Endpoint Protection

View Only

svchost process consuming a lot of space in Ram

Recommend

Apr 22, 2009 01:07 AM

Migration User

svchost a windows process which used to take about 1200k of ram space now takes 7000k space .
I have not installed any third party software.
Kindly suggest any remedy.

Statistics

0 Favorited

0 Views

0 Files

0 Shares

0 Downloads

Tags and Keywords

Comments

Migration User

May 06, 2009 02:25 AM

try formatting the primary partition .Remember dont open the other partitions until you install symantecAV
then install Symantec Av and run run a virus check .I doubt other partitions may contain a virus.

Migration User

May 06, 2009 02:25 AM

Migration User

Apr 23, 2009 06:47 PM

When a virus still runs after disconnecting from the network, it has some rootkit on it.
Run procmon and check what DLL hooks onto it.

Any unknown or looks suspicious DLL, do submit it to Symantec submission.
Else check the svchost file . See if it was run from a non-normal location ie c:\windows\system or c:\windows .
If yes, do submit it also.

Migration User

Apr 22, 2009 08:21 AM

it runs even after i disconnect network cable

Migration User

Apr 22, 2009 07:43 AM

Processor explorer free sysinternals tools will help you to analyze the threads

Migration User

Apr 22, 2009 04:10 AM

Yes,

Download Process Explorer from Microsoft website and then run it.

In the process, right click SVCHOST.exe process and go to properties. Look for the actual location of file.

It could be threat also.

Also check your registry entry HKLM>Software>Microsoft>Windows>CurrentVersion>Run

Look for any suspicious file.

If found submit it to https://submit.symantec.com/gold or https://submit.symantec.com/platinum

rgrds,
SAM

Migration User

Apr 22, 2009 01:45 AM

use process explorer and see whats running under the svchost, it might be windows update which is casuing it but troublshoot

Endpoint Protection

svchost process consuming a lot of space in Ram

Tags and Keywords

Comments

Related Entries and Links