Coffeehouse Thread

21 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

Give me your best Windows diagnostics tips!

Back to Forum: Coffeehouse
  • User profile image

    The scenario:
    You're a happy windows user that run Windows 2000 or XP. Got a few applications installed from major vendors like Micrsoft, Adobe, Macromedia and Symantec. Not too many freeware quick hacks. The basic setup. And so one day out of the blue, it happens. You're working as usual and the computer freezes up. So you do the monkey manouver and bring up the Task Manager.

    There you find 99% idle time, no hung apps. No unusual memory usage. Not too much kernel time. No disk activity.

    So you kill explorer.exe and restarts it. And maybe that does the trick. Or you have to reboot. And the computer runs again. And suddenly, the problem is back.

    At this point, the regular user reinstalls windows.
    I think most of us have experienced this at some point or another. But how can it really be solved?
    How do you really find out WHAT is wrong, and WHY the computer just hangs there idle? How do you find out what explorer.exe (or other application) is waiting for?

    Maybe the smart thing is to reinstall. But I hate to lose. I know about regmon, filemon and the performance monitor. But how do I look "under the hood" of a production system and find out what component, driver, < insert here > that causes the problem when it doesn't result in any load? When it just goes into wait without generating any special activity?

    I know this may not be the best forum to ask this question. But I've asked alot of my developer buddies and they all go I don't know.

    So how would YOU go about trying to diagnose such a system? What are your best tips?


  • User profile image

    Next time it happens, do this:

    Start Menu > Run > 'CMD' (no ' ' ) > Type:

    CD \
    tasklist >> Tasks.txt
    tasklist /svc >> Tasks.txt

    Then open the file called Tasks.txt (when you have sorted the system out..) and paste it into this forum. Smiley

  • User profile image

    I had this exact same problem a few months ago. Out of no where my computer would just freeze or even die completley without warning. I tried to reinstall the OS (XP Pro) thinking that was the problem, although 3/4 through the install the install hung as well. This really freaked me out because I had just replaced my HD last summer and now I though I was going to have to replace it again.

    Well I opened up the case to check on the HD hookup and I happened to notice that the CPU cooling fins and fan were completely clogged with dust. The fan would not turn and the CPU was just overheating. one blast from my air can and I was back in business.

    I think you need to look at all the variables when troubleshooting issues like this because it could be something involving your HW...

    Just something to think about,

    ~ Knute

  • User profile image

    Event Log, Administrative Tools > Services (Disable all unnecessary services). If you're running a server version of Windows, remove your server roles and then re-add them, check things like WMI for corruption, clear temp directories and Temporary Internet Files.

    Also, check your hardware. Is your RAM seated properly? Is your CPU overheating? (AMD only). Change your nVidia and chipset drivers (usual causes of STOP errors), scandisk & defrag with DiskKeeper or OODefrag, and make sure you're not running something like ABC/BitTorrent, which is known to stress system components and cause BSODs and reboots.

    Another often-overlooked issue are your NIC drivers; most people don't think that installing appropriate drivers for your network adapters is a necessary part of system maintenance, but if you're doing ANYTHING which uses your LAN or WAN, upgrading your network card drivers to the latest version is a worthwhile task.

    Last but not least, run AV and Lavasoft Ad-Aware and see if anything comes up. If you're still left having issues, change your (most likely under-powered) PSU, and then finally reinstall.

  • User profile image

    For me I start with the basics.

    Event Log-Virus Scan- Spyware Scan- Quick trip to Windows Update- Check for updated drivers (VIDEO/MOBO)-Bios Settings- Scandisk full- then also if it is freezing then I usually check out these helpful pages.

    Then if it was running good at one time- Check for System Restore points-

    And for those Really Nasty Hangups...before reformat and reinstall

    Put your Xp CD into the tray...cancell out of the installer-

    goto the run command type - SFC /Scannow (replace when prompted)

    also check the MSconfig for anything starting up that should not be.

    Not to meniton also if it is a hangup - try a different theme- Like classic to see if it is a system hangup or not.

    Windows Install issues-
    Cut back to just the basics-
    Video card and cdrom- also try downloading the install floppy disks-
    (no sound-nic-or modem-) PNP can take care of those later
    Memory- if you got alot of memory- sometimes that can cause install issues-
    if you have 2 sticks of 256mb then only use one  
    or if you have 2 sticks of 512mb then only use one.

  • User profile image

    Thanks for your input so far. Let me tighten the scenario a bit to make it easier to see where I'm going:

    1. No hardware malfuncion.
    2. System not virus, spy- or malware infected.
    3. No messages in the event log.
    4. System fully updated.
    5. No recent change in hardware or software.
    6. No network activity.

    Just to make things clear, I'm not experiencing any trouble atm. I just want to know your best tricks for next time it happens. Because it will happen. It always does sooner or later.

    About hardware malfunction: I've experienced both faulty memory and low quality PSUs. And it's really hard to find those problems since they can result in just about anything. And buying cheap PSUs are probably the number one sin of all home built PCs. 

    But let's leave it out of the equation and make it a windows only problem. I'm making this scenario hard since most of the easy questions can be answered by googling or the knowledgebase. I want to know how to go "under the hood" of the system and pinpoint the exact component.


  • User profile image

    Okay, if we're talking PURELY hypothetical (and we'd have to be since Windows doesn't just crap out for no reason), then what I think you're looking for is to actually scan your individual processes to see what they're doing and what they're interacting with.

    So, get yourself a copy of Dependency Walker (depends.exe), kill off Explorer, and start it from within Dependency Walker; and just leave it. It'll map out exactly what explorer is doing, what DLL calls it's passing, etc. You can have it automatically log (I think), until the error is reproduced. Keep doing this for each process (svchost, etc) until you find the problem.

  • User profile image

    BOFH wrote:
    Okay, if we're talking PURELY hypothetical (and we'd have to be since Windows doesn't just crap out for no reason

    Yes and no. I have a Compaq deskpro which acts like this after a fresh install of W2K (Both Pro and Server). I runs until I try to open an explorer or Internet explorer window. Then It hangs the GUI for a minute. And when that minute is up, the computer works like a charm until I turn it off. We had about 50 of the exact model at work and they all did the same thing. So I kinda got used to it.

    But ofcourse you are right. There is something that makes explorer hang. With the Deskpro it was probably related to some driver. And ofcouse there has to be something that makes windows crap out. I'm not one of those guys that go "windows sucks". I don't believe that. I believe that that there is something that goes wrong. Somewhere. And I want to find what it is. I haven't tried Dependency Walker. But that's the kind of great tip I was hoping for. I'm sure going to check it out! Thank you!


  • User profile image

    Since you just told us what type of machine you're using you just made what I was about to say irrelevant. 

    When I was experiencing a problem very similiar to what yours it was because I was using RAID drivers for my 3rd and 4th IDE controllers but I had RAID disabled in the BIOS.  After enabling it everything's been fine since.

    Best of luck though; stuff like this can really drive you nuts!

  • User profile image

    I would recomend Process Explorer from Sysinternals. Its a very good tools for debugging performance related information. 
    You could easily find the "bad guy" with this piece of software.

    You can find path information, registry settings, performance, performance graph, threads, enviroment, security, memory stack, kill processes, suspend processes, debug processes, find dlls and much, much more..

    Process Explorer is an advanced process management utility that picks up where Task Manager leaves off. It will show you detailed information about a process including its icon, command-line, full image path, memory statistics, user account, security attributes, and more. When you zoom in on a particular process you can list the DLLs it has loaded or the operating system resource handles it has open. A search capability enables you to track down a process that has a resource opened, such as a file, directory or Registry key, or to view the list of processes that have a DLL loaded.

    The Process Explorer display consists of two sub-windows. The top always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window, which you can close, depends on the mode that Process Explorer is in: if it is in handle mode you will see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you will see the DLLs and memory-mapped files that the process has loaded.

    Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded. The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.

  • User profile image

    Lars, I know exactly the sorts of delays you're talking about - they've been around in Windows since Windows 95, and I've never found a way to diagnose or get rid of them.

    A perfect example is you double-click on a folder and instead of the folder just opening, the system just goes to sleep for a few seconds.  Maybe 5 or 8 seconds.  And then it continues as if nothing happened.  It doesn't always do this, but it does it frequently enough that it's annoying (and it does it on pretty much every Windows box I use, so it's not hardware or configuration).

    Maybe there's some pattern in how we use Windows that exposes this - when it's stuck, the CPU is idle, the disk is idle, there's often lots of free RAM.. what it feels like is there's a lock that's locked and something has to attempt to get it and time out.  Or like it's trying to do a DNS lookup of a nonexistent address and waiting for that to time out.

    I'd really love to know what it is - it's the most frustrating thing about using Windows in my experience.

  • User profile image

    THis I have found is one of the best guides to your bios and what the settings mean.

    I think it may be a bios issue- you should possibly check for a bios update- I don't recomend flashing them unless you know what you are doing but- possibly have a look at your motherboard manufacturer site and see if there is possibly a bios update

  • User profile image

    SteveX: Spot on. Explorer is just sitting there doing a whole lot of nothing. Unresponsive yet not busy.


  • User profile image

    Not saying that this is the case at all in this situation, but I have a feeling that power spikes/drops have alot to do with alot of people's computer problems..

    In the lab I work in we mandated that every workstation have a UPS.. it's amazing how many times we'll be just sitting there working away and one or two UPS alarms will go off.. occasionally we'll hear the alarms come on one after another in intervals of maybe 5-10 seconds...

    occassionally we'll pull up the power monitor and find that the ups has making up the low power situation for an hour or two..

    even scarier is when we get those brown out conditions when some things work -- the lights are maybe 10% of brightness and flickering..

    I always wonder how bad this is for procs/computers/stability in general..

    Anyway, ending on a satisfying note, it's fun hearing the non-IT folks upstairs running around when the power goes out since they don't believe UPS's are worth the investment Wink

  • User profile image

    SMac wrote:
    Not saying that this is the case at all in this situation, but I have a feeling that power spikes/drops have alot to do with alot of people's computer problems..

    Funny that as I was reading this the power here went off and on a few times causing all manner of alarms and other assorted (I * E) nastyness. Thats why we all develop on Laptops, and everything has at least 1 power backup device between it and the mains. The light were out but I was still reading Channel 9. I can say that singular precaution has saved me hours of work through the years.

    On another note I have found that from time to time when windows is just plain acting squirrely and no amount of check this and check that seems to be fixing the problem. I will boot up a CD distro of Linux, ( like Knoppix ). On at least 3 occasions in the past I have gotten Kernel Panics. Usually a sign of bad memory. The BIOS memory test is not worth the time it takes to run. Its a very simple test that has saved me hours of reinstall and repatch on at least 3 occasions in the past.

  • User profile image

    Lwatson wrote:

    Usually a sign of bad memory. The BIOS memory test is not worth the time it takes to run.

    True. I recommend:

    I think we're fortunate regarding the quality of power distribution here in Sweden. It's very reliable. And reboots due to power loss are rare in my experience. It's more common that people buy the cheapest PSU they can get, and overload it with power hungry graphics cards and overclocking. But then they're just asking for trouble.

    In my scenario the computer isn't broken. There is just something that makes the GUI (explorer.exe) go to sleep. It is a wait that is not a busy wait. All the vital signs (processor/disk/net/mem activity, cpu temp etc) say that the system is idle. The task manager and the mouse works as usual. And it's possible to launch new programs from the task manager's run. As long as these don't open any explorer or IE windows. But the normal explorer GUI does not respond. Explorer is waiting for something that makes it unresposive. I'm sure we've all experienced this one time or another. The question is how to pinpoint what it is that is causing the GUI (explorer or IE) to go to sleep in each instance.

    I was hoping that there was some good utility that I never heard of that would let me peek under the hood of the explorer and see what is it doing. Dependency walker looks promising tho.


  • User profile image
    Jeremy W

    People here will likely find this tool useful: Process Explorer.

    No, it's not one of mine (unlike so many links here Tongue Out). I've just downloaded it because I was having some memory leak issues. Nailed it right down to which driver was causing the issue. Updated. Solved.

    Great tool.

  • User profile image

    Jeremy W. wrote:
    People here will likely find this tool useful: Process Explorer.

    No, it's not one of mine (unlike so many links here Tongue Out). I've just downloaded it because I was having some memory leak issues. Nailed it right down to which driver was causing the issue. Updated. Solved.

    Great tool.

    Yeah, I've installed Process Explorer too. Love it.

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.