emsaddict
asked on
Svchost holding 99% of CPU for extended period
Upon booting up each time, one of the Svchost processes grabs and holds onto 99% of the processor for approx. 12 minutes, and grows from 3,392K to 18,204K before letting go. It doesn’t seem to share the CPU except around the 6-minute mark, and it only gives up about 40% to another Svchost process for a few seconds. This means I have to sit and wait before starting anything or it takes forever for whatever I try and run to even display. And if I do run a program, and that program tries to access the net, it will freeze for the 12 minutes also. After the approx. 12 minutes I see all kinds of net activity as svchost accesses something, somewhere. Everything runs quick and net access is faultless from that point on.
If I use 'tasklist /svc' to look at the process it lists a huge list for the one of four Svchost "AudioSrv, CryptSvc, Dhcp, dmserver, ERSvc, EventSystem, FastUserSwitchingCompatibi
Looking at the registry key for Svchost.exe groups: HKEY_LOCAL_MACHINE\Softwar
Following one suggestion made in a post with a similar problem I disabled the 'Background Intelligent Transfer' service, without any positive results.
I have looked through a lot of posts with similar type of freezes or hangs, but nothing sounds quite like the situation I have. Anyone have any ideas what is going on?
Thank you in advance for any help.
Cheers!
If I use 'tasklist /svc' to look at the process it lists a huge list for the one of four Svchost "AudioSrv, CryptSvc, Dhcp, dmserver, ERSvc, EventSystem, FastUserSwitchingCompatibi
Looking at the registry key for Svchost.exe groups: HKEY_LOCAL_MACHINE\Softwar
Following one suggestion made in a post with a similar problem I disabled the 'Background Intelligent Transfer' service, without any positive results.
I have looked through a lot of posts with similar type of freezes or hangs, but nothing sounds quite like the situation I have. Anyone have any ideas what is going on?
Thank you in advance for any help.
Cheers!
what kind of machine is it(cpu, ram)?
"net access" means internet or lan?
ever tried to check for spyware or get the latest antivirus?
"net access" means internet or lan?
ever tried to check for spyware or get the latest antivirus?
Greetings!
Further to ramfr's comments above, if you run MSCONFig FROM THE <Start><Run> option, and go to the <Startup> tab, you may see items such as "savenow", datemanager", "precisiontime", "gain", "gator", etc, which are spyware/adware or spybots/adbots.
An EXCELLENT source for SpyBot Search & Destroy (SBSD) ...
http://www.lurkhere.com
<Nice Files>
<SBSD v1.1r4>
Install, then immediately ...
<Online>
<Update> then ...
<Check for Problems> then ...
<Fix Selected Problems>
Red-lettered items will be removed and backed up (you don't want these).
Blue-lettered items are merely usage tracks (you'll want to keep these).
One other link that will help explain the 5 categories of spyware ...
http://www.consumerwebwatch.org/news/articles/spyware_categories.htm
Hope all of this helps!
Ted, the Modem Mixer
Further to ramfr's comments above, if you run MSCONFig FROM THE <Start><Run> option, and go to the <Startup> tab, you may see items such as "savenow", datemanager", "precisiontime", "gain", "gator", etc, which are spyware/adware or spybots/adbots.
An EXCELLENT source for SpyBot Search & Destroy (SBSD) ...
http://www.lurkhere.com
<Nice Files>
<SBSD v1.1r4>
Install, then immediately ...
<Online>
<Update> then ...
<Check for Problems> then ...
<Fix Selected Problems>
Red-lettered items will be removed and backed up (you don't want these).
Blue-lettered items are merely usage tracks (you'll want to keep these).
One other link that will help explain the 5 categories of spyware ...
http://www.consumerwebwatch.org/news/articles/spyware_categories.htm
Hope all of this helps!
Ted, the Modem Mixer
ASKER
Sorry, forgot the details.
P3 933
384 megs ram
Win XP Pro SP1
Norton Systemworks
ZoneAlarm Pro
ADSL internet access
45gig HD
-I defragged a week ago, no difference.
-I ran Spybot, nothing found.
-I scanned with Norton Antivirus, nothing found, but as a side note, it wont update any further then Jan 31, there are pending updates that keep failing. I believe this to be a problem with my configuration and not virus activity.
-Both remote options are checked, although I would never use this and would like to shut them off.
If there are any more details that I have forgotten, don't hesitate to ask and I'll attempt to answer promptly.
Cheers!
P3 933
384 megs ram
Win XP Pro SP1
Norton Systemworks
ZoneAlarm Pro
ADSL internet access
45gig HD
-I defragged a week ago, no difference.
-I ran Spybot, nothing found.
-I scanned with Norton Antivirus, nothing found, but as a side note, it wont update any further then Jan 31, there are pending updates that keep failing. I believe this to be a problem with my configuration and not virus activity.
-Both remote options are checked, although I would never use this and would like to shut them off.
If there are any more details that I have forgotten, don't hesitate to ask and I'll attempt to answer promptly.
Cheers!
ASKER
Well, it would seem both of my problems are now fixed.
Norton wouldn't update because I found a second 'Hosts' file after upgrading to XP. The original remained where it was with Win98 in "C:\WINDOWS\". But after upgrading apparently a second copy was made and placed in "C:\WINDOWS\SYSTEM32\DRIVE
As for the Svchost process hogging the CPU, I tried a tip I found at www.smartin-designs.com Click 'Downloads' and look for the blue "Notice for Win2k/WinXP users experiencing slow downs using a large hosts file". After following the directions and disabling the 'DNS Client' service, I no longer have the long wait and the CPU is down like it should be right away after loading everything that is set to be loaded.
Thank you for your comments Scole2, ramfr, and Tedsky. Although I had done a search for spyware prior to posting, it never hurts checking again. You never know what those "Scum of the Earth" will create to sneak in on your system.
I hope the fixes I found for my problems will help someone else out there.
Cheers!
Norton wouldn't update because I found a second 'Hosts' file after upgrading to XP. The original remained where it was with Win98 in "C:\WINDOWS\". But after upgrading apparently a second copy was made and placed in "C:\WINDOWS\SYSTEM32\DRIVE
As for the Svchost process hogging the CPU, I tried a tip I found at www.smartin-designs.com Click 'Downloads' and look for the blue "Notice for Win2k/WinXP users experiencing slow downs using a large hosts file". After following the directions and disabling the 'DNS Client' service, I no longer have the long wait and the CPU is down like it should be right away after loading everything that is set to be loaded.
Thank you for your comments Scole2, ramfr, and Tedsky. Although I had done a search for spyware prior to posting, it never hurts checking again. You never know what those "Scum of the Earth" will create to sneak in on your system.
I hope the fixes I found for my problems will help someone else out there.
Cheers!
emsaddict asked to have this question closed. If therew are no objections I will
PAQ and refund the points
after 72 hours (and after email notifications are back).
** Mindphaser - Community Support Moderator **
PAQ and refund the points
after 72 hours (and after email notifications are back).
** Mindphaser - Community Support Moderator **
No problem here!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
One issue I have heard about has the following
possible Workaround: Enable Allow remote desktop connection (Right click MyComputer->Properties->Re
Else ther is a way to change the registry enties so each of the services runs in a separate svchost.
Could then see which it was, and even try killing it ...
But can't find the details at present