"Svchost" stands for "Service Host". It is an executable for those services and applications which has only .dll files. Like, W32Time, Dhcp, Dnscache, EventLog, Themes, etc,. It means that it is very important executable to run these critical services.
I hope, now you are clear about the concept of "Svchost.exe". Here is how you will find what all services each "svchost.exe" is running.
Step 1: Open Task Manager. (You will see many svchost.exe processes in your task bar. We can imagine any one of them which is utilizing 100% cpu.)
Step 2: Open Command Prompt as an administrator. (We run a command in it to check all svchost processes and services name which they are running.)
Command to run
tasklist /svc /fi "imagename eq svchost.exe"
Step 3: Find the service which is creating the problem.
In task bar, you add one more column "PID (Process Identifier)". After this, you will have all information. What is the PID of the svchost which is consuming 100% CPU and the services which are associated with it.
You will see all services in their short name, like RpcSs and it would hard to understand what does it stand for.
Time to use your best friend (Powershell) again to help you. Just run a cmdlet "Get-Service" to know the exact name of it.
Step 4: Restart the service according to the downtime.
You can restart the service from powershell as well as "Services.msc" console.
Note: Before restart any service, it would be best practice to scan your server for any malware.
Thank You
0 comments:
Post a Comment