svchost.exe utilising over 1,000,000K of Memory!

[Something101]

Hello,

 

Throughout the past month I have noticed in the task manager on that one of the "svchost.exe" is using over 1,000,000K of memory constantly. When I shut down the process a few seconds/minutes later it will reappear in the task manager. I have formatted the hard drive multiple times and the only programs I have redownloaded since was steam, razer cortex and malwarebytes Anti-Rootkit. I am worried that this is potentially malware of some sorts and any help would be appreciated. (I am using a laptop which runs Windows 7).

 

Thanks.

 

[Firefox]

Hello and welcome!

We would need more info on the system....

Please read the following and in your next reply ATTACH the 3 requested logs - Diagnostic Logs

(the three files should be CheckResults.txt, FRST.txt and Addition.txt)

Also you mentioned that you have formatted several times and the issue persists. After you formatted, have you ran all windows updates and installed them? I have seen this happen many of times due to the svchost.exe process checking for updates. You may have to wait it out until all updates are installed.

Thank You,

Firefox

[Something101]

Hello and thanks for the swift reply,

 

I've just stopped the "windows update" process on the task manager on the "services" tab and its set the memory usage to around 200,000K. Would you recommend that I download/install all the security updates for windows and then set it so that it doesn't check for windows updates again? I've also done a full MalwareBytes scan on everything and it's told me that no malware was to be found

 

Thank You

[gonzo]

I was going to suggest doing what you are suggesting.  One of my machines (Windows 7) was not getting updates until I figured out all that was needed to block involuntary Windows 10 suffocation.  Limit your updates to high priority updates unless you want to become a master of blocking Windows 10 from invading your world.  I don't think the problem is the update itself, its likely how long you go between updates.

[Firefox]

I recommend that you install all windows security updates. Once you get those installed the svchost.exe process will stabilize.

When it starts looking for updates again the svchost.exe process will once again spike because I has to poll the computer to see what updates are required. Once they are all installed, make sure to check for updates once a month to make sure you continue to get updates on a monthly basis.

If you want to speed up the process, follow the steps below provided by one of our forum regulars .David H. Lipman... For sure do part 1 and 2
 
 

Sure...
 
There are two definite parts and possibly a third.  I state "possibly a third" because I haven't sufficiently tested systems with and without to come to a definitive conclusion.
 
Part 1
---------
 
Go to;  https://www.microsoft.com/en-us/download
In the search field enter;  download IE 11
 
Find under Support:  Download Internet Explorer 11 for Windows 7...

• If it is a 32bit OS, download the 32bit Internet Explorer 11 installer
• If it is a 64bit OS, download the 64bit Internet Explorer 11 installer

** If you work with Windows 7 regularly, I suggest downloading both and renaming each EXE file accordingly and keeping them "handy".
 
When you run the Installer, it will also download all associated Internet Explorer 11 updates to-date.  Allow that to happen.
 
After Installation, allow the reboot.
 
 
Part 2
---------
 
Download patch KB3102810
https://support.microsoft.com/en-us/kb/3102810
 
Description:

• If it is a 32bit OS; choose:  "All supported x86-based versions of Windows 7"
• If it is a 64bit OS; choose:  "All supported x64-based versions of Windows 7"

** If you work with Windows 7 regularly, I suggest renaming the Microsoft Update files ( .MSU ) accordingly and keeping them "handy".
 
 
After Installation, allow the reboot.
 
Part 3
----------
 
I haven't sufficiently tested the need for the following so I can not definitively state it is needed - yet.
However, this is what I presently do.
 
NOTE 1:  I personally use a KiXtart script ( attached in the below ZIP file ) to automate the below process.  However I have enumerated what is done.  It does require "full" Administrative Rights.  From the below one can use the KiXtart script ( if you are used to using KiXtart like Ron and I are ), create a BAT/CMD batch file or you can create a VBS Script.
 
NOTE 2:  I actually use the KiXtart script when I encounter various Windows Updates failures in general.
 
NOTE 3:  The below process makes Windows Update "forget" what has already been installed as well as any updates that have been "hidden".
 
Fix Windows Updates.ZIP
 
net stop wuauserv
net stop bits
net stop cryptsvc
 

CD  %systemroot%\SoftwareDistribution

REName  %systemroot%\SoftwareDistribution\download   %systemroot%\SoftwareDistribution\download.OLD

REName  %systemroot%\SoftwareDistribution\datastore   %systemroot%\SoftwareDistribution\datastore.OLD

CD  %systemroot%\system32

REName   %systemroot%\system32\catroot2  %systemroot%\system32\catroot2.OLD

 
OR
 

CD  %systemroot%\SoftwareDistribution

DELete  %systemroot%\SoftwareDistribution\download

DELete  %systemroot%\SoftwareDistribution\datastore

CD  %systemroot%\system32

DELete   %systemroot%\system32\catroot2

 
 
net start cryptsvc
net start bits
net start wuauserv
 
%SystemRoot%\system32\wuauclt.exe  /detectnow
 
Wait 7 ~ 10 seconds
 
%SystemRoot%\system32\wuapp.exe
 
 
-------------------------------------------------------------------------
 
SUMMATION:
Here is the logic to the above process.  It is based upon past experiences with Windows XP.  It too had very long wait times for downloads and Windows 10 did not even exist then.  It is my belief that Microsoft prioritizes updates.  The latest OS has the highest priority and the Oldest OS will have the lowest priority.
 
Installing the latest Internet Explorer available to the OS does two things.

• Many subsequent OS constructs have dependency upon IE and what IE depends on.  By installing the last version of IE that is available to the OS those dependencies will be satiated.
• Installing IE 11 forces not only its installation of IE11 but post IE11 updates. This limits the update process to only those required for this narrowed process.  This means that this part of the process actually goes quickly.

Now when you actually go for all the rest of the Post Service Pack 1 Windows Updates the number of total updates is actually decreased substantially
 
By using the above script or the outlined processes the OS believes no Windows Updates have been installed and starts from scratch.  However, many dependencies will have already have been installed into the OS anbd the final search for Windows Updates will be made quicker by the IE11 process and the KB3102810 patch.
 
Final Note:    If the Win10 information ( GWX Control Panel and REG file) and the Windows 7 Updates is worth it, we can always request they be be placed in a new topic separated from MT16's thread but point to the separated topic.

 

[David H. Lipman]

Thank you Firefox for posting that.
 
There was some text lost in in the above quote concerning the Windows 7 HotFix  KB3102810  and that is the description for the HotFix and why it is relevant.
 

Installing and searching for updates is slow and high CPU usage occurs in Windows 7 and Windows Server 2008 R2

[Firefox]

Your welcome David....