svchost.exe causing 99% – 100% CPU usage, solution follows

Update March 5, 2007: Microsoft has apparently released a patch for this issue available publicly at KB article Q927891. This specific article exactly describes the issue I had with a client’s computer. I backtracked a few referral links to this post and noticed the discussion on Ars Technica’s forums. Thanks to people there for following up on this.


Quick note for the tech-savvy: I’ve been reinstalling several systems lately for clients, and here’s something to check on your own boxes if you’re having strange stalling or CPU usage problems.

This problem typically occurs under these circumstances:

  • You have Windows 2000, XP or 2003 Server installed on your system (I’m not sure if Vista is affected)
  • You’ve installed Microsoft Update as the Windows Update page recommends
  • You have a copy of Microsoft Office 2003 or any Office 2003 applications installed (this could affect previous versions, too)

If your CPU usage is randomly spiking to 99% or 100% with a svchost.exe instance, download Process Explorer and look for the svchost.exe instance that’s pegging your machine’s processor. If, when you expand the process, you see “wuauclt.exe” or a Windows Update thread running, your problem is related to this bug.

Microsoft does have a KB article about this issue (927891) and it’s been mentioned by a few Microsoft MVP’s – here’s how you go about getting the official hotfix. If you don’t want to go through all that rigamarole, I’ll be calling in this week to acquire the hotfix for some of my clients experiencing this issue.

Alternatively, to fix it RIGHT DAMN QUICK NOW? Hit the jump.

Continue reading

Two dead hard drives, two days

There have been a plethora of hard drive problems I’ve had to deal with this year. In the past two days, I’ve had to repeat the wonderful Windows XP installation/update process three times – once for one of my servers (Windows XP/Apache2.2/PHP/MySQL stack) and twice for client systems whose hard drives just up and quit.

In January, my cousin’s P3/733 gave up the ghost in the same way – rather than buying a new hard drive and installing Windows again, he opted to go out and get a MacBook. It ended up costing him a bit more than he wanted to spend, but the system works for him now instead of Media Player giving a “Windows Genuine Advantage” failure every time he tried to play a video file. (Admittedly, I’m unsure exactly where this XP copy came from, but it shouldn’t prevent him from launching a previous version, like v10, of Media Player.) In the meantime, he ended up using VLC to play all video files. After attempting to reset the product key to a known, valid one, both using Microsoft’s official key change application and a widely-known registry patch:

Continue reading

Oh, the humanity!

[R]eading YouTube comments is a pretty stern test of the ol’ faith in humanity.

I couldn’t agree more. The hierarchy of Internet commenting goes, from best to worst:

  • Slashdot/Kuro5hin
  • SA Forums
  • Generic blog comments
  • Blog comments on a linked-from Digg site
  • Digg comments
  • YouTube comments
  • GameFAQs, IGN, Xbox.com Forums

Are people not accountable for what they write online anymore? I guarantee you wouldn’t see as many racist, misogynistic, crap-filled comments if people had to post using their full name. There should really be some sort of standard for online posting – that’s why I like Something Awful and the SA forums. The $10 registration fee really encourages quality contributions, giving a more tangible value to your alias.

Xbox 360 dashboard update and efuses

Some recent news over at Xbox-Scene has made it clear that Microsoft fully intends to exploit the enhanced security features of the IBM PowerPC-based CPU. Effectively, once you’ve installed the January 2007 update for the console (kernel version 4552), you’ve tripped an “efuse” that refuses to boot prior kernel versions. There may be up to 32 of these software-programmable switches, and once the efuse has been set it cannot be reversed.

This situation is similar to the electronic countermeasures employed by DirecTV in attempting to disable satellite decryption cards. On Black Sunday, writing invalid data to a PROM caused pirate smart cards to refuse to bootstrap the satellite receiver. In this case, tripping the efuse in the CPU prevents the Xbox 360 from booting previous kernel versions.

It might now be possible to sympathize with people who claim that “the latest dashboard update bricked my console”, considering that there are two ways for the update to cause the condition:

from x-s forums:

Looks like what is happening is either:

A) During the update the EFuse doesn’t blow and the dash updates fine which when checked by Hypervisor returns a no boot condition

B) During the update the EFuse blows correctly and the update DOES NOT flash correctly which when checked by the Hypervisor returns a no boot condition.

For more information on the update package itself, including a string extraction, hit the jump.

Continue reading

VX2025wm and Ubuntu 6.10

I’ve always seemed to have more trouble setting up monitors and displays under Linux than should be warranted. Cobbling together a few forum posts from Google, here’s what I’ve come up with in xorg.conf that seems to have my VX2025wm working at native 1680×1050@60Hz resolution. You may not need the ModeLine parameter, depending on how your monitor is hooked up – mine runs through a KVM box that doesn’t much like passing resolutions > 1280×1024. Get the changes and xorg.conf after the jump…
Continue reading

Minor update

After yet another cycle of WordPress updates, minor things tend to irk me. Unfortunately, I haven’t had much time to sit down and devote completely to Aerosol development or Ethanol bugfixes, and as a result I’m beholden to the development and bugfix schedule of others.

I have, however, managed to get the site installation wizard for Ethanol up and running; this means that a test installation is now available at http://jakebillo.com/e3/. This site should be considered unstable – it’s running on a MySQL 5.x host, whereas Ethanol was specifically designed for MySQL 4 installations. Any database errors that appear while using this test installation are due to these incompatibilities.

Upgrades complete

I’ve finally gotten the chance to deploy the new security-related fixes for WordPress. I’m not a huge fan of any mass-market weblog packages, or for that matter any heavily popularized software for managing a website. In fact, I plan to use a stable version of Ethanol or Aerosol to maintain this site once I get some time to hammer out some of the installation bugs that have crept in since its first release. It’s difficult enough maintaining “stable” and “development” branches as an sole, independent developer, let alone backporting usability and security fixes.

One of the reasons I feel so strongly about managing my own content is due to some of the security problems that have plagued phpBB; the popular bulletin board system had attracted a significant number of exploits and remote abuse abilities. The exploits were to such an extent that the developers removed the version number of the software from the default footer, since many scripts keyed on this version number in order to facilitate the crack.

I’m not sure of the current state of security for the phpBB project, but frankly I wouldn’t trust it running on a server without mod_security and Hardened PHP. Ideally, you’d run the package in a BSD jail, but that’s not an option for many low-cost web hosts.

While I was in the upgrading mood, I also managed to download the latest Subversion build of Xbox Media Center. For those of you who might not know, XBMC is an open-source application that runs on modified Xbox consoles, allowing it to effectively act as a media library for your TV. The best part about XBMC is its native networking support, so you can stream music and video files from your home network and play them on your TV. It also offers native archive support, so you can view the contents of RAR and ZIP files and play media stored within them.

Unfortunately, the incredible features and functionality of this software (I’ve personally not seen an open-source project as useful as XBMC since Firefox) are all muddled up in the great debate about console modification. Ozymandias (Andre Vrignaud) of the Xbox team goes over the three main reasons to modifying a console in his post, and attempts to debunk them:

  • To play pirated games (Andre’s reasoning: “[A]t the end of the day every game not legally purchased is simply stealing money from the creators.”)
  • To play imported/region-locked games (Andre says: “[S]ometimes companies have good reasons to either not release a title into a region or release it at different dates. It may be because of the time and cost of localization, marketing plans, ad buys, cultural considerations, or perhaps even because of the impact of piracy in the region. Whatever the case, it’s safe to assume the publisher has thought about it.”
  • The desire to run “homebrew”, or non-licensed applications on the console. Effectively, console manufacturers like Microsoft and Sony sell their boxes at a loss, hoping that (over time) their attach rate, or number of games sold per console, will be high enough that they can recoup profit from the games. Andre indicates that he can’t condone running homebrew applications on consoles, because “[a]t the end of the day, the cost difference needs to be made up somewhere, and that’s why we need to you buy those razor blades.”

I personally can’t agree with Andre’s third argument against homebrew modifications. In my experience with marketing, I fit into one of the key demographics for being an early adopter of game consoles and peripherals. I have a significant amount of disposable income (well, as much as a student can have – but I’m not supporting anybody other than myself); I’m interested in the latest games, peripherals and systems that come out; and I understand the business model.
For the original Xbox, which was effectively a set of commodity PC parts in a black box, some attach rates for 2003 were quoted at 5.3 and 5.8 games sold per console. Dean Takahashi mentioned in his book Opening the Xbox that the expected attach rate for profitability on Xbox would have been 9.0 games sold per console, with at least three of those games as first-party, Microsoft-produced titles.

Personally, I can’t feel guilty about running a software modification on my system, because I’m well over the attach rate myself. I have purchased over twelve Xbox titles at full retail value, as well as several controllers, an Xbox Live subscription ($80/year) with headset, and some Halo 2-branded merchandise. I no longer even use my original Xbox to play games or sign on to Xbox Live; that’s reserved for my Xbox 360, which has fairly compelling media features of its own.

I understand Andre’s perspective – that console manufacturers are out to make a profit, and modifying systems cuts into their bottom line – but looking at the required attach rate, you can calculate this out: assuming a break even point on the system and software:

Xbox Console: Assume $299 (first price drop, Canadian funds)
First-Party Games: Assuming three required for break even point at $60 apiece: $180
Third-Party Games: Assuming six required for break even point at $7-$9 licensing fee: $42 – $54
Total Cost: $299 + $180 + $54 = $533

I would gladly pay $600 for a completely “unlocked” system, which allowed me to play games as well as run homebrew software. However, this idea doesn’t hold water, as it has no mass-market appeal. What’s more, the unlocked system would effectively be a development kit – which sells to developers for about a $10,000 US licensing fee. No thanks.
I think what Microsoft is doing with the XNA Game Studio and Creator’s Club on the Xbox 360 is interesting, but it doesn’t offer anything close to what the XBMC team is capable of.

Day one

Today was the first official day of classes up at UW, which means that tomorrow is free from any obligations. I have an afternoon tutorial for English 109 that is not applicable, since the first official lecture hasn’t been held yet. I did attend two classes today:

  • Math 136 (Linear Algebra 1), and
  • CS 245 (Logic and Computation).

Math has always been a challenging subject for me, so it was a pleasant surprise that the introductory material on linear systems was still familiar. I’m sure the pace of the course will pick up, which will necessitate giving it a fair amount of attention during this term. It’s also fortunate that Warren is enrolled in the same section, so that there’s a mutual backup system for note taking.

As for the Computer Science course, the professor (Prabhakar Ragde) seems extremely enthusiastic and positive about the course. It’s effectively a proofs course in CS, which is something that either will be extremely engaging for me, or a complete stumbling block. Prabhakar’s comments on looking at assignments as if they were puzzles intrigued me; that’s one part of development I tend to enjoy. Solving a particular task – or in this case, proving a particular proof – is a core part of programming that lets developers achieve milestones.

New year’s revolutions

I’ve arrived home from Markham – my work term officially concluded on December 22nd – and I’m settled in, for the most part. The entire Christmas holiday seems to have gone by far too quickly, because I’m headed back to school within a day. For the most part, my preparation for classes has been limited to updating browser bookmarks and ensuring all of my workstations are functional. The usual administrative tasks, such as securing textbooks, will be performed on Wednesday through to Friday this week.

It’s unfortunate that I can’t check my exact UW schedule at 2am: I tend to work best in the evening hours, on an offset timeframe. Not having Quest (the student information portal) available past midnight necessitates some planning.

My class hours reflect this alternate way of operation. My goal for Winter 2007 was not to start any class before 11:30am, which I’ve achieved with an early start on course selection. In return for the late start, I give up my afternoons and tend to work well past midnight. My rationalization for this operation is that I woke up early (7am) for four years during high school to catch the bus, and I deserve to sleep in when I can. While sleeping until 11am isn’t really a valid option while on a work term, I did use some of the flexibility available at IBM to delay my start time until 9:30 – 10am when I could.

Besides continuing to work for IBM as a student on-call employee, I’m now starting the job search and application process. (The Student On-Call process can involve working on-site on alternating days, or in my case, working on an “as available” schedule remotely.)

My resume is nearly complete, and is in a publicly available state. I’m debating removing some of the work experience information from Maplesoft, or compressing the Summer 2006 student on-call position experience into the previous co-op term. One thing that was mentioned to me was that the entire “student on call” process is indicative of a job well done while physically on-site. Yes, this is shameless self-promotion, but my point remains. 😉

I’ve also been managing my time with some PC repairs on the side. Together with Dave and Warren, I fix software and hardware issues on-site, on a small-scale word of mouth basis. When I’m on a co-op term, in order not to interfere with my professional responsibilities, I redirect client calls to Dave or Warren, depending on the situation experienced. When I’m living in Waterloo, I additionally build or repurpose PC’s for clients.

Usually “software” issues are the result of spyware or malware. It’s extremely rare that I’ve seen an actual virus on a system – most computer problems I’ve seen are caused by malicious browser toolbars, or don’t explicitly fit the criteria for a virus.

Unfortunately, spyware can be just as painful for end users, and is much more deceiving in its appearance. Perhaps the worst case of spyware I’ve heard of is an application called “MSN Block Checker”, which completely demolished a Windows installation, necessitating a complete reinstallation of the OS.

For now, though, I’ll enjoy my last day off before it’s back to the grind.

Useful utility: NetMeter

While my primary workstation is a Core Duo iMac running OS X, I consider myself platform-agnostic at this point. My fileserver at home is a Core 2 Duo E6600, running XP Pro SP2. I also have several other boxes that run XP, and it’s often a necessary thing to monitor network traffic.

One of the issues I encountered during this workterm was slow downloads over a mapped network drive. With conventional tools for Windows, it’s not possible to accurately monitor the transmit rate. This is where I install the freeware utility NetMeter, which is a useful network activity monitor and graph for Windows 2000 and XP. I configure the application with the following settings:

NetMeter - settings dialog

I align the NetMeter window directly to the bottom right of my screen, just above the standard Windows taskbar. When I mouseover the 50% transparent window (to access a scrollbar or status bar), the window fades down to about 10% transparent:

NetMeter - faded out

In the case at work, we were able to determine that downloads from a certain system were transferring at a rate well below what was expected, without calling the support team. I use NetMeter on my laptop to determine wireless network performance and ensure wired networks are operating properly at 1000Mbit – it’s good to have a rough idea of how well your connection is performing.