Hard drive grinding like a bugger with vista business

[steveblue]

HI,

I run a daul boot windows system, boot 1 is windows xp pro64, and I have no probs with the system

boot 2 is vista, got my copy of vista bussiness through the post, so to save time upgraded the beta vista copy to the new vista business, now when using this my harddrive is grinding like mad, it never stops, from when i boot vista to i trun it off. this doesnt happen in windows xp pro64 , and hard drives are working fine, checked them out to make sure, is this just a issue with the new os ????

i'm running:

AMD Athlon 64 X2 3800+

ASUS A8N-SLI Deluxe

1 gig of Cruical memory

Hiper Modular R 580w psu

LG 16x Super Multi DVD/CD Rewriter

Thermaltake Shark black pc case

PNY Verto GeForce FX:5200 128mb DDR graphic card

SB Audigy Platinum EX sound card

--- EDIT ---

done a bit of checking in the computer management system, its seems to be SearchIndexer.exe that is the main cause

--- EDIT 2 ---

I just switched this off, system alot faster, and thankfully quieter and more hard drive friendly

[WhiteNoiseMaker]

Can you tell me how you switched this off? the help files just says...

"Can I turn the Windows search index on or off?

No, the index can't be turned off or paused.

The Windows search index improves the efficiency of your searches by keeping track of file names and important file properties for most of the files stored on your computer. The index is what makes it possible for searches to take just a few seconds instead of several minutes. The index is always on because it is essential for fast searches.

When the index is running, it generally won't affect your computer's performance. When you make changes to files, however, the index quickly updates those changes, momentarily putting a small additional load on your computer's resources."

[steveblue]

I just went into:

Admin tools >> System Configuration >> Services >> found Windows search and stoped the service. I've got 4 harddrives, so it was a bit mad having them all indexed, system was on its knees, would take 3 -5 minute to boot, about 30 seconds for a program to launch, if i was using a browser, pages would take longer to download.

with this beening a new install, maybe its just a bit mad because its the first index, its doing

I mite, turn it back on, tomorrow and just leave it running all afternoon, see if it settles down after that.

anyway, with youing xp, i'm use to waiting minutes for a search....LOL

Edited January 28, 2007 by steveblue

[WhiteNoiseMaker]

I mite, turn it back on, tomorrow and just leave it running all afternoon, see if it settles down after that.

I left my PC on all night and today it appears to have calmed down a lot!

[cluberti]

Watch out for the first index build - it can take a very long time if you've got lots of data to index.

[Zxian]

Like cluberti mentioned... it's the indexing working on that first build of the data. Give it a little time and your computer will settle down. Then you'll be able to find everything in a jiffy!

[XPerties]

It's been about 2 days for me and my Raptors are still freakin out. How long till the indexer settles down? And other than not being able to find things fast turning it off does what? Slow searching down to provide performance and wear and tear on your hard drives? Seems it would be better to turn and leave it off.

[kooler]

yea i got two raptors in raid on vista and i disabled alot of stuff including the indexing of files due to the loud corn grinding that my raptors make,... and by disabling it i like vista alot better

[dsavant]

System Restore is causing the constant disk access. To disable the System Restore feature:

Click on the Start button.

Hover over the Computer option, right click on it and then click Properties.

On the left hand side, click Advanced Settings.

If asked to permit the action, click on Allow.

Click on the System Protection tab.

Uncheck any checkboxes listed for your hard drives.

Press OK.

[dsavant]

HI,

I run a daul boot windows system, boot 1 is windows xp pro64, and I have no probs with the system

boot 2 is vista, got my copy of vista bussiness through the post, so to save time upgraded the beta vista copy to the new vista business, now when using this my harddrive is grinding like mad, it never stops, from when i boot vista to i trun it off. this doesnt happen in windows xp pro64 , and hard drives are working fine, checked them out to make sure, is this just a issue with the new os ????

i'm running:

AMD Athlon 64 X2 3800+

ASUS A8N-SLI Deluxe

1 gig of Cruical memory

Hiper Modular R 580w psu

LG 16x Super Multi DVD/CD Rewriter

Thermaltake Shark black pc case

PNY Verto GeForce FX:5200 128mb DDR graphic card

SB Audigy Platinum EX sound card

--- EDIT ---

done a bit of checking in the computer management system, its seems to be SearchIndexer.exe that is the main cause

--- EDIT 2 ---

I just switched this off, system alot faster, and thankfully quieter and more hard drive friendly

System Restore is causing the constant disk access. To disable the System Restore feature:

Click on the Start button.

Hover over the Computer option, right click on it and then click Properties.

On the left hand side, click Advanced Settings.

If asked to permit the action, click on Allow.

Click on the System Protection tab.

Uncheck any checkboxes listed for your hard drives.

Press OK.

[MarkJohnson]

ok, I have this annoying problem also, but my dad has it worse than me. he has a P4 with HT and it is insanely slow. I have system restore already turned off. I went to admin tools and turned off windows search and it still runs anyway. it acts like it stops, then seems to start back up again after everything is loaded at startup. I even used services.msc from dos and it says it's already disabled. I also get this annoying popup saying one of my services has been turned off. When I click it on it brings up windows defender, but it doesn't even list the process to allow me to either let it run or disable it permantly.

anyone know of a sure fire way to disable the searchindexer.exe file?

TIA

-=Mark=-

[cluberti]

Disabling the indexing service terminates searchindexer.exe, but it may be better to download and run process monitor to see for sure if it's the search binary hitting your box, or something else entirely.

[MarkJohnson]

Thanks for the link. after installing it and running it I get a whole lot of these svchost.exe files running. It seems to be the same routine over and over.

38122 10:35:25.4708106 AM svchost.exe 716 RegCloseKey HKLM\System\CurrentControlSet\Enum\PCI\VEN_10DE&DEV_0373&SUBSYS_73201462&REV_A2\3&267a616a&0&88\Properties\{83da6326-97a6-4088-9453-a1923f573b29} SUCCESS

38123 10:35:25.4708215 AM svchost.exe 716 RegCloseKey HKLM\System\CurrentControlSet\Enum\PCI\VEN_10DE&DEV_0373&SUBSYS_73201462&REV_A2\3&267a616a&0&88 SUCCESS

38124 10:35:25.4708472 AM svchost.exe 716 RegCloseKey HKLM\System\CurrentControlSet\Enum\PCI\VEN_10DE&DEV_0373&SUBSYS_73201462&REV_A2\3&267a616a&0&88 SUCCESS

38125 10:35:25.4709028 AM svchost.exe 716 RegOpenKey HKLM\System\CurrentControlSet\Enum\PCI\VEN_10DE&DEV_0373&SUBSYS_73201462&REV_A2\3&267A616A&0&88 SUCCESS Desired Access: Read

38126 10:35:25.4709198 AM svchost.exe 716 RegQueryValue HKLM\System\CurrentControlSet\Enum\PCI\VEN_10DE&DEV_0373&SUBSYS_73201462&REV_A2\3&267a616a&0&88\ClassGUID SUCCESS Type: REG_SZ, Length: 78, Data: {4d36e972-e325-11ce-bfc1-08002be10318}

38127 10:35:25.4709352 AM svchost.exe 716 RegCloseKey HKLM\System\CurrentControlSet\Enum\PCI\VEN_10DE&DEV_0373&SUBSYS_73201462&REV_A2\3&267a616a&0&88 SUCCESS

38128 10:35:25.4709925 AM svchost.exe 716 RegOpenKey HKLM\System\CurrentControlSet\Enum\PCI\VEN_10DE&DEV_0373&SUBSYS_73201462&REV_A2\3&267A616A&0&90 SUCCESS Desired Access: Query Value

38129 10:35:25.4710092 AM svchost.exe 716 RegOpenKey HKLM\System\CurrentControlSet\Enum\PCI\VEN_10DE&DEV_0373&SUBSYS_73201462&REV_A2\3&267A616A&0&90 SUCCESS Desired Access: Query Value

38130 10:35:25.4710279 AM svchost.exe 716 RegOpenKey HKLM\System\CurrentControlSet\Enum\PCI\VEN_10DE&DEV_0373&SUBSYS_73201462&REV_A2\3&267a616a&0&90\Properties SUCCESS Desired Access: Query Value

38131 10:35:25.4710430 AM svchost.exe 716 RegOpenKey HKLM\System\CurrentControlSet\Enum\PCI\VEN_10DE&DEV_0373&SUBSYS_73201462&REV_A2\3&267a616a&0&90\Properties\{83da6326-97a6-4088-9453-a1923f573b29} SUCCESS Desired Access: Query Value

38132 10:35:25.4710576 AM svchost.exe 716 RegCloseKey HKLM\System\CurrentControlSet\Enum\PCI\VEN_10DE&DEV_0373&SUBSYS_73201462&REV_A2\3&267a616a&0&90\Properties SUCCESS

38133 10:35:25.4710701 AM svchost.exe 716 RegOpenKey HKLM\System\CurrentControlSet\Enum\PCI\VEN_10DE&DEV_0373&SUBSYS_73201462&REV_A2\3&267a616a&0&90\Properties\{83da6326-97a6-4088-9453-a1923f573b29}0000006 NAME NOT FOUND Desired Access: Query Value

Not sure what to make of it, but I didn't see any searchindexer.exe anywhere. there were about 300k entries after the drives quieted down, but this list kept growing to almost 2m enties after 15 minutes of typing this. I'll try running malware scanners and such and see what happens.

Thanks for the help.

-=Mark=-

[cluberti]

First, those registry keys point to a Nvidia device (that's who that PCI Vendor is and Device ID), so hard to say if that is normal or not (it may be). However, I would suggest using the process monitor filter to look at only disk traffic (not registry or process traffic) by clicking (to deselect) the "Show Registry Activity" and "Show Process and Thread Activity" buttons on the toolbar, so that only file system activity is displayed. You can also click Tools > File summary to show the summary of files accessed during the period of time process monitor has been analyzing.

Second, if an svchost.exe process is the heavy hitter for filesystem activity, and not the search indexer, then disabling the indexing service isn't going to help you (aren't you glad you checked? ). Knowing which svchost.exe is doing the scanning, as well as looking at the stack trace data for that (double-click one of the svchost.exe entries and click the "Stack" tab) should help a bit in narrowing it down, too.

[MarkJohnson]

I ran spybot 1.5 and it found a few things, then Defender and nothing there, then avast and nothing there. I rebooted and the grinding continues. I decide to boot into safe mode and see what happens and it found nothing more. Not sure what to make of the findings in procmon, but here is a portion of the File Summary list.

209.6227342	257,303	49,183	47,144	64,312	5,029	0	0	91,526	<Total>
0.1016414	11,766	1,966	1,966	1,957	0	0	0	5,877	C:\ProgramData\HP\Digital Imaging\hp officejet 7200 series\1189196448\Data\1189196448.ini
0.2703892	3,750	1,250	1,250	0	0	0	0	1,250	C:\Program Files\Alwil Software\Avast4\Aavm4h.dll
0.0557677	3,690	4	3	1	3,672	0	0	10	C:\Windows\System32\PerfStringBackup.TMP
4.8716467	2,444	4	4	2,424	0	0	0	12	C:\Program Files (x86)\Sierra Entertainment\World in Conflict - DEMO\wicloc12.sdf
0.0286251	2,172	80	80	42	0	0	0	1,970	C:
3.243266	2,129	7	7	2,096	0	0	0	19	C:\Program Files (x86)\Sierra Entertainment\World in Conflict - DEMO\wic3.sdf
11.6176883	2,069	6	6	2,043	0	0	0	14	C:\Program Files (x86)\Sierra Entertainment\World in Conflict - DEMO\wic1.sdf
0.0666094	1,930	281	281	747	0	36	0	585	C:\Windows\SysWOW64\Macromed\Flash\FlashUtil9d.exe
0.0170585	1,544	550	482	0	0	0	0	512	C:\Windows
0.0203755	1,226	553	553	0	0	0	0	120	C:\
0.0775449	1,126	294	294	5	0	0	0	533	C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE
0.0630606	1,119	293	293	3	0	0	0	530	C:\Program Files (x86)\Microsoft Office\OFFICE11\MSPUB.EXE
0.010871	994	332	332	0	0	0	0	330	C:\Windows\SysWOW64
0.0513596	960	257	257	5	0	0	0	441	C:\Windows\SysWOW64\notepad.exe
0.8705046	889	2	2	879	0	0	0	6	C:\Program Files (x86)\Sony\EverQuest II\paks\exp03_rgn_butcherblock.vpk
1.0004148	864	2	2	854	0	0	0	6	C:\Program Files (x86)\Sony\EverQuest II\paks\exp03_rgn_greater_faydark1.vpk
0.6713266	738	6	6	708	0	0	0	18	C:\Program Files (x86)\Sony\EverQuest II\paks\exp02_dun_lair_of_scale.vpk
0.3925985	710	4	4	696	0	0	0	6	C:\Windows\System32\config\RegBack\SOFTWARE
0.3661108	705	1	1	700	0	0	0	3	C:\Program Files (x86)\Sony\EverQuest II\paks\exp02_dun_shrines_of_sky.vpk
0.0076408	663	219	219	1	0	0	0	224	C:\Program Files (x86)\Microsoft Office\OFFICE11
0.8496197	660	2	2	650	0	0	0	6	C:\Program Files (x86)\Sony\EverQuest II\paks\exp03_rgn_greater_faydark.vpk
0.8619048	597	6	6	571	0	0	0	14	C:\Program Files (x86)\Sony\EverQuest II\paks\Char_exp03_global_01.vpk
0.004912	594	102	102	96	0	0	0	294	C:\Program Files\Alwil Software\Avast4\Setup\setup.ini
0.0056096	580	192	186	0	0	0	0	202	C:\Users
0.0060562	578	191	182	0	0	0	0	205	C:\Users\Mark
0.0695316	573	144	144	9	0	0	0	276	C:\Windows\SysWOW64\crypt32.dll
0.2540003	540	1	1	535	0	0	0	3	C:\Program Files (x86)\Sony\EverQuest II\paks\exp03_rgn_lesser_faydark.vpk
0.9515985	511	53	53	316	0	0	0	89	C:\Windows\System32\shell32.dll
0.2921804	506	2	2	496	0	0	0	6	C:\Program Files (x86)\Sony\EverQuest II\paks\exp03_rgn_steamfont.vpk
0.8963453	475	45	45	297	0	0	0	88	C:\Windows\SysWOW64\ieframe.dll
0.2025861	474	1	1	469	0	0	0	3	C:\Program Files (x86)\Sony\EverQuest II\paks\exp03_rgn_loping_plains.vpk
0.0195624	466	134	134	1	0	0	0	197	C:\Windows\SysWOW64\imm32.dll
1.1604908	452	10	10	414	0	0	0	18	C:\Program Files (x86)\Sony\EverQuest II\EverQuest2.exe
0.9546573	452	156	96	3	84	0	0	113	C:\Windows\WindowsUpdate.log
0.004342	445	147	142	0	0	0	0	156	C:\Users\Mark\AppData
0.7591615	442	17	17	265	0	0	0	143	C:\Windows\winsxs\Manifests
0.0088405	434	213	213	0	0	0	0	8	C:\Program Files (x86)\Microsoft Office
0.2691403	430	1	1	425	0	0	0	3	C:\Program Files (x86)\Sony\EverQuest II\paks\exp02_rgn_realm_of_night.vpk
0.4860162	423	12	12	375	0	0	0	24	C:\Windows\System32\WDI\LogFiles\BootCKCL.etl
0.8432833	417	7	7	370	0	0	0	33	C:\Windows\Logs\CBS\CBS.log
0.0045147	404	130	124	0	0	0	0	150	C:\Users\Mark\AppData\Local
0.0052606	404	84	83	0	0	2	0	235	C:\Users\Mark\AppData\Local\Temp\Low

I took out the HP file that was in my startup folder thinking it was causing an issue, but it still does the same thing without it running as with it running.

I also tried to examine each items stack, and found it very confusing as they all look the same to me. Here is a random list in one of them.

0 ntoskrnl.exe ntoskrnl.exe + 0xd158 0x1c0d158 C:\Windows\system32\ntoskrnl.exe

1 PROCMON11.SYS PROCMON11.SYS + 0x14be 0x38dc4be C:\Windows\system32\Drivers\PROCMON11.SYS

2 PROCMON11.SYS PROCMON11.SYS + 0x18ec 0x38dc8ec C:\Windows\system32\Drivers\PROCMON11.SYS

3 PROCMON11.SYS PROCMON11.SYS + 0x3c60 0x38dec60 C:\Windows\system32\Drivers\PROCMON11.SYS

4 fltmgr.sys fltmgr.sys + 0x3699 0x74c699 C:\Windows\system32\drivers\fltmgr.sys

5 fltmgr.sys fltmgr.sys + 0x28dc 0x74b8dc C:\Windows\system32\drivers\fltmgr.sys

6 fltmgr.sys fltmgr.sys + 0x1d277 0x766277 C:\Windows\system32\drivers\fltmgr.sys

7 ntoskrnl.exe ntoskrnl.exe + 0x292343 0x1e92343 C:\Windows\system32\ntoskrnl.exe

8 ntoskrnl.exe ntoskrnl.exe + 0x290497 0x1e90497 C:\Windows\system32\ntoskrnl.exe

9 ntoskrnl.exe ntoskrnl.exe + 0x29d0f1 0x1e9d0f1 C:\Windows\system32\ntoskrnl.exe

10 ntoskrnl.exe ntoskrnl.exe + 0x2bdcb1 0x1ebdcb1 C:\Windows\system32\ntoskrnl.exe

11 ntoskrnl.exe ntoskrnl.exe + 0x262b2a 0x1e62b2a C:\Windows\system32\ntoskrnl.exe

12 fltmgr.sys fltmgr.sys + 0x2a988 0x773988 C:\Windows\system32\drivers\fltmgr.sys

13 fileinfo.sys fileinfo.sys + 0xaf2d 0x73ff2d C:\Windows\system32\drivers\fileinfo.sys

14 ntoskrnl.exe ntoskrnl.exe + 0x3308e7 0x1f308e7 C:\Windows\system32\ntoskrnl.exe

15 ntoskrnl.exe ntoskrnl.exe + 0x3d6d47 0x1fd6d47 C:\Windows\system32\ntoskrnl.exe

16 ntoskrnl.exe ntoskrnl.exe + 0x3dcdc6 0x1fdcdc6 C:\Windows\system32\ntoskrnl.exe

17 ntoskrnl.exe ntoskrnl.exe + 0x3df0a9 0x1fdf0a9 C:\Windows\system32\ntoskrnl.exe

18 ntoskrnl.exe ntoskrnl.exe + 0x3df362 0x1fdf362 C:\Windows\system32\ntoskrnl.exe

19 ntoskrnl.exe ntoskrnl.exe + 0x3e1986 0x1fe1986 C:\Windows\system32\ntoskrnl.exe

20 ntoskrnl.exe ntoskrnl.exe + 0x3f21b2 0x1ff21b2 C:\Windows\system32\ntoskrnl.exe

21 ntoskrnl.exe ntoskrnl.exe + 0x4d673 0x1c4d673 C:\Windows\system32\ntoskrnl.exe

22 ntdll.dll ntdll.dll + 0x5194a 0x7756194a C:\Windows\System32\ntdll.dll

Here is the line I got the stack list from:

886068 1:01:16.1186433 PM svchost.exe 924 CreateFile C:\Windows\winsxs\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_5.82.6000.16386_en-us_9dec13ee642d46de\comctl32.dll.mui SUCCESS Desired Access: Read Data/List Directory, Read Attributes, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, Impersonating: NT AUTHORITY\SYSTEM, OpenResult: Opened

One thing they seem to have in common is that most all of these are from SVCHOST.EXE. Most all of this info is greek to me so I am having a hard time deciphering any of this.

Thanks again for all your help

-=Mark=-