MS Windows – Performance Monitor – Findings – 2016-Jan


Quick review of our last System Performance benchmarking.



Storage / Disk

Hot files



  1. SQL Server
    • Confirmed that SQL Server data files are written in 8 KB sizes
    • SQL Server Log files are written a bit irregularly.  In our observed, at 1 KB size; that number is probably rounded out
  2.  Mcshield.exe
    • We can see that mcshield.exe is competing with vmss.exe to access  \Users\Public\Documents\Hyper-V\Virtual Hard Disks\sccommondb02.vhd
    • mcshield.exe is also competing with rundll32.exe, our helper process, for access to Perfmon resultant file ( Performance Counter.blg )


Disk Totals



To map the Disk Numbers to their corresponding drive letter, I will suggest you dig down or take the harder path of using WMI or Diskpart.exe

If you want to use diskpart, start it from command line and issue “list volume”.

DISKPART> list volume





  1. Drive 4 ( Drive C: [ OS/System] )
    • vmms.exe ( Hyper-V ) is the biggest user )
    • Next comes mcshield.exe ( mcAfee), System, and Explorer
  2. Drive 3 ( Drive E: [SQL Server Data] )
    • Biggest user rundll32.exe – Not sure which process it actually is, as rundll32.exe is likely com server/dll and their is likely an actual host system
    • Next comes system
    • And, then sqlserv.exe
    • And, mcshield.exe, explorer.exe
  3. Drive 2 ( Drive D: [ SQL Server Log] )
    • Sqlservr.exe
    • System
    • mcshield.exe
    • msmdsrv.exe ( SQL Server Analysis Service )
  4. Drive 1 ( Drive E: [ SQL Server Backup] )
    • Biggest user is MS SQL Server
      • Writing out 1MB/sec
      • Reading at 86 KB/sec
    • Next is mcshield.exe
    • And, bottom is explorer.exe
  5. Disk 0
    • Following best practices and not capturing performance data on System Drive or Drives we are instrumenting
    • We are logging Perfmon Data to Drive G:
      • Once we dug deep mmc.exe is the biggest user of this drive





nbtstat -a | find /I "UNIQUE"




  1. We can see that SQL Server is our biggest Network Originator
  2. We should look at our ecosystem and see which hosts are receiving and sending most network traffic




  1. We see that our CPU is Idle 90% of the time
  2. SQL Server is a mere 5%
    • 0.3% of Overall System Total that is at the Kernel Level
    • And, 4.2 of Overall System is at User Level
  3. If Kernel was high for SQL Server then System processes such as System Processes ( Device Drivers, OS Level Encryption, and Antivirus )  are holding us up as they are not returning from system level calls soon enough
  4. If User Level was high, then it is SQL Compilation, Bad Query plans, SQL Engine background processes ( Ghost cleanup, Lazy Writer )



The Warning’s area is likely the most instructive.




The system is experiencing excessive paging

Cause: Available memory on the system is low.

Details: The total physical memory on the system is not capable of handling the load.

Resolution: Upgrade the physical memory or reduce system load



Listening to Leon Bridges whom I discovered from watching Bennett Omalu’s Concussion Movie.

Leon Bridges – River


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s