Laptop has become super sluggish - Very high svchost.exe memory consumption

raksrules

raksrules

Level N
My office laptop has become super sluggish recently. There is nothing that i have installed in last few days for this to make it happen. First of all, i can only start using the laptop after almost 10 minutes of booting it, so that the laptop and OS can sort of settle down. I have ensured that all unnecessary programs are removed from startup.

On checking the task manager i see that the two highest memory consuming programs are svchost.exe which takes almost more than 500 MB of mem size and 1.3 GB of VM Size. Other thing is firefox which is kind of expected.

I have no idea why svchost.exe is consuming so much memory. Currently as i am typing this, i just have two windows open, one of firefox and one of iTunes (this is not consuming much).

What troubleshoot techniques i can try out? Since this is office laptop i cannot do a reinstall of OS myself.

Please suggest something.

PS: Operating System is Windows XP Professional.
 
Reformat your Windows drive.. Overtime it fills up with loads of temp files, user data, registry entries that sometimes cannot be removed by any cleaner.. Simply copy over all your my docs to an another drive and reformat/restore windows drive to factory settings..

Sent from my GT-I9100 using Tapatalk
 
St.John said:
Reformat your Windows drive.. Overtime it fills up with loads of temp files, user data, registry entries that sometimes cannot be removed by any cleaner.. Simply copy over all your my docs to an another drive and reformat/restore windows drive to factory settings..

Sent from my GT-I9100 using Tapatalk
Click to expand...

raksrules said:
Since this is office laptop i cannot do a reinstall of OS myself.

Please suggest something.
Click to expand...

at st john , he has already mentioned he cant format himself as this is his office laptop
 
vivek.krishnan said:
Another option you can use if your drive is not encrypted is Kaspersky Boot CD.
Click to expand...

I used that application you mentioned and after it opened, it showed me 100s of lines and i was not able to make much sense out of it. I filtered for svchost.exe but still did not get much details. Can you tell me how am i supposed to interpret the data in the application ?
 
raksrules said:
I used that application you mentioned and after it opened, it showed me 100s of lines and i was not able to make much sense out of it. I filtered for svchost.exe but still did not get much details. Can you tell me how am i supposed to interpret the data in the application ?
Click to expand...

I apologise, you needed process explorer at first! http://download.sysinternals.com/files/ProcessExplorer.zip

With this, first see the location of svchost. Check if it is a legitimate windows application. If its running from the windows/system32 folder, good. Else, its not a genuine one.

Using process monitor you could check and see where and what it writes to.
 
Ok so i tried few things to troubleshoot this issue but it keeps on coming back daily. But i found one weird thing that the svchost.exe caused this high memory consumption only when i used to laptop at my home and not in office. Then i noticed that i used the laptop with LAN cable in office and at home i used wifi. So i tried this, came home today and instead of wifi i used LAN cable at home and to my surprise (and i sort of expected this), the svchost.exe did not take so much memory, in fact it was very less and everything was working absolutely fine.

Now i do not have any explanation of why such a behavior. Anyone knows what might be the reason ??
 
IMO, svchost.exe might seem to take up lots of memory, but check the % of CPU power that it uses. It will usually be negligible, may be less than 10% or so. If this value is more, then it probably is an issue. Otherwise, even though the memory consumed seems more, it usually causes not much of a problem. In that case, you need to check elsewhere.
 
logistopath said:
IMO, svchost.exe might seem to take up lots of memory, but check the % of CPU power that it uses. It will usually be negligible, may be less than 10% or so. If this value is more, then it probably is an issue. Otherwise, even though the memory consumed seems more, it usually causes not much of a problem. In that case, you need to check elsewhere.
Click to expand...

The case when on wifi is that the computer becomes super sluggish even when only two windows are open, firefox and iTunes. The svchost.exe takes Mem Usage to like 500+ MB and Virtual Memory of 1.3 GB. The next high memory consuming process is firefox which is 200 MB and that is expected. The page file also shoots to 2.6+GB (performance tab in task manager). Also the CPU taken by this particular svchost.exe when on wifi is upwards of 30% most of the times.

But at the time of typing this, i am not on wifi but on LAN connection and the highest consuming process is firefox (expected) and the Page file is under 1.5GB. Currently everything is running super fine (*touchwood*) but it is only on wifi this is a problem.
<
 
time to update your driver perhaps (wi fi : check at laptop manufacturer site)? Google your laptap model number with this problem and you may hit some related link.

Is the OS updated?
 
raksrules said:
My office laptop has become super sluggish recently. There is nothing that i have installed in last few days for this to make it happen. First of all, i can only start using the laptop after almost 10 minutes of booting it, so that the laptop and OS can sort of settle down. I have ensured that all unnecessary programs are removed from startup.

On checking the task manager i see that the two highest memory consuming programs are svchost.exe which takes almost more than 500 MB of mem size and 1.3 GB of VM Size. Other thing is firefox which is kind of expected.

I have no idea why svchost.exe is consuming so much memory. Currently as i am typing this, i just have two windows open, one of firefox and one of iTunes (this is not consuming much).

What troubleshoot techniques i can try out? Since this is office laptop i cannot do a reinstall of OS myself.

Please suggest something.

PS: Operating System is Windows XP Professional.
Click to expand...

With me there have been many instance where my PC was infected by a malware or a Virus, resulting in huge svhost.exe. Another case where svhost.exe was taking a lot of memory was due to some driver issue but it would become normal after 5 mins of startup, so you can check it out too.

I'm writing such a huge procedure because the common malwares/virus associated with svhost.exe problems are very difficult to fix, they almost always return back after a successful antivirus/antispyware cleanup. So instead of wasting time on checking with different AV's or other methods use the following sure-shot method.

A sure shot way to test for spyware/infection is to run Malwarebytes. It'll be free for 30 days I guess, use it to clean up your laptop. Next stop run latest version of COMBOFIX, if there is any sort of virus/malware still remaining it'll definitely remove it, keep a widows XP professional CD nearby while using Combofix as it removes the files completely if they cant be fixed so you'll have to reinstall these files again when XP asks for it.

The entire scanning-boot scanning etc... will take ~ 30 mins.

After these 30 mins install latest antivirus on your PC I recommend Avira/Avast/AVG.

Install Spybot S&D and Spyware blaster. Update Spybot S&D and Immunize everything, then turn Spybot S&D off permanently as it's scanning and Teatimer functions are worthless
happy55.gif
.

Now install latest spywareblaster, secure everything with it and turn it off too. Both Spybot S&D and SpywareBlaster are meant to offer you protection.

The above procedure is the best way you can protect your PC for free. If you want to pay invest in NOD-32 AV, Malwrebytes Antispyware and Comodo Firewall(I dont like firewalls, they dont like uTorrent
tongu23e.gif
).
 
Such svchost behavior is usually caused if your pc is infected by any ware or virus. Are you using any updated antivirus? Do scan your system thoroughly. I had similar incidents in past and the culprit was always an unknown service either run by virus or system was infected and at times infected beyond repair.

Try combofix...its best than running any antivirus for the while. Its almost clears 99% infections. Rest disabled/inaccessible stuff needs to be done via registry tweaks.
 
Thanks for all the advice. Few days back i did find one exe starting with computer boot, some smad.exe or something but i disabled it from startup and then deleted that file from its location and also removed its registry entry. That process was known malware (got to know through internet search). As of now that particular process does not run in my laptop.

I cannot do the combofix and such and cannot try different AVs since this is office laptop. May be i will try to connect the laptop to company network through VPN and get the OS and AV updated.
 
[font=helvetica, arial, sans-serif]combofix is a freeware and does not require installation. I highly doubt you'll ever get rid of that problem just [/font][font=helvetica, arial, sans-serif]by [/font][font=helvetica, arial, sans-serif]updating stuff.[/font]
 
Back
Top