Consistent high CPU usage / svchost.exe Diagnostic Policy Service

  1.    19 Apr 2018 #1

    Consistent high CPU usage / svchost.exe Diagnostic Policy Service


    Hello,

    For a few days now my office desktop has been pretty much running non-stop a svchost.exe process which is linked to Diagnostic Policy Service and seems to consume approximately 25-30% of my CPU max speed.

    While the PC isn't doing much CPU-wise, this process forces the CPU to run at max speed at all times and the fan to become loud as well.

    I ran sfc and dism and nothing came back as erroneous. Event logs aren't flooded with any mysterious messages.

    This service seems to store a ton of logs at C:\Windows\System32\sru as well, many thousands of them in the last few days.

    Any ideas on what might have caused this? Thanks!
      My ComputerSystem Spec

  2. Borg 386's Avatar
    Posts : 22,690
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition
       19 Apr 2018 #2

    Couldn't say what's causing it, but there's a couple good tools you can use to do some investigating. They're also free :)

    Process Explorer - Windows Sysinternals | Microsoft Docs

    Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded.

    The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.

    The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.
    Also, you can have VirusTotal check the processes running to see if anything is suspicious or infected.

    To do this, launch the program, click on Options / VirusTotal.com / check the space next to VirusTotal.com. Agree to the terms & the results will show up in the VirusTotal column

    Process Monitor - Windows Sysinternals | Microsoft Docs

    Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.
    Hope this helps you out.
      My ComputerSystem Spec

  3.    19 Apr 2018 #3

    For reference, I deleted the srudb.dat file in /system32/sru and the problem went away. It had become a 16GB file for some reason...seems alright now.
      My ComputerSystem Spec

  4.    19 Apr 2018 #4

    Normal/typical size is more like 90-100 MB (just check 3 of my PCs and all were in the 97 MB ballpark). You'll be pleased to read that the typical solution to this kind of problem is indeed to delete that file. When it starts growing uncontrollably, seems most likely to be caused by file damage or corruption. Once deleted, it will re-create itself anyway. See this other TF thread for more discussion: Anyone else have this SRUDB.dat error all the time? - Windows 10 Forums.
    HTH,
    --Ed--
      My ComputersSystem Spec

  5.    25 Jun 2018 #5

    Hello, i finally found the solution for the problem! The dps service constantly creates log files in folder "C:\Windows\system32\sru" every second. This leads to high disk usage and the folder becomes very large, multiple Gigabytes of data. Force stopping the service and then deleting this folder fixes the problem. The folder is not created anymore when you start the service. You must stop the service before deleting the folder.

    I made a batch file which stoppes the service and prompts the user to delete the folder. Then the service is startet again. Just create a text file and insert following code. Then save as .bat file. You need to start the bat as admin though.

    Use attached bat or make own bat with code below

    Code:
    @echo off
    echo ... Set DPS service start type to manual ...
    echo.
    sc config DPS start= demand
    
    echo.
    echo ... Find PID of DPS service ...
    
    for /f "tokens=2 delims=[:]" %%f in ('sc queryex dps ^|find /i "PID"') do set PID=%%f
    
    echo.
    echo ... Kill DPS service
    echo.
    
    taskkill /f /pid %PID%
    
    
    echo.
    echo ... Delete sru Folder ...
    echo.
    
    rd /s "%windir%\system32\sru"
    
    echo.
    echo ... Set DPS service start type to auto ...
    echo.
    sc config DPS start= auto
    
    echo.
    echo ... Start DPS service ...
    
    sc start DPS
    echo.
    
    pause
    fixDPSservice.zip
      My ComputerSystem Spec

  6.    11 Nov 2018 #6

    I fixed my problem another way, apparently somehow a rootkit was causing the problem? It started out as a problem with all regular google sites, ads and services not being able to be displayed on my browser. I searched the web for answers and found that someone else had the exact same problem and used a combination of Rkill and TDSKill executable programs to stop malware processes and remove rootkits.I never thought of this before because i had no idea what a rootkit was. After rebooting google worked fine and i found that the particular service host.exe file that had been causing me so much trouble was gone and not running, also my computer runs smoother than ever!
      My ComputerSystem Spec

  7.    2 Days Ago #7

    Settings/Privacy/General (change privacy options/ turn All OFF
    Settings/Privacy/Windows Permissions/ turn All OFF
    Settings/Privacy/App Permissions/ turn All OFF
    Restart your PC
      My ComputerSystem Spec


 

Related Threads
Diagnostic Policy Service - high CPU in Performance & Maintenance
HP laptop problem In the last few days, this laptop started having poor performance, with Task manager showing Diagnostic Policy Service taking up to 30% or more of CPU. HP Spectre x360 - 13-4197dx (ENERGY STAR) 183868 In the last few days...
Hello Guys, I'm using Windows 10 Home Single Language 64-bit. After the latest Windows update in Feb 2018, I've been experiencing consistent CPU Usage (13-14%) by a Windows Process (Service Host: Diagnostic Policy Service). I can't figure out...
Hi guys,I just can't figure out why is this module using my CPU continuously (10%-15% usage).I've attached a screenshot and the ETL file for you to analyze this.You can download the ETL file from here. (Google Drive link)My PC specs:OS: Windows 10...
This is my first post in TenForums, I'll try not to screw up. And I am not a computer tech. Windows 10 Pro Version 10.0.14393 Build 14393 Dell Optiplex 380 I am trying to network my computers, of which I have too many! LOL These are...
Disabling Diagnostic Policy Service in Performance & Maintenance
I just disabled the Diagnostic Policy Service, Diagnostic Service Host, and the Diagnostic System Host. Is there any adverse actions that this may cause? So far I have not noticed any. Once I get my Windows Settings the way I like, they...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 10:39.
Find Us