svchost.exe process using a lot of memory...
Hi experts, I have a desktop computer running Vista here that shows a "svchost.exe" process running that sometimes uses 500-600 megs of memory - that doesn't seem right. is there a way to find out what is going on there.... or if it's some kind of virus or something?
Thanks
Shawn
Thanks
Shawn
IT Consultant
CERTIFIED EXPERT
Windows Update is a major problem if you don't have the latest Windows Update Client/Agent installed.
I've had a network of 20 Win7 computers slow down to a crawl until I found the problem.
The latest Windows Update Client for Windows 7 is available here:
https://support.microsoft.com/en-us/kb/3065987
I've no idea what the latest for Vista is.
HTH,
Dan
I've had a network of 20 Win7 computers slow down to a crawl until I found the problem.
The latest Windows Update Client for Windows 7 is available here:
https://support.microsoft.com/en-us/kb/3065987
I've no idea what the latest for Vista is.
HTH,
Dan
Thanks guys/// I've run malwarebytes, Eset Online Scanner, RogueKiller, and panda online scanner... and each one found a few things and cleared them out. Dave and Dan - I think you might be on to something as I haven't did any Windows Uodates in a while. I launched that a few hours ago and it is suspiciously *still* saying:
"Downloading updates
Downloading 30 updates (0 KB total, 0% complete)"
I don't know if that's going to kick in anytime soon, or maybe like Dan suggested, my Windows Update client needs fixing...
Thanks
Shawn
"Downloading updates
Downloading 30 updates (0 KB total, 0% complete)"
I don't know if that's going to kick in anytime soon, or maybe like Dan suggested, my Windows Update client needs fixing...
Thanks
Shawn
Set Updates to Never. Turn the machine OFF. Start up, Set Updates to Automatic and they will start running. Leave overnight and there is a 95% or better success rate that they will be done in the morning.
Thanks John, I am doing this right now. It's been sitting on "Checking for updates" for the last 15 minutes.... will let it go for a while and see what happens.
Thanks
Shawn
Thanks
Shawn
As I said Shawn... last week it took 24 Hours for my Vista laptop to finish "Checking for updates" and install them. When I fired it up again yesterday, it took 15 minutes for it to settle down and act 'normally'. During that time 'svchost' went to almost 1.5 GB of RAM usage a couple of times. It ended up at less than 200KB after 15 minutes.
OK guys, I think I'm making progress. It found and ran all the pending updates (almost 30)... I gave it a day to settle down and sort itself out after that. Now the svchost.exe task is taking only 90 megs - a very good improvement.
Dan Craciun - do you think there is still a need for me to install a whole new Windows Update Client for Vista?
David Johnson - I am going to download and install "sysinternals procmon" and investigate what you recommended.
Thanks!
Shawn
Dan Craciun - do you think there is still a need for me to install a whole new Windows Update Client for Vista?
David Johnson - I am going to download and install "sysinternals procmon" and investigate what you recommended.
Thanks!
Shawn
Since yesterday was 'Update Tuesday', my Vista laptop is sitting there for the last 6 hours waiting for updates to magically appear.
IT Consultant
CERTIFIED EXPERT
On Windows 7 the new update client makes all the difference.
No more 3GB RAM used by svchost, no more 100% CPU usage for hours.
No more 3GB RAM used by svchost, no more 100% CPU usage for hours.
I'm up to 12 hours now with my Vista laptop. Only 50% CPU though abut 75% memory last time I checked.
IT Consultant
CERTIFIED EXPERT
Instead of accepting the fact that Microsoft is allowed to make your machines unusable for days every month, you could disable Automatic updates and use WSUS Offline or similar to keep your machines patched.
Hmm, I guess I spoke too soon... svchost.exe is back up now to almost 600 megs, sheesh. Maybe I will have to seek out the latest version of the update client for Windows Vista...
Shawn
Shawn
According to this page:
https://support.microsoft.com/en-ca/kb/949104
it would seem I've already got the latest version: 7.6.7600.256, dated 02/06/2012
Shawn
https://support.microsoft.com/en-ca/kb/949104
it would seem I've already got the latest version: 7.6.7600.256, dated 02/06/2012
Shawn
Thanks John... I'm really not keen to overhaul the Vista OS to something else. It's not that I'm so attached to Vista, it's just that I don't need the extra ordeal right now in trying to upgrade that desktop to something newer. It's a computer that I don't use all that often, so it's not especially crucial or pressing... and I've never really had a problem with Vista.
Thanks
Shawn
Thanks
Shawn
IT Consultant
CERTIFIED EXPERT
So don't use Automatic Updates anymore. Is there any policy in place that forbids you to use an offline updater?
Sorry for the long absence guys, I was sidetracked by something. I'm still having the same problem - a svchost.exe process using about 500 megs and 50% CPU when my Vista machine is running nothing else and basically just idle. David Johnson, I ran Process Explorer and I've attached the screenshot. The svchost.exe in question shows several processes - is there a way to hone in on which particular process is hogging all the juice?
Thanks
Shawn
ProcessExplorer.jpg
Thanks
Shawn
ProcessExplorer.jpg
IT Consultant
CERTIFIED EXPERT
Yeah: stop the Windows Update service (via the Services snapin or via cli, with 'net stop wuauserv').
Then you'll see that svchost process at 1% CPU.
Then you'll see that svchost process at 1% CPU.
Thanks Dan, I tried the on the Command Line - net stop wuauserv
... but it gave error msg "System error 5 has occurred. Access is denied"
I'm not sure what you mean by the "Services snapin".
Thanks
Shawn
... but it gave error msg "System error 5 has occurred. Access is denied"
I'm not sure what you mean by the "Services snapin".
Thanks
Shawn
IT Consultant
CERTIFIED EXPERT
You need to run the Command prompt as an administrator.
The services snapin is the visual tool. Right click on Computer, choose Manage and on the left, under "Services and applications" you'll find Services.
Or Control Panel->Administrative Tools->Services.
Or type on the run command in the start menu: services.msc
The services snapin is the visual tool. Right click on Computer, choose Manage and on the left, under "Services and applications" you'll find Services.
Or Control Panel->Administrative Tools->Services.
Or type on the run command in the start menu: services.msc
I have a Vista machine on my laptop that updated properly to June 19 and not since.
I have a backup of this machine made in January 2016 and updated to that point and it will no longer update.
I do not think Microsoft is much interested in a system that has 1% market share and falling. It really is time to move on.
I have a backup of this machine made in January 2016 and updated to that point and it will no longer update.
I do not think Microsoft is much interested in a system that has 1% market share and falling. It really is time to move on.
Thanks Dan, I stopped the service and it seemed to fix things - that svchost.exe process quieted right down. But I did a re-boot and now the same svchost.exe process is back up again to 600 megs/50% CPU, and checking services.msc, that Windows Update task is running again. Is it as simple as UNchecking the Windows Update process under the "Services" tab in the screen that comes up when I do a "msconfig"... so it won't re-launch whenever I do a reboot?
Thanks
Shawn
Thanks
Shawn
IT Consultant
CERTIFIED EXPERT
You're welcome.
@John: 1% of 500.000.000 computers makes 5.000.000 (5 million) computers.
Not negligible...
@John: 1% of 500.000.000 computers makes 5.000.000 (5 million) computers.
Not negligible...
I am glad you got your computer working and I was happy to assist.
I still think Vista is now past any redemption.
I still think Vista is now past any redemption.
Well, I spoke to soon guys.... I shut my machine down last night and booted it back up this morning and Windows Update is back running again - using 800 megs of RAM! In the Services snapin, it is now listed as "Manual" Startup Type. Double-clicking on that, it shows "Startup Type" as Disabled... so I don't know how it could have started up again. There's a button to STOP the service right now, so I'm going to click that. Hmm, now I see in the "Recovery" tab there, there's an option "Select the computers response if this service fails", and it shows 3 dropdown boxes - 1st failure, 2nd Failure, and Subsequent failures. 1st Failure says "Restart the service", and the other two say "Take no action". Could that be the culprit? I'm going to set that "1st Failure" to "Take No Action" also.
In the msconfig/services tab, it's back there listed again also. I'm going to try to uncheck it from that tab, and shut down and boot up again. Will let you know the progress...
Thanks
Shawn
In the msconfig/services tab, it's back there listed again also. I'm going to try to uncheck it from that tab, and shut down and boot up again. Will let you know the progress...
Thanks
Shawn
Gain unlimited access to on-demand training courses with an Experts Exchange subscription.
Get AccessWhy Experts Exchange?
Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.
Jim Murphy
Programmer at Smart IT Solutions
When asked, what has been your best career decision?
Deciding to stick with EE.
Mohamed Asif
Technical Department Head
Being involved with EE helped me to grow personally and professionally.
Carl Webster
CTP, Sr Infrastructure Consultant
Did You Know?
We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE
Ask ANY Question
Connect with Certified Experts to gain insight and support on specific technology challenges including:
- Troubleshooting
- Research
- Professional Opinions