All About SVCHOST

There are no IT guys who do not struggle with the “SVCHOST.exe” process or even processes,

Doesn’t matter whatever you have tried, whether adding additional resources such as CPU, RAM, or KB’s, follow best practices articles, most of those options usually aren’t working.
As you may know, SVCHOST.exe (“Service Host”) is Service Host Process is “is a generic host process name for services that run from dynamic-link libraries.”
Hopefully, it’s understandable to you… basically is very important local components that use on DLL files that located under “%SystemDrive%WindowsSystem32” and serve the operation system, each group of SVCHOST could serve different components on your machine and create like a new instance.

The main purpose of this article is to show you how to deal with this process, how to analyze and investigate, why does process utilize too much recourse.
For my demonstration let’s take a computer/server with the same issue:

Open the “Task Manager” and Welcome to the hell:

SVCHOST

 

As you can see, there are more than 10 SVCHOST.exe processes that are running on my server, how can we know what really runs behind the scenes, what services are used by this process?

 

Let drill down little bit:

Open CMD >a nd run
“Tasklist /svc”

You may get this information with explanations about what SVCHOST.EXE used for:

SVCHOST

It could be useful for you, just to understand why SVCHOST utilize too many resources.
In addition, you can open again the task manager and go to process tab:
Select one SVCHOST process and then right click > Go to Services(s)

SVCHOST

And the relevant service will be marked as per selected process:

SVCHOST

Check another “SVCHOST” process:

SVCHOST

Selected services:

SVCHOST

And now you can start with your professional troubleshooting and try to investigate why service X utilize too many resources.

Most cases I experienced is Windows update which loading too many updates and waiting for installing or restarting the machine, Antivirus that also scans these processes for a while, it definitely changes and different on each machine, but using this short explanation you will be able to analyze and realize what does on your machine.

I really hope that it was helpful for you guys.