I have a svchost.exe that constantly eats up memory

It sounds like your system may be afflicted with malicious software.

What is your system make and model?

Describe your current antivirus and anti malware situation:  McAfee, Norton, Spybot, AVG, Avira!, MSE, Defender, ZoneAlarm, PC Tools, Comodo, etc.

No matter what you are using for malware detection and removal do this first:

Download, install, update and do a full scan with these free malware detection programs:

Malwarebytes (MBAM):  http://malwarebytes.org/
SUPERAntiSpyware: (SAS):  http://www.superantispyware.com/

They can be uninstalled later if desired.

Reboot and then if things still don't look right, continue:

You might be able to get some clues using about what is going with your svchost.exe Processes using Task Manager and maybe figure it out.

You will always be able to figure out what is going with your svchost.exe Processes if you use Process Explorer.

Download Process Explorer so you can see what is "really" running on your system, especially behind those multiple svchosts Processes you see running in Task Manager.

Download Process Explorer from here:

http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

You'll like Process Explorer when you get the hang of it.  Process Explorer is the Windows Task Manager on steroids. 

Process Explorer installs nothing so it will not slow your system down since it only runs on demand. 

Process Explorer may look a little intimidating at first since it presents so much information, but you will start to get to like the way it works when you are looking for performance problems.   You can even tell PE that you want it to be your new default "Task Manager" from now on.  You can still run the original Task Manger too.

Once you get Process Explorer running, expand the columns, drag the corners of the display to make it bigger, etc. so you can see the most information as possible in the window.  Now you can really see everything that is running on the system.

Here is a screenshot of my poor system when I use Process Explorer:

http://img222.imageshack.us/img222/2567/processexplorer.png

The CPU column is usually the most interesting to get started with performance issues - who is using the most?

It is okay and normal to have multiple svchost,exe Processes running.  Important XP Services are actually running under the svchost.exe Processes. Sometimes there is just one XP Service running under a svchost.exe Process, sometimes there are several XP Services running under a svchost.exe Process.

Sometimes malicious software will hide behind a svchost.exe Process since the malicious software knows you will not be able to spot it in Task Manager.  It will hide behind a svchost.exe Process to fool you, but you can outsmart it.

Malicious software can also disguise itself to appear to be a legitimate XP Process or it could hide under/behind other Processes that you see running in Task Manager so you cannot see it running.

The malicious software would like to fool you into thinking that you need to use a System Restore Point, perform a Repair Install or reinstall your XP from scratch when you really don't have to.

When looking at the display in Process Explorer, you would like the most CPU to be associated with System Idle Process.  That is the "free time" on your system so the more free time it has, the better. 

If you look at the performance graphs and see red spikes (or not) double click the graph in the top left corner to display the usage graph.  Hover the mouse over any spikes to see what causes them.  Even if the spike has already scrolled past in the display, you can still hover the mouse over the spike to see what caused it.  You can also just wait for a spike to occur and then see what caused the spike.

To help understand your svchost.exe Processes and what is running beneath them, read this article and you will be smarter than the average bear:

http://www.bleepingcomputer.com/tutorials/tutorial129.html

Then with some Googling, you can look at each thing running in Process Explorer and behind your svchost.exe Processes and see what it is and decide if your configuration needs it or not and then decide what to do about it. 

If you think you have one svchost.exe Process that have run amok, using Process Explorer, you can right click that offensive svchost.exe Process, Properties and on the Services and Threads tab you can see what is running under it. 

There is a CPU column that will need widening (make the column wider) so you can see CPU.  Perhaps you can spot which background process is consuming so much CPU under the svchost.exe process.   Look around under the svchost.exe Processes and you will find the problem. 

You can also see what is running under every svchost.exe Process just by hovering your mouse over the svchost.exe Process.  Some of them will just have one things running under them and some will have several things (hopefully all legitimate XP services) and some will have a lot of things. 

If you have a svchost.exe Process that you think is afflicted, what is running under your afflicted one?

No running process should defy reasonable explanation.

First, see what you can find out using Process Explorer and then if nothing is obvious, seek additional guidance.

After clicking on the update ready shield, the update is to install and run the Malicious Software Removal Tool. The tool seems to install correctly, and the shield disappears for a few minutes, then re-appears. Clicking on the shield results in the Software Removal Tool again, as if it was never installed. Any thoughts?  [source]

I suspect you have more work to do.

Please answer all of the following diagnostic questions by number in your very next reply (no need to quote this post):

1. When did this "svchost" issue first start?

2. What is the full name of your installed anti-virus application or security suite and when (approx. date) does your current subscription expire?  What anti-spyware applications (other than Defender) are installed?  What third-party firewall (if any)?

2. Has a(nother) Norton application or a McAfee application EVER been installed on this computer?

3. Did a Norton free-trial or a McAfee free-trial [pick one] come preinstalled on the computer when you bought it? (Doesn't matter if you never used or Activated it.)

4. Open Add/Remove Programs & make sure the Show Updates box at the top is checked. Now scroll down & tell me if ALL of the following updates are listed?

    • KB2586448 [or KB2559049 or KB2530548], KB2567053; KB2570947, KB2607712 and/or KB2616676; KB2544521, KB2567680, KB2393802 & KB971029

Most will be displayed as "Security Update for Windows XP" followed by the KB number in parentheses.

If IE8 is installed, two will be displayed as "Security Update for Windows Internet Explorer 8" followed by the KB number in parentheses.