File svchost.exe

Discussion in 'alt.windows7.general' started by Antares 531, Apr 25, 2011.

  1. Antares 531

    Antares 531 Guest

    I frequently get a warning from my Norton security software that
    something is using excess disk activity. When I click on the link that
    it shows it takes me to a file svchost.exe but that is all I can
    figure out. Is this a malware file, or is it a valid part of Windows
    7? I am running Windows 7 Home Premium SP1 and all seems to be working
    very well. I do notice some slow responses from time to time but I
    think that may be caused by scan disc or some such background
    Antares 531, Apr 25, 2011
    1. Advertisements

  2. Antares 531

    charlie Guest

    The way to start and try to figure out what is going on (Win 7)
    Open task manager.
    Go to processes
    right click on the svchost.exe entry you suspect
    Click on the Last selection in the drop down.
    (Go to services)
    This should give you at least some idea of what the incidence of svchost
    is tied to. It seems that win 7 uses more simultaneous copies of
    svchost than earlier versions.
    charlie, Apr 25, 2011
    1. Advertisements

  3. Antares 531

    Big Steel Guest

    As its name implies 'host' svchost.exe hosts other programs running on
    the computer. They can be other O/S programs or vendor programs being
    hosted by svchost.exe. Svchost.exe can also host malware programs too.

    To see what SVChost is hosting, you can use something like Sysinternal's
    Process Explorer which is free.

    The link talks about Process Explorer and how to use it.


    It will tell you where a program is being run from on the HD. If you
    highlight a program in the upper pane, it will tell you from what
    directory the program is running from on the HD. If you right-click the
    line and go to Properties, you can get more information about the
    process and what it is hosting.

    The lower pane tells you what programs are being hosted by any given
    process that is running. You can right-click the line too.

    If svchost.exe is not running out of the Windows\system32 directory,
    then it's a trojan.

    You might not even have malware running and everything is legit for any
    given svchost.exe that is executing.
    Big Steel, Apr 25, 2011
  4. Antares 531


    Feb 20, 2018
    Likes Received:
    robyn, Feb 20, 2018
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.