svchost.exe process using a lot of memory...

Windows Update is a major problem if you don't have the latest Windows Update Client/Agent installed.

I've had a network of 20 Win7 computers slow down to a crawl until I found the problem.

The latest Windows Update Client for Windows 7 is available here:
https://support.microsoft.com/en-us/kb/3065987

I've no idea what the latest for Vista is.

HTH,
Dan

Thanks guys/// I've run malwarebytes, Eset Online Scanner, RogueKiller, and panda online scanner... and each one found a few things and cleared them out. Dave and Dan - I think you might be on to something as I haven't did any Windows Uodates in a while. I launched that a few hours ago and it is suspiciously *still* saying:

"Downloading updates
Downloading 30 updates (0 KB total, 0% complete)"

I don't know if that's going to kick in anytime soon, or maybe like Dan suggested, my Windows Update client needs fixing...

Thanks
   Shawn

Set Updates to Never. Turn the machine OFF. Start up, Set Updates to Automatic and they will start running. Leave overnight and there is a 95% or better success rate that they will be done in the morning.

Thanks John, I am doing this right now. It's been sitting on "Checking for updates" for the last 15 minutes.... will let it go for a while and see what happens.

Thanks
   Shawn

As I said Shawn... last week it took 24 Hours for my Vista laptop to finish "Checking for updates" and install them.  When I fired it up again yesterday, it took 15 minutes for it to settle down and act 'normally'.  During that time 'svchost' went to almost 1.5 GB of RAM usage a couple of times.  It ended up at less than 200KB after 15 minutes.

OK guys, I think I'm making progress. It found and ran all the pending updates (almost 30)... I gave it a day to settle down and sort itself out after that. Now the svchost.exe task is taking only 90 megs - a very good improvement.

Dan Craciun - do you think there is still a need for me to install a whole new Windows Update Client for Vista?


David Johnson - I am going to download and install "sysinternals procmon" and investigate what you recommended.

Thanks!
    Shawn

Since yesterday was 'Update Tuesday', my Vista laptop is sitting there for the last 6 hours waiting for updates to magically appear.

On Windows 7 the new update client makes all the difference.
No more 3GB RAM used by svchost, no more 100% CPU usage for hours.

I'm up to 12 hours now with my Vista laptop.  Only 50% CPU though abut 75% memory last time I checked.

Instead of accepting the fact that Microsoft is allowed to make your machines unusable for days every month, you could disable Automatic updates and use WSUS Offline or similar to keep your machines patched.

Hmm, I guess I spoke too soon... svchost.exe is back up now to almost 600 megs, sheesh. Maybe I will have to seek out the latest version of the update client for Windows Vista...

Shawn

According to this page:

https://support.microsoft.com/en-ca/kb/949104

it would seem I've already got the latest version:  7.6.7600.256, dated 02/06/2012

Shawn

Do you need to save Vista (<1% market share)?  Is it time to move to something more modern?

Thanks John... I'm really not keen to overhaul the Vista OS to something else. It's not that I'm so attached to Vista, it's just that I don't need the extra ordeal right now in trying to upgrade that desktop to something newer. It's a computer that I don't use all that often, so it's not especially crucial or pressing... and I've never really had a problem with Vista.

Thanks
   Shawn

So don't use Automatic Updates anymore. Is there any policy in place that forbids you to use an offline updater?

Sorry for the long absence guys, I was sidetracked by something. I'm still having the same problem - a svchost.exe process using about 500 megs and 50% CPU when my Vista machine is running nothing else and basically just idle. David Johnson, I ran Process Explorer and I've attached the screenshot. The svchost.exe in question shows several processes - is there a way to hone in on which particular process is hogging all the juice?

Thanks
   Shawn
ProcessExplorer.jpg

Yeah: stop the Windows Update service (via the Services snapin or via cli, with 'net stop wuauserv').

Then you'll see that svchost process at 1% CPU.

Thanks Dan, I tried the on the Command Line - net stop wuauserv

... but it gave error msg "System error 5 has occurred. Access is denied"

I'm not sure what you mean by the "Services snapin".

Thanks
    Shawn

You need to run the Command prompt as an administrator.

The services snapin is the visual tool. Right click on Computer, choose Manage and on the left, under "Services and applications" you'll find Services.

Or Control Panel->Administrative Tools->Services.

Or type on the run command in the start menu: services.msc

I have a Vista machine on my laptop that updated properly to June 19 and not since.

I have a backup of this machine made in January 2016 and updated to that point and it will no longer update.

I do not think Microsoft is much interested in a system that has 1% market share and falling. It really is time to move on.

Thanks Dan, I stopped the service and it seemed to fix things - that svchost.exe process quieted right down. But I did a re-boot and now the same svchost.exe process is back up again to 600 megs/50% CPU, and checking services.msc, that Windows Update task is running again. Is it as simple as UNchecking the Windows Update process under the "Services" tab in the screen that comes up when I do a "msconfig"... so it won't re-launch whenever I do a reboot?

Thanks
   Shawn

That did it Dan, success! Thank you!

Cheers
   Shawn

Thanks everybody!

You're welcome.

@John: 1% of 500.000.000 computers makes 5.000.000 (5 million) computers.

Not negligible...

I am glad you got your computer working and I was happy to assist.

I still think Vista is now past any redemption.

Well, I spoke to soon guys.... I shut my machine down last night and booted it back up this morning and Windows Update is back running again - using 800 megs of RAM! In the Services snapin, it is now listed as "Manual" Startup Type. Double-clicking on that, it shows "Startup Type" as Disabled... so I don't know how it could have started up again. There's a button to STOP the service right now, so I'm going to click that. Hmm, now I see in the "Recovery" tab there, there's an option "Select the computers response if this service fails", and it shows 3 dropdown boxes - 1st failure, 2nd Failure, and Subsequent failures. 1st Failure says "Restart the service", and the other two say "Take no action". Could that be the culprit? I'm going to set that "1st Failure" to "Take No Action" also.

In the msconfig/services tab, it's back there listed again also. I'm going to try to uncheck it from that tab, and shut down and boot up again. Will let you know the progress...

Thanks
   Shawn

OK, that seems to have worked... no sign of that process running after the reboot and my settings made are still intact. Could someone please confirm if I did everything correctly or maybe there's something else I overlooked?

Thanks!
   Shawn