How to find problematic svchost
Sometimes, WinXP got slow down extremely and barely respond. After you open the Task Manager you found that one of the svchost.exe is eating all CPU resource.
The difficult thing is that svchost.exe is used by Microsoft Windows Services and run many instances simultaneously. Sometimes, malware also run with the same name too. How can you differentiate which one is malware or which one is legitimate.
Ok, after you open Task manager,
Go to View–>>Select Columns –>> Check PID (Process Identifier)
You will see the Task manager as below:
Record the PID no. of the svchost process. After that, go to command prompt.
Type Tasklist /SVC
You will see the svchost with the PID. So that now you’ve got an idea of which process are actually associated with that svchost instance. If you want to know more info of that process you can google it. For example if you suspect CryptSvc, you google it and you’ll know that cryptsvc is a module associated with Cryptographic Services from Microsoft Corporation. Ok, that’s legitimate, you can try next one and hopefully you’ll spot the spyware if there’s one.
Reference : Microsoft
Leave a comment
Recent Posts
Recent Comments
- robost on How to install Vista bubble screen saver in Win XP
- Rick on Paint can create ico files
- Oliverdejohnson on Paint can create ico files
- Johnson Jones on Paint can create ico files
- Hussain on How to install fonts without admin right
Tags
Archives
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- November 2009
- July 2009
- May 2009
- April 2009
- January 2009
- October 2008
- September 2008
- August 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- November 2006
- February 2006
- January 2006
- December 2005
