Why is svchost.exe taking so much RAM

[isaac12345]

Hi all,

After installing Bitdefender Total Security 2015, I have noticed that at startup my RAM fills up till 70% of 3.5gigs. I had a quick look in the task manager and saw that svchost was taking up 500mb and sometimes climbing up till 700mb! I have already run virus scans and malware scans( with malware bytes) and haven't really found anything. Are there any other reasons why this might be happening?

I have attached a photo of my task manager for your reference. The OS is windows 7 pro 32bit.

Thanks!

*i57.tinypic.com/adoqi8.jpg

 

[Faun]

Go to Resource Monitor from Task Manager > Performance > Open Resource Monitor
*i.imgur.com/YUUHFUM.png

Now select svchost process with most memory. That will filter out the hdd activity, network activity and ram activity for it.
*i.imgur.com/6wTCsxw.png

 

[Flash]

[h=1]7 Ways to Easily Identify SVCHOST.EXE Service Name[/h]

 

[abhigeek]

svchost is taking your memory space. Maybe you have been playing a heavy game. So svchost is preloading the game files into memory.

Go at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SessionManager\Memory Management\PrefetchParameters
in regedit
And set the values for superfetch and prefetch to 2.
0 – Disables
1 – Enables for Applications only
2 – Enables for Boot files only
3 – Enables for Boot and Application files

 

[Gauravs90]

Whenever windows update is started svchost.exe memory surges up, It may be one of the reasons.

 

[isaac12345]

Go to Resource Monitor from Task Manager > Performance > Open Resource Monitor
*i.imgur.com/YUUHFUM.png

Now select svchost process with most memory. That will filter out the hdd activity, network activity and ram activity for it.
*i.imgur.com/6wTCsxw.png

Which column should I look at? Commit, Working set, Shareable or Private.

- - - Updated - - -

Whenever windows update is started svchost.exe memory surges up, It may be one of the reasons.

There does seem to be something windows update related. Even though it seems like everything has booted up, I do need to wait till the windows update icon shows up before I can start playing games like mass effect 2. The game hangs at the main menu while checking for online content.

- - - Updated - - -

Here are some photos of the services associated with the particular svchost.exe process. *imgur.com/a/xRre6

 

[Faun]

Which column should I look at? Commit, Working set, Shareable or Private.

Working Set

Working Set >= Commit

Working Set = Shareable + Private

There is svchost for netsvcs group
*i.imgur.com/VPXeyBD.jpg

Check which files it is writing and where it is connecting to receive data.

 

[isaac12345]

Working Set

Working Set >= Commit

Working Set = Shareable + Private

There is svchost for netsvcs group
*i.imgur.com/VPXeyBD.jpg

Check which files it is writing and where it is connecting to receive data.

Thanks!

So I took some screen shots of the memory, disk and network activity. Here they are - - Album on Imgur

The disk activity part seems to be gradually fill up and then gradually empty out. I dont quite understand what its doing from there.

However, if you look at the network activity screenshot, it seems to be trying to connect to a particular ip address and an akamai technologies link. That seems a bit suspicious.

Also, when I restarted my PC a few times to record this a few strange things happened -

1) The audio icon in the notifications area showed a message saying that the audio service was not loaded even though it was making sounds. Here's a screenshot of that - Imgur

2) Also, the BitDefender icon didn't show up! Its missing from the notifications area which is quite odd. On rebooting again it has come back, but the audio icon is still showing up as before.

Odd stuff! I'm quite baffled :S

 

[Faun]

134.170.165.249 - Geo Information
IP Address 134.170.165.249
Host 134.170.165.249
Location US US, United States
City -, - -
Organization Microsoft Corp
ISP Microsoft Corp
AS Number AS8075 Microsoft Corp
Latitude 38°00'00" North
Longitude 97°00'00" West
Distance 9208.78 km (5722.07 miles)

*en.wikipedia.org/wiki/Akamai_Technologies
akamaitechnologies.com, a content-delivery network used by companies like Adobe

The disk activity part seems to be gradually fill up and then gradually empty out. I dont quite understand what its doing from there.

May be an intermediate buffer file ?

 

[isaac12345]

134.170.165.249 - Geo Information
IP Address 134.170.165.249
Host 134.170.165.249
Location US US, United States
City -, - -
Organization Microsoft Corp
ISP Microsoft Corp
AS Number AS8075 Microsoft Corp
Latitude 38°00'00" North
Longitude 97°00'00" West
Distance 9208.78 km (5722.07 miles)

*en.wikipedia.org/wiki/Akamai_Technologies
akamaitechnologies.com, a content-delivery network used by companies like Adobe


May be an intermediate buffer file ?

No idea. I do know that this did not happen before I installed bitdefender total security 2015. Could it have messed around with the files?

And what would explain the odd behaviour in the notifications area?