First some numbers. Aviation Week is good on numbers, unlike the mainstream newsies.
Estimated 2014 Budget: $612.5 billion. ($847 billion including non-Defense personnel costs)
Percent of GNP 4.4 %
Personnel under arms 1.4 million active, 850,000 reserves
Deployments Major operations in Irag and Afghanistan. deployments in 90+ other countries.
A few comments. Back when I was in high school, defense spending was 10% of GNP. So 4.4% doesn't seem outrageously high to me. Those 850,000 reserves have been called up repeatedly to fight in Iraq and Afghanistan. The regulars have been doing back to back combat zone deployments. We ought to have a larger Army and Marine Corps to spread the burden out a little more evenly.
The Air Force is thinking about scrapping all the KC10 tankers, all the B1B bombers, and all the A10's. And the last batch of Global Hawk recon drones. They want to keep the B52's, the KC135's and the F35 program.
This blog posts about aviation, automobiles, electronics, programming, politics and such other subjects as catch my interest. The blog is based in northern New Hampshire, USA
Saturday, January 4, 2014
Cannon Mt ski weather
It's good and cold. I had -9F earlier this morning. But the sun is out, and it's warmed up to -5F. No wind to speak of. Cannon is skiable if you dress warmly.
Friday, January 3, 2014
Cannon Mt ski weather
It snowed all night. I have 9 inches of fresh powder on my deck. It's cold, like 5 below this morning. We have a little sun. Forecast is for really cold tonight and tomorrow.
Windows bug causes sound stuttering & SLOW computer
Over Christmas, trusty, aging Compaq 1750NX got into trouble. First darling daughter, home for the holidays, websurfed somewhere evil and infected him with a rootkit. After blowing said rootkit away with TDSSkiller, and a second one with Combofix, poor old desktop still ran SLOW. In good shape he used to boot up in 45 seconds. Now he was taking two minutes. And every thing ran SLOW. The audio stuttered while doing the Windows warmup "Ka Ching" sound. Task Manager was showing 80 90 percent CPU usage when nothing was running.
I finally tracked it down and fixed it. I ran Process Explorer, a fancier version of task manager. Process Explorer showed me that hardware interrupts were sucking up all the CPU time. A quick google (Hard ware interrupt virus) got a lot of hits, from which I learned that Windows was shooting itself in the foot.
The disk drive is supposed to transfer disk data to main memory using "direct memory access" (DMA) whereby blocks of data are moved into memory without CPU work. For nostalgia sake there is a primitive mode called programmed I/O (PIO) whereby the CPU has to move disk data byte by byte, (one move instruction per byte) and interrupt the CPU when each byte is ready to move. PIO was used back in the dawn of computing, and the PIO mode is a historical curiosity. Somehow, the disk drive software had put the disk into PIO mode, slowing the entire computer.
How to fix.
Start Device Manager. (Start->Settings->ControlPanel-. System->Hardware->Device Manager). Click on IDE ATA/ATAPI controllers. Click on "Primary IDE Channel". Click on "Advanced Settings". If "Transfer Mode" shows as "PIO", that's your trouble. The three boxes ought to read "Device Type Auto Detect" : "Transfer Mode DMA if available" : "Current transfer mode Ultra DMA mode 5".
If the boxes are wrong, you can fix it by forcing Windows to remove and reinstall the driver. Click on the "Driver Tab". Then click "Uninstall". Windows will then ask to reboot. Let it. That's it. All fixed.
You don't need to get into Process Explorer, that was just the aid that tipped me off to what was happening. Just go to Device manager and inspect the IDE ATA/ATAPI controllers.
This is NOT a virus, it's a bug in Windows.
I finally tracked it down and fixed it. I ran Process Explorer, a fancier version of task manager. Process Explorer showed me that hardware interrupts were sucking up all the CPU time. A quick google (Hard ware interrupt virus) got a lot of hits, from which I learned that Windows was shooting itself in the foot.
The disk drive is supposed to transfer disk data to main memory using "direct memory access" (DMA) whereby blocks of data are moved into memory without CPU work. For nostalgia sake there is a primitive mode called programmed I/O (PIO) whereby the CPU has to move disk data byte by byte, (one move instruction per byte) and interrupt the CPU when each byte is ready to move. PIO was used back in the dawn of computing, and the PIO mode is a historical curiosity. Somehow, the disk drive software had put the disk into PIO mode, slowing the entire computer.
How to fix.
Start Device Manager. (Start->Settings->ControlPanel-. System->Hardware->Device Manager). Click on IDE ATA/ATAPI controllers. Click on "Primary IDE Channel". Click on "Advanced Settings". If "Transfer Mode" shows as "PIO", that's your trouble. The three boxes ought to read "Device Type Auto Detect" : "Transfer Mode DMA if available" : "Current transfer mode Ultra DMA mode 5".
If the boxes are wrong, you can fix it by forcing Windows to remove and reinstall the driver. Click on the "Driver Tab". Then click "Uninstall". Windows will then ask to reboot. Let it. That's it. All fixed.
You don't need to get into Process Explorer, that was just the aid that tipped me off to what was happening. Just go to Device manager and inspect the IDE ATA/ATAPI controllers.
This is NOT a virus, it's a bug in Windows.
Labels:
Device Manager,
IDE ATA/ATAPI,
Process Explorer,
Windows runs slow,
XP
Thursday, January 2, 2014
Train Wreck
NPR did a long piece on the North Dakota train wreck where tank cars of petroleum burst into flames. They had a guy from NTSB on wondering if the tank cars that blew had been properly placarded as to hazardous material. I'm sure the proper hazmat placard would prevent a fire. Then they talked about the tank cars themselves, perhaps replacing all the tank cars would prevent another explosion. Then they talked about how petroleum from the Bakken shale might be more hazardous than other petroleum. I got news for them, petroleum from anywhere is fairly dangerous stuff. It gives of flammable vapors that ignite for rubbing two pundits together, and once ignited, it burns furiously.
What they didn't talk about was train wrecks. If you wreck a train full of oil tank cars, you are gonna have one helova fire. Hazmat placards, stronger tanks, tightlok couplers only help a little bit. You gotta work on preventing train wrecks. Nobody has offered any explaination of how this wreck happened. We are just very lucky that nobody got hurt.
To be fair to National Progressive Radio, they did mention the lack of pipelines, such as Keystone XL which Obama has stalled for 5 years.
What they didn't talk about was train wrecks. If you wreck a train full of oil tank cars, you are gonna have one helova fire. Hazmat placards, stronger tanks, tightlok couplers only help a little bit. You gotta work on preventing train wrecks. Nobody has offered any explaination of how this wreck happened. We are just very lucky that nobody got hurt.
To be fair to National Progressive Radio, they did mention the lack of pipelines, such as Keystone XL which Obama has stalled for 5 years.
Wednesday, January 1, 2014
How to Read a ComboFix Log File
Combofix, will zap most malware right of your disk automatically, with no assistance from you, the operator. It also writes a lengthy log file to disk. The log file indicates what was done, and lists some other stuff worth looking at.
"Other Deletions" is a list of files that Combofix has already blown away for you. If later on, you find the Combofix has broken something, you can look to see if it zapped a needed file.
"Drivers/Services" is unknown to me. Combofix did find anything to report on my computer.
"Files Created from yyyy-mm-dd to yyyy-mm-dd " shows all files created in the last month. Virii have to live on disk somewhere. When a virus shows up, it's likely to be living in a newly created file. It's not that new files ARE virii, but they might be.
"Find3M Report" is a list of all files created in the last 3 months. Again, just cause a file is new doesn't make it a virus, but it's worth checking them out. Google will tell you a lot about a filename.
"Reg Loading Points" is a list of registry entries that load and run programs. Look at the program names, you ought to recognize the names as legitimate programs, such as your wireless card driver. Names you don't recognize are worth checking out, they might be virii, but most of 'em will turn out to be legit programs.
IF, and only IF, you recognize a virus loading entry, you need to use regedit to blow the entry out of the registry and then zap the file being loaded off your harddrive with explorer
"Supplimentary Scan" is a more registry keys that seem suspicious to Combofix.
"Orphans Removed" is a list of registry entries that Combofix has blown away.
"Catchme" is a report from the rootkit finder/zapper.
"Locked Registry Keys" is a list of locked registry entries. Locked entries are suspicious because that's how virii protect their registry keys. In my computer the only locked registry key belongs to Internet Explorer, which I think is harmless.
"DLL's loaded under running processes" shows all the dll's currently in memory and doing things, and which programs are using them. Running processes that you recognize are OK. A running process that you don't recognize wants to be checked out. Likewise for dll's.
"Other Running Processes" is all the code in memory and executing. If you recognize the process, fine. Strange processes that you don't recognize again want to be checked out.
"Other Deletions" is a list of files that Combofix has already blown away for you. If later on, you find the Combofix has broken something, you can look to see if it zapped a needed file.
"Drivers/Services" is unknown to me. Combofix did find anything to report on my computer.
"Files Created from yyyy-mm-dd to yyyy-mm-dd " shows all files created in the last month. Virii have to live on disk somewhere. When a virus shows up, it's likely to be living in a newly created file. It's not that new files ARE virii, but they might be.
"Find3M Report" is a list of all files created in the last 3 months. Again, just cause a file is new doesn't make it a virus, but it's worth checking them out. Google will tell you a lot about a filename.
"Reg Loading Points" is a list of registry entries that load and run programs. Look at the program names, you ought to recognize the names as legitimate programs, such as your wireless card driver. Names you don't recognize are worth checking out, they might be virii, but most of 'em will turn out to be legit programs.
IF, and only IF, you recognize a virus loading entry, you need to use regedit to blow the entry out of the registry and then zap the file being loaded off your harddrive with explorer
"Supplimentary Scan" is a more registry keys that seem suspicious to Combofix.
"Orphans Removed" is a list of registry entries that Combofix has blown away.
"Catchme" is a report from the rootkit finder/zapper.
"Locked Registry Keys" is a list of locked registry entries. Locked entries are suspicious because that's how virii protect their registry keys. In my computer the only locked registry key belongs to Internet Explorer, which I think is harmless.
"DLL's loaded under running processes" shows all the dll's currently in memory and doing things, and which programs are using them. Running processes that you recognize are OK. A running process that you don't recognize wants to be checked out. Likewise for dll's.
"Other Running Processes" is all the code in memory and executing. If you recognize the process, fine. Strange processes that you don't recognize again want to be checked out.
Windows XP System File Checker SFC /scannow
SFC comes with Windows. It's a DOS program, you have to click on the start menu, click on :Run, and then type sfc /scannow into the run box. SFC is supposed to check the core windows files and report/replace any that are missing/out-of-date/corrupt. Just how SFC decides that a file is good or in need of replacement is unclear, since Windows Update keeps replacing files with updated versions. Just how SFC keeps up with this is unclear/unknown to me, but I think it works, somehow.
When SFC finds a file that it wants to replace, it will ask you to put your Windows install CD into the CD drive. However, many of us don't have a Windows install CD. We bought new computers that didn't come with Windows CD's.
But there is a fix. Computers without Windows CD's have a hard disk partition, (D: usually) that has all the stuff the Windows install CD has on it. I just burned it into a CD, left the CD in the drive, and then SFC ran to completion. I had to do a little trimming. The D: hard drive had too much stuff to fit onto a 600 MByte CD. I only put the "I386" stuff on the CD, and I even had to trim that a little bit to make it fit.
When SFC finds a file that it wants to replace, it will ask you to put your Windows install CD into the CD drive. However, many of us don't have a Windows install CD. We bought new computers that didn't come with Windows CD's.
But there is a fix. Computers without Windows CD's have a hard disk partition, (D: usually) that has all the stuff the Windows install CD has on it. I just burned it into a CD, left the CD in the drive, and then SFC ran to completion. I had to do a little trimming. The D: hard drive had too much stuff to fit onto a 600 MByte CD. I only put the "I386" stuff on the CD, and I even had to trim that a little bit to make it fit.
Subscribe to:
Posts (Atom)