ sharing is the root cause under load. Since you aren't likely to be able to move your chipset controller as it's soldered to the board, you might want to try moving your video card to different PCI-E slots to see if it can be moved to a different IRQ. If not, you might want to try a different card altogether if possible to make sure it's not caused by a failure of the video card itself (I've seen this behavior happen before for that reason, for what it's worth).
  4. If that's the case (those listed routines call HDAUDIO functions, which would call the audio driver), then you have to start looking at both your video card drivers and your Intel ICH/RAID drivers. Both also have a decent number of interrupts as you can see in the table above. I noticed that the Intel Chipset is listed on IRQL16, as is your video card. Not good.
  5. I'll try to take a look at this in-depth later, but it appears your audio driver is a very likely culprit, CMUDAXP.SYS:
  6. No, that call is doing exactly what you think it is. I think you're right given the data.
  7. I searched the DB and there's no record of that username, or email address, ever being registered.
  8. The question is, why is the system paging things to the paging file that would cause a slowdown with that much RAM? The paging file might hold old pages on the modified list or standby list, perhaps, but only if the system was busy or the app was minimized and idle for an extended period of time on Windows 7. Also, why would it be the cause of your performance issues? Those would be the issues to investigate/address, although with 16GB of RAM a 2GB paging file and a system set to kernel memory dump should be sufficient under normal usage scenarios. You probably need to determine if your HDD thrashing really is paging file usage - don't just assume.
  9. Most browsers keep a DNS cache separately from the OS cache, and while I don't have specific documentation for other browsers, Microsoft talks about IE and DNS here: http://support.microsoft.com/kb/263558
  10. Clearing the cache also clears the DNS cache - if it magically fixes things, it actually does give the tech a clue about what's wrong. I may be being overly optimistic in believing the tech knows this, but it is in fact true.
  11. Well, it's always your machine - do with it what you will. As long as you know you're doing something purely for OCD reasons and you know the risks - it's your machine! If you want to clean the registry, do it. Just know that it doesn't really do anything measurable , and there can be risks involved. At the end of the day, though, you have to do what you have to do, even if it just scratches an itch in your brain.
  12. Given registry access is done in memory and whole hives are not necessarily automatically loaded anymore, MagicAndre is correct - unless the registry hive is gigantic (1+GB, and even that doesn't take much on a newish system) and horrendously fragmented on disk ... and it's not an SSD), loading the portions needed into memory don't take very long at all during boot (perhaps a second or three). Also, given the hive as a whole is no longer loaded in it's entirety, "cleaning" it or compacting to clear white space is only going to give you back some MB on disk - it isn't likely to improve performance in a perceptible way at all unless the system is *really* old with a *really* slow 5400RPM or slower disk as the boot volume. In my experience, only then would "cleaning" the registry provide performance gains. Having duplicate entries in places could cause *application issues* if the app itself doesn't like such problems, but those are application stability issues, and it won't make Windows (or the apps running on it) go any faster in any perceptible manner. As MagicAndre said, this has been this way since XP in 2001, and even Windows 2000 did a better job of 9x loading hives into memory so it wasn't really an issue there either. This is one of those nuggets of "legacy knowledge" that keep getting trotted out as a help when, in fact, it's at the least fairly useless, and potentially dangerous to system stability (I've seen registry "cleaners" totally break boxes), with no real upside that would be gained by doing so.
  13. It appears there are potentially still some issues with the hoster's MySQL servers hosting the MSFN database, but xper is working on it. We apologize for what's happening, and are working on resolving things as quickly as possible.
  14. Note that, at least here in the US, having specific outlets for appliances like microwaves and air conditioners (that draw a lot of initial power when they start) on a separate circuit (or circuits, depending on the # of outlets and other appliances in and out of the house supplied by the panel) is part of the building code nowadays. Moving appliances like this onto their own circuit is always a good idea, and getting an electrician to do it usually isn't that big a deal either, unless your power panel is already heavily subscribed . From what you describe, it sounds like there was a line run from the power panel specifically for that outlet, but it wasn't placed on a separate circuit (hence the separation might be at the breaker, but not at the circuit).
  15. I can only answer your first question with Microsoft's official statement on WinPE: Therefore, using it as such does violate the license for use. Getting in trouble for violating the license terms is relative, so I can't comment on that. You have to make your own decisions on whether or not to follow the licensing terms.
  16. There's no way short of removing their admin privileges. You could restrict rights on machines via policy to disallow the ability to log in remotely or remove the ability to create tasks, but domain admins can simply add them back. An admin is an admin, and you either trust your admins or you don't. Also, given pass-the-hash attacks that are out there, I'm inclined to mention that what they are doing is very poor from a security stance too if they're actually logging in to any machine, anywhere, to start the sequence with a domain admin account. Domain admin accounts should only be used to runas tools that connect to machines remotely, and should (if possible) never be used to actually log in to any machines ever if possible until all NTLM/NTLMv2 has been disabled from the network (and only Kerberos is active for auth), or IPsec is in place (and no machines on the IPsec network are compromised.....).at a minimum. A more proactive security stance creates an audited security account that ISN'T an admin anywhere and uses only enough rights to do the job (if admin rights are actually needed, then they're given on that machine temporarily via some process, and then removed when completed). Given disabling NTLM/NTLMv2 can (and usually does) break lots of legacy things and everyday Windows tasks (like, say, printing), the defaults set by Microsoft on machines and in default group policy settings don't disable NTLM entirely for many reasons. The least of your problems, security-wise, is that they are creating unwanted scheduled tasks.
  17. A quick search will tell you: http://msdn.microsoft.com/en-us/library/ff794946(v=winembedded.60).aspx The "PE" in Windows PE/WinPE stands for "Preinstallation Environment", although with the advent of MS DaRT (Diagnostics and Recovery Toolset) back when Microsoft acquired Winternals, it can also be used as a rudimentary recovery environment (sometimes called Windows RE or WinRE - "RE" is Recovery Environment) that actually ships with Windows installation DVDs and gets installed when you install Windows Vista or higher. DaRT is a standalone toolset available to customers with a Premier contract and SA on their volume licensing for Windows that is a more fully-featured recovery environment built by Microsoft that runs on Windows PE.
  18. Make sure it's PS/2 - USB is a polling bus, and can be blocked from working in lots of scenarios. PS/2, being an interrupt bus, should always work as long as windows isn't totally hung.
  19. Given the UEFI components in Win8 (and thus PE) require x64 (they did for Win7 as well, and even Vista), getting an x86 PE image to boot a UEFI machine in native mode properly isn't going to work.
  20. On the road, but I'll take a look when I get back tomorrow evening.
  21. bphlpt is correct - if someone has copyrighted their product and/or code, then without their explicit permission you are not allowed to copy it (hence copy right). If they do not also give permission to redistribute their product and/or code to someone, acquiring the file from that person or entity also violates the copyright.
  22. Honestly, if it's just disk activity and we're talking about XP, procmon would be a good place to start looking at what's going on. XPerf might be helpful on XP, but it's severely limited compared to data capture on Vista and higher, so it's not the best place to start if you're still investigating (which given the responses from the OP, we don't know for sure if it's paging file activity or not).
×
×
  • Create New...