Excessive CPU use on Windows 8.1

I upgraded my work desktop from Windows 7 to Win8 because of the new Hyper-V features. I am a software developer so it is a real asset to have the ability to run multiple virtual machines simultaneously which was not possible with Win7. I was unhappy with the new Win8 “modern” UI, so I upgraded to Win8.1 as soon as it was available. Things seemed OK for a while until I installed the last round of updates from Microsoft on 2013/12/13. My keyboard stopped working after I installed the “Keyboard and Mouse Control Center” (or whatever it was called). I had to log in remotely to uninstall that thing. Then I noticed my CPU usage creeping up unexpectedly. It finally got so bad I was rebooting every few days. I looked at the running processes and tried stopping a few that looked suspicious, but found no real relief. I decided to look into the Event Log. I saw that the System log was absolutely full of the same event.

Log Name: System
Source: Microsoft-Windows-DistributedCOM
Date: 1/13/2014 9:24:44 AM
Event ID: 10016
Level: Error
User: LOCAL SERVICE
Description:
The machine-default permission settings do not grant Local Activation permission
for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user NT AUTHORITY\LOCAL
SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the
application container Unavailable SID (Unavailable). This security permission can
be modified using the Component Services administrative tool.

I found the CLSID in the registry and found that it was assigned to something called “Immersive Shell”. Did some searching and discovered a couple of MS articles. In a nutshell, you need to grant local Administrators ownership and full control of the CLSID key and the AppID key in the registry. Once that is done you can go to the Component Services tool, navigate to the DCOM config for the local computer, and then find the Immersive Shell object. Open its properties and under the Security tab choose to Customize the Launch and Activation Permissions. Click the Edit button, add Local Service and grant it Local Launch. Click OK, close everything and reboot. Voila, the Event Log messages stop.

I gleaned some of the above from this post: Weather Application.

I’m not certain this cured all of the excessive CPU consumption. It is still at around 25% with nothing going on other than typing into this WordPress window. I’ll post a follow up if I discover more Win8.1 CPU-eating culprits.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.