I've been trying to figure out why my desktop has slowed to a crawl this past week. Everything was taking way to long and mouse movements were choppy. After staring at the task manager process tab for awhile it appeared that something running inside svchost.exe was misbehaving. If I ended the process outright I lost audio and all sorts of other important things.
For the uninitiated, the SVCHOST (stands for "Service Host") processes host services for the Microsoft OS. The services are DLL programs that do something useful. People more commonly refer to them as "drivers", the things we install to make some peripheral work well and play nice with others. Multiple instances of SVCHOST may be running at any one time and multiple services may be grouped together in one SVCHOST process which makes finding the one stinking service that is not being a good citizen a pain.
Couple of techniques I picked up while suffering through this last night:
Identify svchost.exe processes using tasklist command (hard way)
1. First, go ahead and click on Start and then Run and type in CMD and click OK
2. Type the following in to the command window and press Enter
tasklist /svc /fi "imagename eq svchost.exe
You should get an output that looks something like this:
You'll notice in this example that PID 508 has a bunch of processes running in it. Now for the tricky task of figuring out which one is not playing nice. Right-click on My Computer, choose Manage. Now choose Computer Management and then choose Services and Applications. Finally choose Services.
Now try and match the cryptic Windows service name with the easily readable names in the services tab. Stop the services individually until you CPU meter calms down.
Use Process Explorer (easy way)
There is a much better way to do this. Use Process Explorer. Process Explorer is a tool Microsoft acquired from SysInternals a few years ago.
What's cool about Process Explorer is that it allows you to dig into any Process and Stop /Start process without having to match up Services with Display Names. One by one you turn off the Services and see which one calms down the CPU meter. Once you've discovered your problem child, the final step is to go into the Services manager and change the service to start manually if you don't need it or a fix is not readily available. First aid for computers. Stop the CPU bleeding first.
My problem child was the HID Input Service which I don't need in my day to day life but which I will try and make behave sometime in the future.
Info for this post came from a bunch of Google search research. I just decided to aggregate it all into one place. May you never need to use the knowledge contained here.
C. Angione