I recently had a laptop passed to me to take a look at which was assumed to be too slow to be of any use to anyone. Sure enough – I booted the machine up, logged in and it was running like treacle.
Even clicking on the start menu took minutes to appear – and bringing up task manager was the same. However when task manager appeared – it showed the CPU as running flat out at 100% with a svchost process.
Killing this process suddenly brought the machine to life!
A Virus?
My first thought was that it was a virus, however several scans later showed the machine to be completely clean?
What I also found was that the machine wasn’t able to access the network – most of the network services had stopped (such as DHCP client, computer browser etc).
The Fix
Eventually the problem was tracked down to a corrupt registry entry of all things! Using Microsoft’s procmon application – I could see that the svchost was repeatedly hitting the following key:
HKLM\System\CurrentControlSet\Control\Network\NcQueue
Deleting the keys below this suddenly brought the machine back to life with full network access and no need to kill off svchost after a reboot!