Unlocking the Mysteries of 'Svchost.exe'

Discussion in 'Technology News' started by hemant_mathur, Oct 7, 2006.

Thread Status:
Not open for further replies.
  1. hemant_mathur

    hemant_mathur -- No Easter Eggs here --

    Joined:
    Apr 14, 2006
    Messages:
    945
    Likes Received:
    3
    Trophy Points:
    0
    Location:
    Front of my pc
    Source : http://www.langa.com/blog/2006/10/unlocking-mysteries-of-svchostexe.htm

    Svchost.exe, which you'll find in the WINDOWS\System32 folder, launches at startup and loads any services from dynamic-link libraries (DLLs) that the Registry tells it to run. Svchost.exe can, and usually does, run several instances of itself at any given time, each instance running several associated services.

    When you use some common tools, such as the Task Manager, you can see Svchost.exe running, but you can't see the specific services. Svchost.exe also shows up when you use Windows' DOS-like utility Task List (Start/Run/cmd, then type TASKLIST at the command prompt). When you use the SVC switch with Task List (type TASKLIST /SVC at the command prompt), you can see the names of the processes within each service.

    These common methods show you some, but often not enough, information about Svchost.exe services.

    You can use an unlikely utility to get the details you're looking for: Microsoft's own Windows Defender (a free, beta anti-spyware tool) actually has a little-known feature that provides detailed information about each instance of Svchost.exe running, and all the services therein.

    In Windows Defender, click Tools, then choose Software Explorer. In the Category drop-down menu, choose "Currently Running Programs" or "Network Connected Programs." In either or both of those categories, you'll probably find items called "Microsoft Generic Host Process for Win32 Services"--- these are the Svchost.exe instances. By clicking on one instance in the left pane, you'll see details in the right.

    You can match these individual "Microsoft Generic Host Process for Win32 Services" instances with Svchost.exe instances in the TASKLIST /SVC list most easily by matching Process IDs. In the command prompt version, the services are abbreviated--- for example, you might see AudioSrv and BITS. But when you look in the associated "Services" item in Windows Defender, those are spelled out--- Windows Audio and Background Intelligent Transfer Service."

    Best of all, each "Host Process" in Defender is Classified as "Allowed" or "Not Yet Classified." Any process that's "not allowed" will be blocked or terminated (one hopes) by Windows Defender.

    You can also download the excellent and free Process Explorer from Sysinternals.
     
    anandk likes this.
  2. techtronic

    techtronic I Always Prefer 1080p

    Joined:
    May 22, 2006
    Messages:
    1,018
    Likes Received:
    13
    Trophy Points:
    0
    Very Useful Post
    Thanks a lot
     
  3. sportymaniac

    sportymaniac Guest

    effort really appreciated
     
  4. n2casey

    n2casey Super Hero - Super Powers

    Joined:
    Sep 1, 2006
    Messages:
    766
    Likes Received:
    20
    Trophy Points:
    0
    Location:
    Dynamic
    System internal info :D

    Thx for that
     
  5. knight17

    knight17 New Member

    Joined:
    Oct 16, 2005
    Messages:
    314
    Likes Received:
    2
    Trophy Points:
    0
    Location:
    Kerala
    Thanks nice post
     
  6. jz2linkinpark

    jz2linkinpark New Member

    Joined:
    Jul 24, 2006
    Messages:
    559
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Rorikstead
    thanks, specially for the info ON 'TASKLIST', now i have an idea on which programs are memory hogs and what unnecessary programs are running
     
  7. Third Eye

    Third Eye gooby pls

    Joined:
    Apr 2, 2006
    Messages:
    4,293
    Likes Received:
    58
    Trophy Points:
    48
    Location:
    Not very far from you
    Thanks man !
     
  8. anandk

    anandk Distinguished Member

    Joined:
    Mar 8, 2005
    Messages:
    3,786
    Likes Received:
    106
    Trophy Points:
    0
    Location:
    Pune
    good educative post. repd u :)
     
  9. ruthless

    ruthless Lin Win Mac

    Joined:
    Aug 15, 2006
    Messages:
    124
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    Kerala
    Very Useful And Educative:)
     
  10. OP
    OP
    hemant_mathur

    hemant_mathur -- No Easter Eggs here --

    Joined:
    Apr 14, 2006
    Messages:
    945
    Likes Received:
    3
    Trophy Points:
    0
    Location:
    Front of my pc
    Thank you all for the comments ..
     
  11. king007

    king007 New Member

    Joined:
    Aug 26, 2006
    Messages:
    289
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Mumbai
    Thats a very educative post, repped u man!
     
  12. Vishal Gupta

    Vishal Gupta Microsoft MVP

    Joined:
    Jul 28, 2005
    Messages:
    5,173
    Likes Received:
    121
    Trophy Points:
    0
    Location:
    AskVG.com
    Thnx for it buddy :)
     
  13. ketanbodas

    ketanbodas New Member

    Joined:
    Sep 14, 2006
    Messages:
    150
    Likes Received:
    6
    Trophy Points:
    0
    Keeo it Up hemant. Neat.
     
  14. sabret00the

    sabret00the New Member

    Joined:
    Aug 6, 2006
    Messages:
    699
    Likes Received:
    3
    Trophy Points:
    0
    Location:
    Calcutta
    certainly a very neat post.
     
  15. piyush gupta

    piyush gupta New Member

    Joined:
    Sep 8, 2005
    Messages:
    1,284
    Likes Received:
    2
    Trophy Points:
    0
    Location:
    never land
    tons of tahx
     
Thread Status:
Not open for further replies.

Share This Page