Ever had that irritating problem where all of a sudden EVERYTHING starts slowing down to a grinding halt? I've had the problem numerous times, and it always seemed to be some sort of BADWARE infesting on my machine.
This time around, one of our computer labs are facing the very same problem. But after trying all possible anti-virus, anti-spyware, anti-malware, anti-malware, anti-torjans, Hijackthis, and all, there seemed to be no problem what-so-ever, and CPU was still at 100%. So, with some help, I did a little experiment... (this can be used in the future to diagnose the root cause of your OS problem, if all else fails)
First, using the builtin System Configuration Utility of XP by typing "msconfig" at the command prompt, I chose the "Diagnostic Startup", which effectively disables ALL Windows services from starting up, except of course the essential/critical ones, and it also disables ALL startup applications.
After rebooting, I found that the problem has gone, so immediately I now know that it's an OS problem, and it has something to do with either the startup programs or the Windows services. Optimistically, it could be just one culprit, or a combination of a few. So then, I proceeded to step 2, which is using the "Selective Startup" which allows us to choose what to run and what to disable. First, I chose to enable everything except any Windows Services, so I left "Load System Services" unmarked.
Upon rebooting, there were no problems and no 100% CPU Utilization. So I can deduce that it wasn't a program startup problem, and it was one of the MANY services that run on XP. So, this time I selected the system services as well, but this time I navigated to the "Services" tab, and here's the ingenious part. I applied a binary search algorithm to pinpoint the culprit with the assumption that there is only 1 single service that is the root fo the problem. Basically, I split the list in two halves (A & B) and enabled the first part. Upon rebooting, I found that the CPU utilization was normal, so I knew that the problem must be among the second half (B) of the services list. So I proceeded this time by splitting B into two halves again, into C & D and repeat this process of halving until I came down to a few processes starting with "P".
Guess what it came down to? Print Spooler services! Who would've thunk it? And the lab computers were not even hooked to any damned printer! Well, I did a little research on the web and lo and behold... seems like I wasn't the only one. Found out that if you don't have a printer, then chances are you'd have a Microsoft Document Image printer driver kinda thing. It acts like a printer, but doesn't actually produce any output. Unfortunately, when any dumb soul hits the "Print" command and sends it for 'printing', it'll be queued up in that spooler. And these things don't expire! Nor is it infinite space! Similar to a normal printer, I guess, that has a printer buffer/cache/memory, which are now commonly in the 2MB to 16MB range, it can get FULL! So, that was the problem!
All I needed to do then was simple. Just STOP the Print Spooler service via the Manage Console. Empty the "%system directory%\system32\spool\printers" folder. START the Print Spooler service again, and you're DONE! Of course, if you don't have a printer or don't plan to attach any in the near future, you can always disable that service altogether to avoid future problems. I foresee Windows fixing this in the future. Possibly having an expiry to the spooled items, maybe up to 30 days, or enable user to specify. OR get rid of the MS Doc Image thing altogether! Haven't figured out what it's good for yet...
Well, done with that problem. On to the next!
Tuesday, August 15, 2006
Wednesday, June 28, 2006
The Pains of RAID
Looking back, I wondered, "What in the world DID I learn during my Computer Science degree?" As a IT Support Engineer/Technician, I've been thrown in a pure Microsoft environment and facing problems that I've never been taught of in school. I mean, where did all the algorithms and CPU architecure and logic circuits come into play? Not that I'm blaming the system. Yet, it is fun to learn new things.
So, I finally decided to give it a good shot on the RAID thing. I mean, I've been reading a lot about it, the benefits, the different types of configuration, etc. But since the company has finally purchased the accessories, I figured its about time I actually implemented it.
The DELL Poweredge servers that we had has an on-board RAID controller. Unfortunately, to actually use it, we'd need to purchase a RAID DIMM memory card, a RAID Controller Key, and a RAID Battery. (Who would've though that even RAIDs need its own batteries...) But, then when I read further, we could alternatively use a RAID controller card, in fact it was recommended by on of the DELL technicians that I'm better off buying a card rather than use the on-board controller. Which advice I took...
So, unpackaging the RAID controller card box, I found it was a normal PCI kinda card with a port that obviously needed connecting. (Little did I know at the time that it's a VERY important part of the puzzle) So, I simply plugged it into a PCI slot and waited for magic to happen. I thought that was it. I had actually thought that that was all there was to it. All I needed then was go to the config tool and actually tell it to RAID for me. BEEP! I was wrong... DEAD wrong.
I needed help, so I contacted DELL's support and after about 4 different menus I finally got to someone. Telling my perdicament, I told him that I'm stuck and needed help. So, when it came to the part where I had a card plugged in already, then he told me, "Okay, now take the SCSI CABLE and connect it from the SCSI Backplane to the SCSI RAID controller card..." "OOOOHHHH! So I said, that's what I'm missing. That port that jutted out from the card needs connecting to the MB via another cable!" I thought to myself. So there I was stuck and unmotivated to go further becuase I didn't have any spare SCSI cable on me and I wasn't in the mood to go out and get one right away.
But then I realized something, "Hey, the tape drive is connected with this blue-red-yellowish ribbon, which goes to the SCSI backplane. Could this be another type of SCSI cable?" I asked the technician on the phone. He said, "Yeah. That is one." So I immediately, disconnected the tape drive and plugged it in to the RAID Controller Card. Powered up the machine and PRESTO! Glad I called for help, else I'd be developing white hair as to why the RAID card wasn't working...
So, I finally decided to give it a good shot on the RAID thing. I mean, I've been reading a lot about it, the benefits, the different types of configuration, etc. But since the company has finally purchased the accessories, I figured its about time I actually implemented it.
The DELL Poweredge servers that we had has an on-board RAID controller. Unfortunately, to actually use it, we'd need to purchase a RAID DIMM memory card, a RAID Controller Key, and a RAID Battery. (Who would've though that even RAIDs need its own batteries...) But, then when I read further, we could alternatively use a RAID controller card, in fact it was recommended by on of the DELL technicians that I'm better off buying a card rather than use the on-board controller. Which advice I took...
So, unpackaging the RAID controller card box, I found it was a normal PCI kinda card with a port that obviously needed connecting. (Little did I know at the time that it's a VERY important part of the puzzle) So, I simply plugged it into a PCI slot and waited for magic to happen. I thought that was it. I had actually thought that that was all there was to it. All I needed then was go to the config tool and actually tell it to RAID for me. BEEP! I was wrong... DEAD wrong.
I needed help, so I contacted DELL's support and after about 4 different menus I finally got to someone. Telling my perdicament, I told him that I'm stuck and needed help. So, when it came to the part where I had a card plugged in already, then he told me, "Okay, now take the SCSI CABLE and connect it from the SCSI Backplane to the SCSI RAID controller card..." "OOOOHHHH! So I said, that's what I'm missing. That port that jutted out from the card needs connecting to the MB via another cable!" I thought to myself. So there I was stuck and unmotivated to go further becuase I didn't have any spare SCSI cable on me and I wasn't in the mood to go out and get one right away.
But then I realized something, "Hey, the tape drive is connected with this blue-red-yellowish ribbon, which goes to the SCSI backplane. Could this be another type of SCSI cable?" I asked the technician on the phone. He said, "Yeah. That is one." So I immediately, disconnected the tape drive and plugged it in to the RAID Controller Card. Powered up the machine and PRESTO! Glad I called for help, else I'd be developing white hair as to why the RAID card wasn't working...
Reviving your HD from MBR failure
I've searched high and low. And finally, I found a cure! About 5 days ago, my 40GB Maxtor HD all of a sudden went "Offline". The Partitions were no longer readable. So naturally, I checked the Computer Management console to see what's the problem...
I right-clicked the physical drive to "Reactivate" it to "Online" again, but failed, giving me an error message that its "Unreadable". Worried that I'm gonna lose ALL my digital photos and important documents (I'm lazy at backing up), I dare not do anything, but did extensive research as to what the problem may be.
Everywhere I looked, especially on the Microsoft sites, they kept talking about the bad of Dynamic disks and that once corrupted, there's no turning back. But there was one portion where it mentioned that partition data, if corrupted can cause drives to appear "Offline" or "Unreadable". So I did further research on that.
At the same time, I was trying to do the 'traditional' data recovery process, using SpinRite, which kept saying that my partitions are intact and that the data is there, but my Windows XP can't seem to recognize it, that's all...
Subsequently, I found that whenever it's a partition problem, that means there something wrong with the MBR Table. Its a table where data is stored to keep track of how big, where, what type of data is on the drive. Something like a library card catalogue to point to the precise book on the bookshelves...
So, I frantically looked for a MBR fixer-upper. They say that there is a backup of the MBR Table stored in a hiddne partition of the HD, so I was riding on that in hopes that I'll be able to find a utility to help with that. I've been looking and looking, but all were licensed commericial software, but the demos did achieve in simulating the fix, so I was tempted. These included Arconix, PPTD and DiskPart. But then, out of the blue, I came across a FREE opensource utility by CGSecurity called TESTDISK. And I'm a living testamonial!
I now swear by it! No need to boot to anything, becasue lucky for me it wasn't my boot drive/partition. (Note, that they even have a option to revive such cases as well!) VERY simple easy to use. Reading the guide really quickly, I downloaded the Win version, extracted, run the program and there it was... I saw the "missing" partitions that were supposed to be visible in Windows but now only visible to TestDisk. Then, I needed to confirm that the partitions, which I believe it was reading from the hidden MBR Table backup, were indeed the correct ones. If it was not, I risked losing ALL my data! And what it did next was just PURE MAGIC! It recreated the MBR Table and then asked me to reboot, which I gladly did...
And there it was, Windows XP rebooted, I let chkdsk run for good measure (despite knowing that MANY condemn that the builtin Windows chkdsk is crap and only ruins a HD). I was in Cloud 9 when it finally booted to my beloved desktop and found the partitions are back "ONLINE"! Whooppeee!!
Next thing I know, I was grabbing all my available blank DVDs and backing up everything on that drive before it fails on me again...
So there you go folks! If you ever have a failed drive and you suspect that your partition table or MBR table or whatever you wanna call it is broken/corrupted. I'd recommend using TestDisk. The same people also have a data recovery tool called PhotoRec. Haven't tried it myself, but I'm sure it'll execute as well as it did the TestDisk.
Happy reviving!
I right-clicked the physical drive to "Reactivate" it to "Online" again, but failed, giving me an error message that its "Unreadable". Worried that I'm gonna lose ALL my digital photos and important documents (I'm lazy at backing up), I dare not do anything, but did extensive research as to what the problem may be.
Everywhere I looked, especially on the Microsoft sites, they kept talking about the bad of Dynamic disks and that once corrupted, there's no turning back. But there was one portion where it mentioned that partition data, if corrupted can cause drives to appear "Offline" or "Unreadable". So I did further research on that.
At the same time, I was trying to do the 'traditional' data recovery process, using SpinRite, which kept saying that my partitions are intact and that the data is there, but my Windows XP can't seem to recognize it, that's all...
Subsequently, I found that whenever it's a partition problem, that means there something wrong with the MBR Table. Its a table where data is stored to keep track of how big, where, what type of data is on the drive. Something like a library card catalogue to point to the precise book on the bookshelves...
So, I frantically looked for a MBR fixer-upper. They say that there is a backup of the MBR Table stored in a hiddne partition of the HD, so I was riding on that in hopes that I'll be able to find a utility to help with that. I've been looking and looking, but all were licensed commericial software, but the demos did achieve in simulating the fix, so I was tempted. These included Arconix, PPTD and DiskPart. But then, out of the blue, I came across a FREE opensource utility by CGSecurity called TESTDISK. And I'm a living testamonial!
I now swear by it! No need to boot to anything, becasue lucky for me it wasn't my boot drive/partition. (Note, that they even have a option to revive such cases as well!) VERY simple easy to use. Reading the guide really quickly, I downloaded the Win version, extracted, run the program and there it was... I saw the "missing" partitions that were supposed to be visible in Windows but now only visible to TestDisk. Then, I needed to confirm that the partitions, which I believe it was reading from the hidden MBR Table backup, were indeed the correct ones. If it was not, I risked losing ALL my data! And what it did next was just PURE MAGIC! It recreated the MBR Table and then asked me to reboot, which I gladly did...
And there it was, Windows XP rebooted, I let chkdsk run for good measure (despite knowing that MANY condemn that the builtin Windows chkdsk is crap and only ruins a HD). I was in Cloud 9 when it finally booted to my beloved desktop and found the partitions are back "ONLINE"! Whooppeee!!
Next thing I know, I was grabbing all my available blank DVDs and backing up everything on that drive before it fails on me again...
So there you go folks! If you ever have a failed drive and you suspect that your partition table or MBR table or whatever you wanna call it is broken/corrupted. I'd recommend using TestDisk. The same people also have a data recovery tool called PhotoRec. Haven't tried it myself, but I'm sure it'll execute as well as it did the TestDisk.
Happy reviving!
Wednesday, June 07, 2006
Converting yourself from the Dark Side
Software piracy has been and will always be a hot issue. With more users on the internet and more P2P applications to "spread the wealth", it's not a simple task for the feds or govs to outdo. But what if you are that rare good samaritan and would like to keep yourself 'clean'?
Here's an excellent article from Bit-Tech talking about that. Of course, the Optimize Guide that I mentioned a few posts before also has a few suggestions for free alternatives.
What I'm really excited about is the online revolution of office productivity. Nowadays, GOOGLE is at the forefront. With other independent players with specific solutions for word processor, spreadsheets, calendars, etc. But if you want something free and handy, have a look thru Google's extra features.
Gmail is an excellent mail application of the future. Despite its BETA tag, it's a full-featured email facility with really neat features. Intuitive conversation style sorting, color labeling, spam filtering are among the cool things it has. Once you have an account the initial 2GB keeps on growing! It's like having a dynamic email account that just evolves. Logging on also automatically connects you thru GTalk for other active online Google users.
Now, Google also comes with online calendars and spreadsheets (still experimental), which makes our world even more tighter when it comes to collabration. Now you can simply share your calendar with anyone and check their availability. Online spreadsheets is an excellent way for keeping a common shared DB. Of course, there is a security issue at hand, but hey, if it's just simple info like keeping track of your CD collection and sharing that info with a friend, I don't see any wrong in that.
PCworld had a full-featured article on online tools that we can use as an alternative to local software. In this day and age where internet connectivity is almost a necessity, it's only natural for it to evolve that way. In the future, we may very well be seeing PCs coming with bare minimum OS and everything else is done online thru a secure account. Of course, uptime will be a critical point to deal with at that stage.
Might as well enjoy the free stuff while we still can...
Here's an excellent article from Bit-Tech talking about that. Of course, the Optimize Guide that I mentioned a few posts before also has a few suggestions for free alternatives.
What I'm really excited about is the online revolution of office productivity. Nowadays, GOOGLE is at the forefront. With other independent players with specific solutions for word processor, spreadsheets, calendars, etc. But if you want something free and handy, have a look thru Google's extra features.
Gmail is an excellent mail application of the future. Despite its BETA tag, it's a full-featured email facility with really neat features. Intuitive conversation style sorting, color labeling, spam filtering are among the cool things it has. Once you have an account the initial 2GB keeps on growing! It's like having a dynamic email account that just evolves. Logging on also automatically connects you thru GTalk for other active online Google users.
Now, Google also comes with online calendars and spreadsheets (still experimental), which makes our world even more tighter when it comes to collabration. Now you can simply share your calendar with anyone and check their availability. Online spreadsheets is an excellent way for keeping a common shared DB. Of course, there is a security issue at hand, but hey, if it's just simple info like keeping track of your CD collection and sharing that info with a friend, I don't see any wrong in that.
PCworld had a full-featured article on online tools that we can use as an alternative to local software. In this day and age where internet connectivity is almost a necessity, it's only natural for it to evolve that way. In the future, we may very well be seeing PCs coming with bare minimum OS and everything else is done online thru a secure account. Of course, uptime will be a critical point to deal with at that stage.
Might as well enjoy the free stuff while we still can...
Friday, May 19, 2006
Fake Process Tasks?
How to differentiate the genuine from the fakes? If you were to open Task Manager on a machine which is known to have viruses/trojans/worms, more likely than not you'll find an array of unfamiliar (or familiar) processes that are running on the victim.
A great resource if you have access to internet would be here at LIUtilities. They have an extensive list of tasks that are known to hide in your OS as if genuine processes. Don't get confused! Some are just a matter of a letter difference. For example the legit syshost.exe becomes svshost.exe. If you look closely, the "y" is missing its tail!
Simply go to the page and search for your suspicious process. Then click on the link to see how severe it is. You'll see a security rating, 5 being greatest, and the category of damage it can bring. Of course LIUtilities has a product that could zap it all for you, but being the self-proclaimed geek I am, I prefer to do-it-myself. (WARNING: Only for trained personnel! Or those who don't mind formatting your computer again! Fiddle at your own risk!)
Another excellent free utility to check your running processes would be Process Explorer by SysInternals. This will give you a better understanding of what the process is actually doing, where it's from. Usually, Windows processes are marked from Microsoft. If they look like Windows OS processes without the Microsoft label on it, then its worth taking a further look. Right-click and Google it :)
Happy Zapping!
A great resource if you have access to internet would be here at LIUtilities. They have an extensive list of tasks that are known to hide in your OS as if genuine processes. Don't get confused! Some are just a matter of a letter difference. For example the legit syshost.exe becomes svshost.exe. If you look closely, the "y" is missing its tail!
Simply go to the page and search for your suspicious process. Then click on the link to see how severe it is. You'll see a security rating, 5 being greatest, and the category of damage it can bring. Of course LIUtilities has a product that could zap it all for you, but being the self-proclaimed geek I am, I prefer to do-it-myself. (WARNING: Only for trained personnel! Or those who don't mind formatting your computer again! Fiddle at your own risk!)
Another excellent free utility to check your running processes would be Process Explorer by SysInternals. This will give you a better understanding of what the process is actually doing, where it's from. Usually, Windows processes are marked from Microsoft. If they look like Windows OS processes without the Microsoft label on it, then its worth taking a further look. Right-click and Google it :)
Happy Zapping!
Worried about Speed on uTorrent?
I swear by uTorrent, imho, the BEST bittorent client/manager out there! Lightweight , compact, sexy and delivers! I did have some connection issues in recent weeks. Been trying to figure out the problem, until I found this EXCELLENT post on their forums by "Icedog". If you're having similar problems or don't know what I'm talking about... Go to Control Panel>Administrative Tools>Event Viewer and check under SYSTEM. Sort by "Event" and look for 4226. If you have any (or may I dare say, a bunch) of those, then you could use his advice. Check it out and you'll be amazed with the results :)
Basically it's a security thing that XP SP2 imposed by limiting the open TCPIP connections to your computer. This is indeed a GOOD thing for most common folk, especially those who are susceptible to worm attacks. But for the hardcore internet geek at heart, nothing goes without a tweakin'. So, to get more control, go thru the guide and be impressed with the results!
Happy tweakin'!
Basically it's a security thing that XP SP2 imposed by limiting the open TCPIP connections to your computer. This is indeed a GOOD thing for most common folk, especially those who are susceptible to worm attacks. But for the hardcore internet geek at heart, nothing goes without a tweakin'. So, to get more control, go thru the guide and be impressed with the results!
Happy tweakin'!
Wednesday, May 17, 2006
Which Codec?
Ever been confused and frustrated at not being able to play a video you just downloaded. Usually due to incompatible codec.
Being an avid Anime fan, I have tried dozens of codecs and lived thru the early days of divx, then xvid, now H.264. Not to mention OGM, and many more. Some codecs are just pure simple, but I've found that when you have too many on your system, it either starts conflicting with each other, or just simply sucks up all your CPU's juices...
Never fret! For I believe I have found an absolute charm when it comes to codec packs. Created by a group of fansubbers/encoders, this codec pack shall not disappoint! Try it out!
CCCP or Combined Community Codec Pack
Simply follow the FAQ. I'd HIGHLY recommend to do so. By all means, run that Insurgent, to be rid of all the debris and leftover bad codecs on your system before installing anew.
You'll be a happy camper to find that you're now able to practically play ANY file that you get off the net. (Of course Real Media & Quicktime and other commercial formats are not supported thru this codec. There are other workarounds :)
If you're wondering what players, I'd highly recommend the ZOOM player from InMatrix or the totally Open Source MPC (Media Player Classic).
Being an avid Anime fan, I have tried dozens of codecs and lived thru the early days of divx, then xvid, now H.264. Not to mention OGM, and many more. Some codecs are just pure simple, but I've found that when you have too many on your system, it either starts conflicting with each other, or just simply sucks up all your CPU's juices...
Never fret! For I believe I have found an absolute charm when it comes to codec packs. Created by a group of fansubbers/encoders, this codec pack shall not disappoint! Try it out!
CCCP or Combined Community Codec Pack
Simply follow the FAQ. I'd HIGHLY recommend to do so. By all means, run that Insurgent, to be rid of all the debris and leftover bad codecs on your system before installing anew.
You'll be a happy camper to find that you're now able to practically play ANY file that you get off the net. (Of course Real Media & Quicktime and other commercial formats are not supported thru this codec. There are other workarounds :)
If you're wondering what players, I'd highly recommend the ZOOM player from InMatrix or the totally Open Source MPC (Media Player Classic).
Ultimate XP Security How-to-Guide
An excellent site in my books, this is a MUST bookmark site for all techies dealing with Windows. I just stumbled upon while Googling for a good way to Optimize XP.
Most of what's recommended on Diagnose XP and Secure XP are mainly stuff that I've been practicing personally. I'll be adding my own flavor bit by bit in future posts.
Oh, btw, the site is called: Optimize Guides, created by Andrew K.
For those who are still unsure on how to protect yourself and really secure Windows and really have peace of mind, follow what Andrew has outlined in "Secure XP". Though I'm still iffy on the Microsoft Defender recommendation... I've had problems personally.
And for those looking for a totally FREE antivirus for Home Use Only, do try AVG from Grisoft. You can download it here. (Scroll to the very bottom and choose your OS version)
Enjoy!
Most of what's recommended on Diagnose XP and Secure XP are mainly stuff that I've been practicing personally. I'll be adding my own flavor bit by bit in future posts.
Oh, btw, the site is called: Optimize Guides, created by Andrew K.
For those who are still unsure on how to protect yourself and really secure Windows and really have peace of mind, follow what Andrew has outlined in "Secure XP". Though I'm still iffy on the Microsoft Defender recommendation... I've had problems personally.
And for those looking for a totally FREE antivirus for Home Use Only, do try AVG from Grisoft. You can download it here. (Scroll to the very bottom and choose your OS version)
Enjoy!
Computers, Tech & Gadgets
Hi & Welcome!
I intend to use this on & off to store my reference and resource of everyday troubleshooting activities from work. Hopefully it'll come useful to those out there, be it friends or the general public.
Cheers!
Subscribe to:
Posts (Atom)
