I’m in this picture and I don’t like it.
I was trying to diagnose a prod server crashing this very Wednesday and seeing the lines of svchost.exe is so fucking maddening… I’m glad ProcessExplorer was there to give some useful fucking info, at least.
Well, it could be an executable disguising itself as svchost. Pretty common for malware or video game cheats to name their executables svchost.exe to hide from anti-virus/anticheat
The performance view thing that comes with windows also allows searching for file handles but it’s not very user friendly. Also not possible without admin rights if I remember correctly
In case anyone is interested, there’s a powertoy called file locksmith that will show what’s using it and let you kill it: https://learn.microsoft.com/en-us/windows/powertoys/file-locksmith
“Time to see who’s stopping me from deleting this file… svchost??? Goddamn it!”
just kill it
Instructions unclear, I shot my gaming rig with a 6 bore shotgun…. And then set it on fire.
Instructions may have been unclear, but you got the gist of it.
Probably the indexing service, it’s always the indexing service.
I’m in this picture and I don’t like it. I was trying to diagnose a prod server crashing this very Wednesday and seeing the lines of svchost.exe is so fucking maddening… I’m glad ProcessExplorer was there to give some useful fucking info, at least.
Well, it could be an executable disguising itself as svchost. Pretty common for malware or video game cheats to name their executables svchost.exe to hide from anti-virus/anticheat
Sysinternals handle is lightweight unitasker for this too, better option for servers.
Powertoys seems to be the only thing keeping windows somewhat usable, I have no idea why they don’t include it in the build.
The performance view thing that comes with windows also allows searching for file handles but it’s not very user friendly. Also not possible without admin rights if I remember correctly