OS and Software → Microsoft > Help with a file on computer

Help with a file on computer

Not sure where to ask this question, please move if not in the correct forum.

I would like to know what this file (svchost exe) is and why I would be getting a high performance alert? I would also like to know if it is a file I can remove or do something to change when it runs?

Thanks

check the link

»www.howtogeek.com/howto/windows-···running/

Thanks, I bookmarked the page, but it looks to be more than I feel comfortable doing, but I will look it over closely.

I would look at Process Explorer then to look up what is happening, as svchost is as it suggests, a service host for Windows, any attempt to delete it will cause serious side affects.

Now stopping services you do not need might be a better option.
It might also mean a bad software package or corrupted software package.
If you are uncomfortable with the above suggestion, troubleshooting might be a task for you.

Use Process Explorer. This link provides it and more to divulge on the topic to help your needs.
»www.bleepingcomputer.com/tutoria···process/

I've asked mods to move this to the Microsoft forum as it is an operating system file you have a question on and they may be able to help more.
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke

Ok, after looking through that I learned I have 65 processes running using 0% CPU, and using 39% memory. I have a windows 7 64 computer with 8 gig of ram, does that seem out of line, to the extent that I would receive a high performance alert?

Something was mentioned about a corrupted svchost exe file and their was a download tool to repair it. Is this something I should consider?

Thanks

c:\bin>tasklist -svc|find /i "svchost"
svchost.exe                   1168 DcomLaunch, PlugPlay, Power
svchost.exe                   1288 RpcEptMapper, RpcSs
svchost.exe                   1384 AudioSrv, Dhcp, eventlog,
svchost.exe                   1448 AudioEndpointBuilder, CscService, hidserv,
svchost.exe                   1476 EventSystem, fdPHost, FontCache, netprofm,
svchost.exe                   1508 AeLookupSvc, Appinfo, BITS, Browser,
svchost.exe                   1728 gpsvc
svchost.exe                   1828 CryptSvc, Dnscache, LanmanWorkstation,
svchost.exe                   2196 BFE, DPS, MpsSvc
svchost.exe                   2404 FDResPub, SSDPSRV, wcncsvc
svchost.exe                   3560 stisvc
svchost.exe                   3608 PolicyAgent
svchost.exe                   5196 p2pimsvc, p2psvc, PNRPsvc
svchost.exe                   2348 SDRSVC
 

More info: We have two users logged on most of the time. Today I made sure only one user was logged on at a time, and I have not gotten the alert. I usually have 3 or 4 programs open at the same time. I have done this for the last couple of years that I have had this computer, and only had this problem in the last week.

I also just ran SuperAntiSpyware and it came up clean, except for some cookies.

Are you sure it is not a "low on virtual memory" error?

What operating system is this in reference too and what is the exact warning?

XP has had recent issues with Windows Update and svchost.exe using 100% cpu, maybe once you check the services of svchost.exe, you may find it is during Windows Updates.

To test:
Turn off Windows Update
Turn off/disable the Windows Update service in Control Panel|Admin Tools|Services

Run both users, and see if the alert goes away.

Otherwise go back to looking at previous offerings in posts above to find out which svchost service might be at fault.

If you have troubles with command prompts, someone might be polite enough to give you a .BAT file to run and allow a log of services to post for us?
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke

You have norton antivirus? That sounds like a norton alert. It may, or may not, mean anything.

If you press ctrl-shift-esc to bring up the task manager and then go to view menu/select column and check "image path name", then look at the path for svchost.exe file, what path is it showing?

Yes I have Norton and I think it is a Norton alert.

I can't do the task manager in Windows 7 like you suggest, but from looking it is a host proc.

then try going to run in the start menu and type in Taskmgr or right click the task bar and choose start task manager.

We need to know whether the path for svchost.exe is C:\Windows\System32

Also are you just worried about the alert or are you having problems with your system suddenly becoming sluggish?

I did this and their are several of them and they are either Network, Local or System. Today we have two users logged on, and I have not seen the alert. I ran the troubleshooter yesterday when I saw the alert and have not seen it again. Yes when I saw the alert my computer was struggling.

In your process window in task manager please go to the view menu of the task manager window, as I described above, and select columns and check the image path name column choice so that your listing shows the path for each svchost exe listing. I am trying to determine if these seem legitimate as some malware also uses this name. The path for each svchost exe line should be C:\Windows\System32\svchost.exe

If any of the svchost exe lines is anything else then please report back with the path for that line.

Or you can take a screen capture of the window with the svchost exe lines and the path column wide enough for us to see the full path.

The image path name column isn't wide enough to see the full path. You can widen the column by clicking the divider to the right of "image path name" in the column headers and dragging it. Having said that, from the part I can see it looks like the directories are as expected and not suspicious.

There doesn't seem to anything exceptionally high on memory showing either.

Thanks, for now everything seems to be working fine. The troubleshooter must have taken care of it.

See how you go, if it appears again, maybe start using task manager again so that you can check the memory of all processes.

It maybe just a poorly programmed software you have installed and it is continually growing in memory commit while in the second user.