Tag Archives: sysinternals

OEMs are still breaking Windows: can Microsoft fix this with Windows 8?

Mark Russinovich works for Microsoft and has deep knowledge of Windows internals; he created the original Sysinternals tools which are invaluable for troubleshooting.

His account of troubleshooting a new PC purchased by a member of his family is both amusing and depressing, though I admire his honesty:

My mom recently purchased a new PC, so as a result, I spent a frustrating hour removing the piles of crapware the OEM had loaded onto it (now I would recommend getting a Microsoft Signature PC, which are crapware-free). I say frustrating because of the time it took and because even otherwise simple applications were implemented as monstrosities with complex and lengthy uninstall procedures. Even the OEM’s warranty and help files were full-blown installations. Making matters worse, several of the craplets failed to uninstall successfully, either throwing error messages or leaving behind stray fragments that forced me to hunt them down and execute precision strikes.

I admire his honesty. What he is describing, remember, is his company’s core product, following its mutilation by one of the companies Microsoft calls “partners”.

Russinovich adds:

As my cleaning was drawing to a close, I noticed that the antimalware the OEM had put on the PC had a 1-year license, after which she’d have to pay to continue service. With excellent free antimalware solutions on the market, there’s no reason for any consumer to pay for antimalware, so I promptly uninstalled it (which of course was a multistep process that took over 20 minutes and yielded several errors). I then headed to the Internet to download what I – not surprisingly given my affiliation – consider the best free antimalware solution, Microsoft Security Essentials (MSE).

Right. I do the same. However, the MSE install failed, probably thanks to a broken transfer application used to migrate files and settings from an old PC, and it took him hours of work to identify the problem and complete the install.

What interests me here is not so much the specific problems, but Microsoft’s big problem: that buying a new Windows PC is so often a terrible user experience. Not always: business PCs tend to be cleaner, and some OEMs are better than others. Nevertheless, although I have had Microsoft folk tell me a number of times that its partners were getting the message, that to compete with Apple they need to deliver a better experience, the problem has not been cracked.

There is something about the ecosystem which ensures that users get a bad product. It goes like this I guess: customers are price-sensitive, and to get the price required OEM vendors have to take the money from malware companies and others desperate to drive users towards their products. Yet in doing so they perpetuate the situation where you you have to buy Apple, or be a computer professional, in order to get a clean install. That describes a broken ecosystem.

Microsoft’s Signature PCs are another option, but they are only available from Microsoft stores.

The next interesting question is whether Microsoft can fix this with Windows 8. It may want to follow the example of Windows Phone 7, which is carefully locked down so that OEMs and operators can add their own apps, but their ability to customise the operating system is limited, protecting the user experience. It is hard to see how Microsoft can achieve the same with the x86 version of Windows 8, since this remains an open platform, though it may be possible to insulate the Metro side from too much tinkering. Windows 8 on ARM, on the other hand, may well follow the Windows Phone pattern.

Fixing a slow Windows XP PC

Yesterday I investigated a Windows XP machine that had become so slow it was unusable. It was a Dell Dimension 2350 with 1GB RAM and a 2.00 Ghz Celeron CPU – not too bad a spec for XP – that had been out of use for a while and was being brought back into service for a specific and undemanding task. At first it had performed fine, but after applying Service Pack 3 and installing Microsoft Security Essentials it had ground almost to a halt. The machine performed so badly that trying to troubleshoot it was like wading through glue. You could get task manager up and see plenty of RAM free, but the CPU was stuck on 100%.

After trying a few futile things like updating the BIOS, I installed Process Explorer and Process Monitor from Sysinternals. Looking at the activity summary in Proccess Monitor it was obvious which process was to blame: an instance of svchost.exe started with the command line: c:\windows\system32\svchost.exe –k netsvcs

However, netsvcs is responsible for many different services. I did a bit more poking around with Process Explorer and found the culprit: Windows Automatic Updates. Typing:

net stop wuauserv

at a command prompt fixed the problem temporarily.

It appears that the Windows Update database, which you can find in %windir%\Software Distribution\DataStore, can get corrupted. The Windows Update service goes into a spin and consumes all your computing resources. You can turn Automatic Updates off by right-clicking My Computer, Properties, and Automatic Updates tab; or you can fix it the brute-force way by deleting the DataStore folder and letting Windows recreate it, though you lose your update history; or you can try to repair the database.

Of course there are many reasons why Windows XP might run slowly, and often it is not easy to troubleshoot. There is abundant well-meaning advice on the internet, much of it based on the assumption that malware is involved, but finding the right answer to a particular problem is a matter of luck. In a professional context, it is hardly worth the time and corporates will just re-image the machine.

I do find it interesting that when Windows XP first appeared in 2001 it specified a minimum of 64MB RAM and ran OK in 128MB. Once fully patched with Service Pack 3, automatic updates, Internet Explorer 8 and anti-virus, it needs at least 512MB and in my experience 1GB to be comfortable. Unfortunately you have little choice; if you want to connect to the Internet or run recent applications, you have to update it. Automatic updates is a also a near-essential security feature.

Finally, kudos to the Sysinternals team whose tools are invaluable for solving this kind of problem.