Mike M
May 26th 04, 12:42 AM
Restore points are RG*.CAB files. The presence of BKVXDLASTLOG.nn files
usually indicates that the state manager is possibly in the course of
analysing the various files in the _RESTORE\TEMP folder prior to either
"cabbing" them (FS*.CAB files in Archive) or discarding them. I suspect that
what has happened is that a big backlog of unchecked files has built up in
_RESTORE\TEMP.
Rather than using Win Me's sysmon, download and use a process viewer which
will tell you which processes are running and how much cpu time they are
using, both instantaneous and cumulative. Knowing such details will then help
is establishing the cause of the activity (probably from what you have said
stmgr.exe or winmgmt.exe).
Suitable viewers include the old but still functional WinTop (part of the
equally old Win95 Powertools available from
http://www.microsoft.com/windows95/downloads/contents/WUToys/W95KernelToy/Default.asp)
through TaskInfo 2003, unfortunately no longer free, (www.iarsn.com) to
SysInternals Process Explorer (www.sysinternals.com where you will also find
many other useful tools and utilities).
--
Mike Maltby MS-MVP
Steve Wertz .> wrote:
> About 3 times a week, my WinME machine has started some unusual
> disk activity that pegs the CPU at 100%, and according to System
> Monitor, seesm to simply be re-writing the disk - there's as much
> Reading as there is Writing activity.
>
> There's nothing running in the task manager. I thought it might
> be System Restore taking a snapshot, but there are no restore
> points in the GUI, but I do see what looks like restore points in
> the _RESTORE/Archive directory (files named BKVXDLASTLOG.nn).
>
> While this disk activity is going on, I do see some 10meg CAB
> files popping up in that same directory, then disappearing (with
> names like FSnn.CAB). I have 2gigs allocated for System Restore
> files.
>
> Is this normal activity? I never had this much read/write
> activity until a few days ago. And if this is indeed System
> Restore, why don't I have the option to restore them?
>
> The disk activity just stopped as I composed this message, and
> there are no CAB files left in that directory. I do have a
> CHANGE.LOG file, empty, timestamped just a few minutes ago.
>
> I'd like to use System REstore if need be, but it doesn't seem to
> be working, and I don't like it banging away at my hard disk this
> intensively.
>
> Any help appreciated.
>
> Oh - Here was my process list while this was happening:
>
> agent.exe c:\program files\agent20\agent.exe
> atiptaxx.exe c:\windows\system\atiptaxx.exe
> dumeter.exe c:\program files\du meter\dumeter.exe
> explorer.exe c:\windows\explorer.exe
> helpctr.exe c:\windows\pchealth\helpctr\binaries\helpctr.exe
> icsmgr.exe c:\windows\system\icsmgr.exe
> kernel32.dll c:\windows\system\kernel32.dll
> kernel32.dll c:\windows\system\kernel32.dll
> kernel32.dll c:\windows\system\kernel32.dll
> mprexe.exe c:\windows\system\mprexe.exe
> mstask.exe c:\windows\system\mstask.exe
> opera.exe c:\program files\opera7\opera.exe
> rnaapp.exe c:\windows\system\rnaapp.exe
> spool32.exe c:\windows\system\spool32.exe
> ssdpsrv.exe c:\windows\system\ssdpsrv.exe
> stmgr.exe c:\windows\system\restore\stmgr.exe
> systray.exe c:\windows\system\systray.exe
> taskmon.exe c:\windows\taskmon.exe
> tca.exe c:\program files\the cleaner\tca.exe
> winmgmt.exe c:\windows\system\wbem\winmgmt.exe
> wmiexe.exe c:\windows\system\wmiexe.exe
>
> -sw
usually indicates that the state manager is possibly in the course of
analysing the various files in the _RESTORE\TEMP folder prior to either
"cabbing" them (FS*.CAB files in Archive) or discarding them. I suspect that
what has happened is that a big backlog of unchecked files has built up in
_RESTORE\TEMP.
Rather than using Win Me's sysmon, download and use a process viewer which
will tell you which processes are running and how much cpu time they are
using, both instantaneous and cumulative. Knowing such details will then help
is establishing the cause of the activity (probably from what you have said
stmgr.exe or winmgmt.exe).
Suitable viewers include the old but still functional WinTop (part of the
equally old Win95 Powertools available from
http://www.microsoft.com/windows95/downloads/contents/WUToys/W95KernelToy/Default.asp)
through TaskInfo 2003, unfortunately no longer free, (www.iarsn.com) to
SysInternals Process Explorer (www.sysinternals.com where you will also find
many other useful tools and utilities).
--
Mike Maltby MS-MVP
Steve Wertz .> wrote:
> About 3 times a week, my WinME machine has started some unusual
> disk activity that pegs the CPU at 100%, and according to System
> Monitor, seesm to simply be re-writing the disk - there's as much
> Reading as there is Writing activity.
>
> There's nothing running in the task manager. I thought it might
> be System Restore taking a snapshot, but there are no restore
> points in the GUI, but I do see what looks like restore points in
> the _RESTORE/Archive directory (files named BKVXDLASTLOG.nn).
>
> While this disk activity is going on, I do see some 10meg CAB
> files popping up in that same directory, then disappearing (with
> names like FSnn.CAB). I have 2gigs allocated for System Restore
> files.
>
> Is this normal activity? I never had this much read/write
> activity until a few days ago. And if this is indeed System
> Restore, why don't I have the option to restore them?
>
> The disk activity just stopped as I composed this message, and
> there are no CAB files left in that directory. I do have a
> CHANGE.LOG file, empty, timestamped just a few minutes ago.
>
> I'd like to use System REstore if need be, but it doesn't seem to
> be working, and I don't like it banging away at my hard disk this
> intensively.
>
> Any help appreciated.
>
> Oh - Here was my process list while this was happening:
>
> agent.exe c:\program files\agent20\agent.exe
> atiptaxx.exe c:\windows\system\atiptaxx.exe
> dumeter.exe c:\program files\du meter\dumeter.exe
> explorer.exe c:\windows\explorer.exe
> helpctr.exe c:\windows\pchealth\helpctr\binaries\helpctr.exe
> icsmgr.exe c:\windows\system\icsmgr.exe
> kernel32.dll c:\windows\system\kernel32.dll
> kernel32.dll c:\windows\system\kernel32.dll
> kernel32.dll c:\windows\system\kernel32.dll
> mprexe.exe c:\windows\system\mprexe.exe
> mstask.exe c:\windows\system\mstask.exe
> opera.exe c:\program files\opera7\opera.exe
> rnaapp.exe c:\windows\system\rnaapp.exe
> spool32.exe c:\windows\system\spool32.exe
> ssdpsrv.exe c:\windows\system\ssdpsrv.exe
> stmgr.exe c:\windows\system\restore\stmgr.exe
> systray.exe c:\windows\system\systray.exe
> taskmon.exe c:\windows\taskmon.exe
> tca.exe c:\program files\the cleaner\tca.exe
> winmgmt.exe c:\windows\system\wbem\winmgmt.exe
> wmiexe.exe c:\windows\system\wmiexe.exe
>
> -sw