Too much writes to the system drive

Andre_z · Dec 15, 2010

My system drive shows too much writes. This Windows 7 Ultimate machine is configured with a systems drive and a data drive, both intel SSDs, and a backup drive (hdd). I followed several instructions to alleviate the writes on the system drive, such as configure firefox/iexplorer chach to hdd, the users home dirs, the system have 0kb of virtual memory (swap file). Before I reconfigured the public folders using the privileged explorer, I had made this to redirect folders from the system drive:

http://social.answers.microsoft.com/Forums/en-US/w7files/thread/924138a5-bdb2-4ab4-870b-57b3a8b8ff44

My antivirus, Kaspersky IS, is installed on the data drive, and this SSD does not shows a fraction of the writes my system drive shows. With installation, the Intel Toolbox shows system drive with almost 900GB of writes on just some weeks, but this computer does nearly nothing. The data drive, that hosts the antivirus and several other apps, including MS Office, is at less than 18GB of writes.

That's just too much of writes on a machine that have almost nothing of activity. Even the hibernate was disabled and removed from the system drive.

The system shows writes almost only on start/shutdown, and I use the sleep function daily. How can I diagnose what is this too much writes to just the system drive?

Thank you for any help!

Hawkeye22 · Dec 15, 2010

Run the "resource monitor" and look at the "disk" tab. It should show which processes are accessing the drives.

hang-the-9 · Dec 15, 2010

I'm sure your system does nothing out of the ordinary, how do you know it's "too many writes?" Have you compared other systems? I think my kids are bratty misbehaving annoyances, but when I compare them to other kids, turns out they are the same as everyone else.

Andre_z · Dec 15, 2010

Hawkeye22 :

Nothing wrong there. Most accesses are NTFS table and log I/O. There are a lot of firefox accesses to C:\Users\<user>\AppData (even with Firefox cache on another, disk drive), and Kaspersky writes too, to the C:\Windows\Temp.

I think just that cannot generate an average of 10GB per day of writes to the system disc, on a machine with almost no use - just light web browsing, not even downloads. Most of writes of my knowledge are Windows and KIS patches and updates. Very strange also, that the other drives do not show nearly this volume of I/O, even the data SSD that host KIS, Office, etc.

Hawkeye22 · Dec 15, 2010

Firefox puts your user profile in <user>\AppData.

10gig/day? Are you sure these aren't restore points being created? You can change the amount of allocated disk space for restore points.

See method 1 here:
http://mintywhite.com/windows-7/7maintenance/change-limit-system-restore-windows-7/

Andre_z · Dec 15, 2010

Hawkeye22 :

Thank you so much for your help.
I'm suspecting the System Restore - the configuration is max at 5% (3.72GB), but the sysrestore is using 3.94GB... Very strange. Anyway, there are another 6GB of data writes per day.

Even if it was 6GB daily of data writes to the system drive, I think maybe it's ok, but 10GB is too much.

Hawkeye22 · Dec 15, 2010

Did you make sure the hibernation file (Hiberfil.sys) actually got deleted? It's a hidden file so you may temporarily need to tell windows to show hidden & system files.

Other than that, I'm not sure where that data would be coming from.

Andre_z · Dec 16, 2010

Hawkeye22 :

I decreased the system restore size for system disk to the minimum (~750MB), and still, from yesterday, 12GB of data was written to system ssd.

What I investigated, appears to be the problem: even with prefetch disabled, there is some prefetch acccess, a lot of ntfs log and table i/o. This Win7 optimization for SSDs are a joke!

Also, a lot of KIS cache access on system drive, under appdata and under windows\temp. And Firefox 3.6.13 writes a lot to the profile, even at more than 1 MB/s - why?

Appears too that W7 patches are the root cause for much of those writes, causing misconfiguration of W7 ssd settings. I'm researching some way of really disable prefetch and all this crap.

I think all users of W7 and SSDs must check the writes to the system drive, and I'm searching for a place where people eventually has put this data. I'm worried, cause this is too much and will compromise my SSD in the near future. How could a system with about nothing of work write 12GB a day to the system drive? This is a joke, I'm sure the problem is with W7 and KIS.

Hawkeye22 · Dec 16, 2010

Andre_z :

Firefox keeps track of open tabs as part of it's crash feature so that it can restore those tabs in case of a crash. Not sure why it would be 1Mb/s though.

Andre_z · Dec 21, 2010

Hawkeye22 :

After moving all firefox AppData, Local and Roaming, to another drive, and after moving all Kaspersky ProgramData, "Kaspersky Labs" and "Kaspersky Labs Setup Files", to another hdd too, still there a lot of writes.

About 600MB/day of NTFS log and related filesystem data, and about 10GB of Kaspersky writes to the %system drive%:\Windows\temp.

I'm going this way to the almost useless - at this time - Kaspersky support.

My alert to all users of ssd drives here - take a look at the writes on your system drive.

ricno · Dec 22, 2010

Just to identify the process which is making the IO writes you could use ordinary Task Manager.

If you have the system rebooted, start taskmgr, go to processes tab and select "Show processes from all users", go to the View menu, then select columns and chose "I/O Write Bytes".

Leave the system running for a day and you should be able to spot which process is doing the writes.

Andre_z · Dec 22, 2010

ricno :

Yes, I already done that. But how to spot the usage of, to say, the Kaspersky, since it write to three drives?

Andre_z · Dec 22, 2010

ricno :

So cool your avatar - its a Zilog? A Spectrum?

Z80 was my first program machine, but the cool was do the assembler at Motorola 68k those days.

ricno · Dec 22, 2010

Andre_z :

You would have to use some other tool, perhaps the builtin Performance toos - "Data Collector Sets". You could run the system performance collector set and see which files are "hot" and which process is responsible.

However, if you have tracked down that Kaspersky is the one doing all the writes (most processes does not write much and if only Kaspersky is doing 10GB of writes per day it must be it), then perhaps it is not the fault of Windows 7.

ricno · Dec 22, 2010

Andre_z :

Yes it is a ZX Spectrum, 48kB model from 1982.

Nice spotted! It had a Zilog Z80 cpu at 3,5 Mhz. It was quite fun to do Z80 assembly and I think I still can remember some of it.

Which machines with the Z80 cpu did you use?

Hawkeye22 · Dec 23, 2010

ricno :

Sweet, I used to have a timex sinclair 1000. It had 2k of ram. I had the 16K ram expander seen in the pic. It's the big block attached to the back side.

http://www.computercloset.org/TimexSinclairZX1000.htm

Andre_z · Dec 29, 2010

People, problem half solved. I changed the windows and user environment variables to set TMP and TEMP to another, hd drive. Not so much performance penalty, but I'm not satisfied, since almost all writes are done dumbly by KIS. Why, since there are lots of memory free? The Kaspersky support is almost useless, and they deliver NOTHING about settings to fine tune the product. DUMB PRODUCT and DUMB SUPPORT.

Until solve that, check your settings and system ssd unit writes!
Thanks to ricno and Hawkeye22.

Search

Too much writes to the system drive

Andre_z

Distinguished

Hawkeye22

Glorious

hang-the-9

Titan

Andre_z

Distinguished

Hawkeye22

Glorious

Andre_z

Distinguished

Hawkeye22

Glorious

Andre_z

Distinguished

Hawkeye22

Glorious

Andre_z

Distinguished

ricno

Distinguished

Andre_z

Distinguished

Andre_z

Distinguished

ricno

Distinguished

ricno

Distinguished

Hawkeye22

Glorious

Andre_z

Distinguished

TRENDING THREADS

Latest posts

Moderators online

Share this page