CrazyEngineers Logo

Trouble With Unnecessary Download By Host Process For Windows Services

I am having a serious trouble, a few months ago I noticed that my broadband usage was going up. I shut down all the automatic updates on all the softwares installed on my computer. Still the usage was pretty high. Since I use Kaspersky Internet Security 2013, I went into its network monitor to check which service was the culprit. I found out that “Host Process For Windows Services” was taking up crazy amounts of download. Within a month it had taken up 13 GB of download. Of course, since most of the time it happened during my service provider’s ‘Night Unlimited’ time. Then I few days ago I found a solution Windows service (svchost.exe) is downloading constantly » blog.haraldkraft.de that suggested to go to ‘Services.msc’ and shut down services like Background Intelligent Transfer service that starts downloading updates as soon it sees an idle connection and IP Helper service that assists with IPv6 connectivity. Even after implementing these tips, the download still continued. I tried limiting the “Host Process For Windows Services” by blocking it from Kaspersky’s Network Filter but that ended up blocking all my network communication. I have tried to Googling this problem but it was of no help. The problem starts when the connection is idle, for example when I am composing an article for VoiCE, my browser is idle and no other download is in progress and it is during that time the download begins and I am just left in horror as the broadband status show about 60 MB of download within a few minutes .

So could anyone help me in finding out the cause and cure for this problem.

Replies

  • rahul69
    rahul69
    By Host Process For Windows Services do you mean taskhost.exe?
  • Nayan Goenka
    Nayan Goenka
    Ok here are some things I need you to verify.

    Open msconfig and check which services are auto loading at startup as well as other times.
    Check if you have windows update on auto-update settings mode.
    Check if you have any other software installed which is a developer tool or a microsoft product and is set on auto update.
    Check if you have any server utility installed
    Check if your task manager is auto loading services.
    Enable firewall and restrict all traffic to admin mode only.
    Check all services that have default mode set to admin, if they have update utility
    Check Event Logs when the download happens. See which software or service is doing it. You will get a path to it there.
    Check if you have rogue installations on your computer.
    Check registry by using regedit. Clear registry for rogue entries.
    If none of these work, I would recommend you to format c: and reinstall windows
  • Satya Swaroop Dash
    Satya Swaroop Dash
    rahul69
    By Host Process For Windows Services do you mean taskhost.exe?
    Nope, its svchost.exe.
  • KenJackson
    KenJackson
    If a virus added or replace a file on your machine, it will probably have a more recent date than the other files. I found the only virus I've been infested with this way. Open a CMD window and enter:
    cd %winsysdir%      (This should take you to C:\windows\system32 or equivalent)
dir /od
    The dir /od command lists files in order of date, most recent last. Hundreds of files will quickly scroll by. Ignore them. Just look at the last few files, which will be the most recently modified files in the directory. If an executable file has a recent date and you don't recognize it, there's a chance that Windows Update just legitimately replaced it, but there's also a good chance it's a virus.
  • Satya Swaroop Dash
    Satya Swaroop Dash
    Nayan Goenka
    Ok here are some things I need you to verify.

    Open msconfig and check which services are auto loading at startup as well as other times.
    Check if you have windows update on auto-update settings mode.
    Check if you have any other software installed which is a developer tool or a microsoft product and is set on auto update.
    Check if you have any server utility installed
    Check if your task manager is auto loading services.
    Enable firewall and restrict all traffic to admin mode only.
    Check all services that have default mode set to admin, if they have update utility
    Check Event Logs when the download happens. See which software or service is doing it. You will get a path to it there.
    Check if you have rogue installations on your computer.
    Check registry by using regedit. Clear registry for rogue entries.
    If none of these work, I would recommend you to format c: and reinstall windows
    I thought my Visual Studio installation would have been up to something, but even after looking into them I could not find anything
  • Satya Swaroop Dash
    Satya Swaroop Dash
    KenJackson
    If a virus added or replace a file on your machine, it will probably have a more recent date than the other files. I found the only virus I've been infested with this way. Open a CMD window and enter:
    cd %winsysdir%      (This should take you to C:\windows\system32 or equivalent)
dir /od
    Untitled
    The above is the result and I think the PerfStringBackup is the culprit, from a little Google search, everyone seems to point out PerfStringBackup.INI. But it looks like a log file of something.
    Have a look at the screenshot, I think you can figure out something.
  • KenJackson
    KenJackson
    I don't see anything alarming--assuming you updated the flash player last month. Also, I don't know what directory 1033 is.
  • Satya Swaroop Dash
    Satya Swaroop Dash
    KenJackson
    I don't see anything alarming--assuming you updated the flash player last month. Also, I don't know what directory 1033 is.
    Thanks, man. You and @#-Link-Snipped-# were quite helpful.
    I have implemented both of your solutions, and I am keeping a keen eye on my network monitor and will keep you updated.
  • Nayan Goenka
    Nayan Goenka
    Satya Swaroop Dash
    Thanks, man. You and @#-Link-Snipped-# were quite helpful.
    I have implemented both of your solutions, and I am keeping a keen eye on my network monitor and will keep you updated.
    No problem. Happy to help. You make Voice Content for us that is quite awesome 😛
    Btw there is one more advanced setting you can do. After this you need to jst forget about this issue and that is configure firewall in advanced mode. Of course that is some pretty tough advanced stuff but that is the ultimate option you can do to control your network

You are reading an archived discussion.

Related Posts

The United States uses 39% of the energy it produces, wastes 61%

The Lawrence Livermore National Lab has produced an interesting graph that shows that less than 40% of the energy produced in the States is actually used. There is a new...

The World's Smartest Dog - Chaser, a border collie

Let me post the link and get out of the way; https://www.popsci.com/science/article/2013-07/i-met-worlds-smartest-dog

Atomic Number 115 - Existence Of New Mystery Element Confirmed

One more headache to chemistry students. There seem to be periodic additions to the Periodic Table. The latest is the confirmed finding of a new heavy weight element with an...

Energy Labs is Live!

Hello CEans, I feel great pleasure in announcing that my own start-up Energy Labs which is a brainchild of our company Full Circle group is live now. After sleepless nights...

Indian Dream : Conversation between two Americans when Rs. 1 = $ 100

Indian Dream : Conversation between two Americans when Rs. 1 = $ 100 Alex: Hi John, you didn't come yesterday to office? John: Yeah, I was in Indian Embassy for...