none
Diagnostic Policy Service - high CPU RRS feed

  • Question

  •  Diagnostic Policy Service - high CPU

     HP laptop problem

    In the last few days, this laptop started having poor performance, with Task manager showing Diagnostic Policy Service taking up to 30% or more of CPU.

    HP Spectre x360 - 13-4197dx (ENERGY STAR)

     

     

    In the last few days it started having poor performance, with Task manager showing Diagnostic Policy Service taking up to 30% or more of CPU.

             

    Did upgrade of BIOS, no improvement.

    Downloaded all current windows upgrades – no fix.

    I created a new (admin) user, same problem.

    I ran all of the diagnostics in the HP Support Assistant, all passed – no effect.

    I ran "sfc /scannow." and "Dism /Online /Cleanup-Image /RestoreHealth" – no effect.

    There is an online thread on this in the HP forums, which does not seem to show any fix.

          https://h30434.www3.hp.com/t5/Notebook-Operating-System-and-Recovery/Continually-high-CPU-usage-due-to-service-host-diagnostic/td-p/6209980

     The HP support is abysmal – it took several minutes for him to echo back “so this is your computer system?”, and then the only suggestion was a factory reset.


    Guthrie


    • Edited by Guthrie Saturday, April 7, 2018 5:57 PM
    Saturday, April 7, 2018 5:53 PM

Answers

  • "I could not stop the service": you should be able to kill the svchost process hosting the service via task manager

    "A bad page link (error -338) has been detected in a B-Tree (ObjectId: 31, PgnoRoot: 7633) of database C:\WINDOWS\system32\SRU\SRUDB.dat"
    so as I expected, a problem with the file, deleting it should help.

    • Marked as answer by Guthrie Tuesday, April 10, 2018 4:29 PM
    Sunday, April 8, 2018 8:58 PM

All replies

  • you could take a performance trace at the time this happens, and upload it, as describe in this wiki.

    Saturday, April 7, 2018 7:11 PM
  • Here:  https://login.filesanywhere.com/fs/v.aspx?v=8b726b87606372b2729f

    Guthrie

    Saturday, April 7, 2018 8:29 PM
  • did you not read what I linked?
    Be sure to upload the file that ends in "ETL" not the smaller folders that end in PDB!!!
    Saturday, April 7, 2018 10:04 PM
  • Oops, sorry I saw the folder with the *etl.. name, and uploaded it.

    Now I see the other file (with the extension not shown..., but is the .etl file), here:

    You can also copy this link to your web browser: https://login.filesanywhere.com/FS/v.aspx?v=8b726b8760667177af6e


    Guthrie

    Sunday, April 8, 2018 12:20 AM
  • seems it is constantly updating its database.
    perhaps you can see errors in event log from source ESENT?

    You can:
    stop the "Diagnostic Policy Service"
    delete the file "C:\Windows\System32\sru\SRUDB.dat" (on my system, the size of this file is 32MB)
    restart the service.
    Sunday, April 8, 2018 9:18 AM
  • the file "C:\Windows\System32\sru\SRUDB.dat"

    is about 61MB on my system, but doesn’t show any updates in the last ~22 hours.

     I could not seem to stop the service, the stop request timed out, and it’s status is now just “stopping”. Because of that, I could not delete the SRUDB.dat file.

     Not sure where/how to find all of the ESENT events, but under administrative events, tons of these, looks like one about every minute or so, from various sources { General, …}, but almost all from “Database corruption”.

     Here is one:

    Log Name:      Application

    Source:        ESENT

    Date:          3/29/2018 6:25:00 AM

    Event ID:      447

    Task Category: Database Corruption

    Level:         Error

    Keywords:      Classic

    User:          N/A

    Computer:      grglap

    Description:

    svchost (4204,D,21) SRUJet: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 31, PgnoRoot: 7633) of database C:\WINDOWS\system32\SRU\SRUDB.dat (2400 => 12609, 31).

    Event Xml:

    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

      <System>

        <Provider Name="ESENT" />

        <EventID Qualifiers="0">447</EventID>

        <Level>2</Level>

        <Task>12</Task>

        <Keywords>0x80000000000000</Keywords>

        <TimeCreated SystemTime="2018-03-29T11:25:00.023206500Z" />

        <EventRecordID>47780</EventRecordID>

       <Channel>Application</Channel>

        <Computer>grglap</Computer>

        <Security />

      </System>

      <EventData>

        <Data>svchost</Data>

        <Data>4204,D,21</Data>

        <Data>SRUJet: </Data>

        <Data>-338</Data>

        <Data>31</Data>

       <Data>7633</Data>

        <Data>C:\WINDOWS\system32\SRU\SRUDB.dat</Data>

        <Data>2400</Data>

        <Data>12609</Data>

        <Data>31</Data>

      </EventData>

    </Event>

     But here is one from General:

     Log Name:      Application

    Source:        ESENT

    Date:          4/4/2018 4:34:49 PM

    Event ID:      522

    Task Category: General

    Level:         Error

    Keywords:      Classic

    User:          N/A

    Computer:      grglap

    Description:

    ShellExperienceHost (1940,P,0) TILEREPOSITORYS-1-5-21-2554618691-1091664963-2105190305-1006: An attempt to open the device with name "\\.\C:" containing "C:\" failed with system error 5 (0x00000005): "Access is denied. ". The operation will fail with error -1032 (0xfffffbf8).

    Event Xml:

    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

      <System>

        <Provider Name="ESENT" />

        <EventID Qualifiers="0">522</EventID>

        <Level>2</Level>

        <Task>1</Task>

        <Keywords>0x80000000000000</Keywords>

        <TimeCreated SystemTime="2018-04-04T21:34:49.006341300Z" />

        <EventRecordID>50404</EventRecordID>

        <Channel>Application</Channel>

        <Computer>grglap</Computer>

        <Security />

      </System>

      <EventData>

        <Data>ShellExperienceHost</Data>

        <Data>1940,P,0</Data>

        <Data>TILEREPOSITORYS-1-5-21-2554618691-1091664963-2105190305-1006: </Data>

        <Data>\\.\C:</Data>

        <Data>C:\</Data>

        <Data>-1032 (0xfffffbf8)</Data>

        <Data>5 (0x00000005)</Data>

        <Data>Access is denied. </Data>

      </EventData>

    </Event>



    Guthrie

    Sunday, April 8, 2018 6:20 PM
  • "I could not stop the service": you should be able to kill the svchost process hosting the service via task manager

    "A bad page link (error -338) has been detected in a B-Tree (ObjectId: 31, PgnoRoot: 7633) of database C:\WINDOWS\system32\SRU\SRUDB.dat"
    so as I expected, a problem with the file, deleting it should help.

    • Marked as answer by Guthrie Tuesday, April 10, 2018 4:29 PM
    Sunday, April 8, 2018 8:58 PM
  • Thanks for the info & response.

    Trying to stop the process fails. I found the Services host for it in Task Manager, and trying to kill that process - it gives a warning, but going ahead, it seems to just keep running (or immediately restarts?).




    • Edited by Guthrie Sunday, April 8, 2018 10:29 PM
    Sunday, April 8, 2018 10:21 PM
  • Then you could try to set the service to disabled before killing the process.
    Monday, April 9, 2018 5:06 AM
  • I booted to recovery options, and advanced, command prompt - and could delete it from there. Seems to have fixed it - will monitor things for today.

    Many thanks, good job!


    Guthrie

    Tuesday, April 10, 2018 4:29 PM
  • i can end this process but I cannot delete SRUDB.dat. also after ending in task manager disk use goes down but cpu use goes up
    Friday, May 4, 2018 10:43 PM
  • Open the HP website > support > software and drivers > enter the computer's product or serial number > select the operating system > view drivers > post a URL or hyperlink into the thread

    To evaluate the computer environment please post logs for troubleshooting.

    Using administrative command prompt copy and paste this whole command:

    Make sure the default language is English so that the logs can be scanned and read.

    https://www.tenforums.com/tutorials/3813-language-add-remove-change-windows-10-a.html

    The command will automatically collect the computer files and place them on the desktop.

    Then use one drive or drop box to place share links into the thread for troubleshooting.

    https://support.office.com/en-us/article/Share-OneDrive-files-and-folders-9fcc2f7d-de0c-4cec-93b0-a82024800c07

    This command will automatically collect these files:  msinfo32, mini dumps, drivers, hosts, install, uninstall, services, startup, event viewer files, etc.

    Open administrative command prompt and copy and paste the whole command:

    copy %SystemRoot%\minidump\*.dmp "%USERPROFILE%\Desktop\"&dxdiag /t %Temp%\dxdiag.txt&copy %Temp%\dxdiag.txt "%USERPROFILE%\Desktop\SFdebugFiles\"&type %SystemRoot%\System32\drivers\etc\hosts >> "%USERPROFILE%\Desktop\hosts.txt"&systeminfo > "%USERPROFILE%\Desktop\systeminfo.txt"&driverquery /v > "%USERPROFILE%\Desktop\drivers.txt" &msinfo32 /nfo "%USERPROFILE%\Desktop\msinfo32.nfo"&wevtutil qe System /f:text > "%USERPROFILE%\Desktop\eventlog.txt"&reg export HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall "%USERPROFILE%\Desktop\uninstall.txt"&reg export "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components" "%USERPROFILE%\Desktop\installed.txt"&net start > "%USERPROFILE%\Desktop\services.txt"&REM wmic startup list full /format:htable >"%USERPROFILE%\Desktop\startup.html"&wmic STARTUP GET Caption, Command, User >"%USERPROFILE%\Desktop\startup.txt"

    There is 1 file for you to find manually:   In the left lower corner search type:  dxdiag > When the DirectX Diagnostic Tool opens click on the next page button so that each tab is opened > click on save all information > save to desktop > post one drive or drop box share link into the thread

    .

    .

    .

    Please remember to mark the replies as answers if they help.

    .

    .

    .

    Friday, May 4, 2018 11:01 PM
  • Your SRUDB.dat is only 65 MB? 

    I am experiencing the same problem with diagnostic policy service running constantly at about 35% of the CPU and the sru folder...

    I looked at the Windows\System32\sru folder and found that there are now over 27000 files (SRU...log files) and rapidly growing; it's now at SRU00444042.log. 

    The SRUDB.dat file is now 25 Gigabytes in size (and also growing). Yes, I really did mean GIGABYTES! :(

    I'm going to follow the rest of these steps and hopefully this will be successful. 

    Thanks to everyone who documented this issue and to those who helped with suggestions.
    Thursday, May 24, 2018 7:33 PM
  • I am experiencing the same problem with diagnostic policy service running constantly at about 35% of the CPU and the sru folder...

    I looked at the Windows\System32\sru folder and found that there are now over 27000 files (SRU...log files) and rapidly growing; it's now at SRU00444042.log. 

    The SRUDB.dat file is now 25 Gigabytes in size (and also growing). Yes, I really did mean GIGABYTES! :(

    I'm going to follow the rest of these steps and hopefully this will be successful. 

    Thanks to everyone who documented this issue and to those who helped with suggestions.

    Hardware: Asus motherboard (so, this is not exclusively an HP related problem)
    OS: Windows 10 Pro

    • Proposed as answer by JP White Friday, June 15, 2018 12:57 PM
    • Unproposed as answer by JP White Friday, June 15, 2018 12:57 PM
    Thursday, May 24, 2018 7:51 PM
  • I had the same issue on my MS Surface 3. It happened twice.

    The first time was a couple of months ago. The only apps on that device is O365 and MS Store apps, so I ended up resetting it. That worked, but was a "let it run all night" affair. 

    It occurred again last night, which coincidentally was right after the latest Windows update was installed. This time, based on this thread, I selected and deleted 11,000+ SRU log files in the SRU directory. That was a 5 to 10 minute affair. CPU usage and performance returned to normal. I did not touch the .dat file, but it had reduced in size.

    Does anyone have an idea what causes the Diagnostic Policy to fail?

    Jim

    Friday, June 15, 2018 1:10 PM
  • Hello, i finally found the solution for the problem! The dps service constantly creates log files in folder "C:\Windows\system32\sru" every second. This leads to high disk usage and the folder becomes very large, multiple Gigabytes of data. Force stopping the service and then deleting this folder fixes the problem. The folder is not created anymore when you start the service. You must stop the service before deleting the folder.

    I made a batch file which stoppes the service and prompts the user to delete the folder. Then the service is startet again. Just create a text file and insert following code. Then save as .bat file. You need to start the bat as admin though.

    @echo off
    echo ... Set DPS service start type to manual ...
    echo.
    sc config DPS start= demand
    
    echo.
    echo ... Find PID of DPS service ...
    
    for /f "tokens=2 delims=[:]" %%f in ('sc queryex dps ^|find /i "PID"') do set PID=%%f
    
    echo.
    echo ... Kill DPS service
    echo.
    
    taskkill /f /pid %PID%
    
    
    echo.
    echo ... Delete sru Folder ...
    echo.
    
    rd /s "%windir%\system32\sru"
    
    echo.
    echo ... Set DPS service start type to auto ...
    echo.
    sc config DPS start= auto
    
    echo.
    echo ... Start DPS service ...
    
    sc start DPS
    echo.
    
    pause

    • Proposed as answer by Mike Gresley Wednesday, January 2, 2019 5:31 PM
    Monday, June 25, 2018 10:52 AM
  • In my case SRUDB.dat was 25GB and the folder contained more than 8000 64KB log files.

    Tuesday, August 21, 2018 10:36 AM
  • Is your system also from HP?

    Maybe one of the log files contains info on what is the problem.

    Tuesday, August 21, 2018 2:13 PM
  • Hi Guthrie,

    I had the same exact problem. As a precaution, I always

    create a restore points when I'm Installing something on

    my Win 10 Desktop. So when I looked at my restore points,

    I Noticed the problem happened just before I installed the

    latest version of a Java update. So what I did was simply

    was  to go Java website and manually reinstalled Java from

    there. I did not remove Java I just reinstalled over it.

    Hope This helps

    Drew.

    Sunday, November 11, 2018 5:35 PM
  • Hey, I just wanted to post a quick reply here...just stumbled onto the DPS service being the problem for my slow work laptop today, and after a quick bing search was led to this page.

    I could have fixed this manually, but this batch file saved me time and will allow me to keep it handy for other PCs that may be experiencing the same issue. Thanks for posting this -- it solved the issue quickly and easily in my case!


    Mike Gresley

    Wednesday, January 2, 2019 5:33 PM
  • Can confirm by force-closing the process running the service for diagnostic policy service, then deleting SRUDB.dat (which was 19.5G in size in my case) has fixed the problem.  This service now runs again but with significantly lower CPU usage (near on idle) so this has fixed the issue in my case.


    • Edited by PtDaFool Sunday, January 20, 2019 3:13 PM
    • Proposed as answer by PtDaFool Sunday, January 20, 2019 3:16 PM
    Sunday, January 20, 2019 3:05 PM