What is svchost.exe (Service Host Process)? and is it could be a Virus?

Home » What is svchost.exe (Service Host Process)? and is it could be a Virus?

What is svchost.exe (Service Host Process)? and is it could be a Virus?


You may have wondered why there are so many Service Host Processes or svchost.exe running in the task manager if you browsed through the Task Manager.

What Actually the Service Host Process is?

According to Microsoft:

“SVCHOST.EXE is a generic host process name for services that run from dynamic-link libraries”

But that doesn’t really explain us much. Microsoft started changing inner functionality of the Windows operating system to rely on Windows Services ran from EXE files to DLL files instead. The problem in the Application Launcher in windows is that you can’t launch a DLL File Directly the same as you can do with executable files. Running services through executable makes code more reusable and easier to keep up to date. And so the Service Host process (svchost.exe) was born. A shell that is loaded from an executable file that is used to host DLL services.

Why There Are So Many Instances of Service Host Processes Running?

If you look at the Services section in Task Manager, you will notice that Windows requires a lot of services in order to run and function properly. If every single service ran under one service or svchost.exe, a failure in one could bring down all of the services running on Service Host Process. Instead they are separated out.

In Windows services are separated into small groups that all related to each other, and then a single Service Host instance is created to host each group. e.g. One Service Host Process is running the services of user interface and another Host Process Service is running the services related to firewall, and so on.

What to do with this Information?

In the days of old Windows operating systems like Windows XP, when PCs had limited resources and windows was not fined tuned, stopping unnecessary services was often recommended. But today, disabling windows services were not recommended anymore. So, in modern versions of windows operating system stopping services you think you don’t need really doesn’t have much of an impact any more.

Checking Related Services in Task Manager

Processes are shown on the “Processes” tab of Task Manager by their full names if you are using Windows 8 or 10. You can see those services by expanding the process if a process serves as a host for multiple services. To stop the service, you can right-click any individual service.

There is a different process if you’re using Windows 7. In Windows 7 Task Manager did not group processes. It only shows all the instances of svchost.exe file running. To determine the service related to any instances of svhost.exe. You can go to “Processes” Tab of Task Manager in Windows 7, right-click on a “svchost.exe” process, and then click the “Go to service” option.

This will bring you to the “Services” Tab, where the services running under that “svchost.exe” process are selected. You can see the “Description” column to see the full name of seach service.

Using Process Explorer Tool

As a part of its Sysinternals lineup Microsoft also provides an excellent tool for working with processes Just Download Process Explorer and run it. It Provides all kinds of advanced features.

Could svchost.exe Process Be a Virus?

Yes, It’s possible that a virus has replaced the real Service Host with an executable with its own. If you want to be sure of that, you can check out the location of the process by right-click and Service Host Process and choose the “Open File Location” option in the Task Manager.

If the file is on Windows \system32\ folder then it is not a virus.

What is svchost.exe (Service Host Process)? and is it could be a Virus? https://iamhabib.net/svchost-exe-service-host-process-virus/ Click To Tweet Email This Post Email This Post
By | 2018-01-10T09:18:07+00:00 January 10th, 2018|Blog Posts|Comments Off on What is svchost.exe (Service Host Process)? and is it could be a Virus?

About the Author: