Today I received the following email from a groovyReader asking what is svchost.exe:
“I opened up my Task Manager and saw svchost.exe among many other processes running. What is svchost.exe and why is it running so many times on my computer? Is it a virus or something else? How can I get rid of it?”
As I started writing the email response back to our groovyReader, I decided the answer was worth a full fledged Article. MrGroove agreed so here we are!
The good news is svchost.exe isn’t a virus or artificial intelligence taking over your computer. The bad news is, it’s mysterious and good at hiding what it is. The groovyNews is, with a bit of digging, we can learn quite a bit about what exactly svchost.exe is doing on your computer.
First, let’s open up Windows Task Manager using the CTRL + ALT+ DEL menu or by pressing the shortcut CTRL + SHIFT + ESC. Either way, once your Task Manager is open, you will see several processes of svchost.exe running.
So what exactly is svchost.exe?
The Microsoft Support site defines it as “a generic host process name for services that run from dynamic-link libraries.” Right. So that’s pretty straightforward, anyone could understand that.. err okay, let’s translate.
A “dynamic-link library” also known as a .dll file is just a big block of programming code. There are lots of neat tricks that developers can do with these files to make things run faster and take up less space. The problem is that a .dll file can’t run standalone. You need a .exe or “executable” file to load the .dll and its code.
Now that we know a DLL file is, it should be easier to understand why svchost is called a “generic host.” All it does is load DLL files so they can run and execute system applications. So it’s nothing to worry about right? Well, there is the possibility that you could download a virus which could make your innocent svchost load up some DLLs from the dark side. Keeping your computer updated with all of the Microsoft Security Updates and running an anti-virus app should minimize the chance of this.
Okay great, so it’s just a host for even more processes! Now I’m even more curious and want to know what exactly is being run by svchost.exe., so how do I check this? There are two easy ways to keep tabs on svchost.exe. The first is the command line.
How to find out what processes are running on your computer using the command line.
1. Click the Start Menu and then Click Run. In the Run window that displays Type in cmd and Press OK.
2. In the Command Window Type tasklist /SVC, and then Press ENTER. Now you’ll be able to see all of the listed dynamic libraries that svchost.exe is running.
The problem with the command line is, it just brings up even more weird looking processes that appear as mysterious as svchost itself. So here is where we need to download a program from Microsoft called Process Explorer (click to download). Process Explorer is standalone and doesn’t require installation. Just Unzip the downloaded file and run it. Once you have it running, you can highlight individual processes and see what each process is doing. This same process works with Windows XP, Vista, and even Windows 7!
So let’s launch Process Explorer and take a look at the svchost.exe on my system.
Once opened, Simply hover over a process like svchost.exe for details about it.
If you want even more details Right-Click svchost.exe and Click Properties then Select the Services tab.
Alright, everything is looking good, now we know what svchost.exe is, and how to decipher all of the services that it’s running. After playing around with this, you’ll notice that some of the svchosts aren’t running as many services as others. And wait, why are the so many svchosts running simultaneously?
Each svchost runs services based on logical service groups, for example, one may be running network services while another might be handling device drivers. Having these services run on separate hosts is a neat feature because this way if one dies it won’t take down your entire system all at once. <phew> That’s quite a mouth full isn’t it?
I hope you enjoyed this groovy article! I had a lot of fun writing it, however, if I missed something or you still have more questions, feel free to drop a note below OR, Join us in our Free Technical Support Community Forum and post your question!