If you’ve ever opened the task manager, you’ve probably noticed that several processes called Service Host (svchost.exe) rank first. These processes cannot be deleted and cannot be opened, and can sometimes consume too much memory and CPU.
But what exactly are these processes and what can be done when there are so many running at once? In the next post, we will try to clarify your doubts about it.
What are Service Host (svchost.exe) processes?
According to Microsoft, the svchost.exe is a generic process of services that run from a dynamic library, although that definition will not help us much.
Several years ago, Microsoft changed the way Windows works, moving from using services (executables) to using policies that use dynamic libraries.
The main problem of this new architecture is that the libraries can not be executed by themselves, for that they need a host or host, that is where the executable svchost.exe comes into action.[irp posts=”11058″ name=”Best tricks to keep Windows 10 desktop clean and tidy”]
Why are there so many Service Host processes running?
If all Microsoft processes were run by a single host or host, in case of failure by the host the entire operating system would fail. That’s why the processes are separate.
Services are grouped according to the type of process being executed: some are services for the network or procedures for the system. You can see an example of this in the following image:
What to do to prevent so many svchost.exe processes from running?
If you are using Windows 8 or 10, when you open the task manager you will see the processes and within the grouped services, you can click on each service and select Search Online, this way you will know exactly what service it is and if it is safe to finish it or not.
How to know if the svchost.exe Service Host is a virus or not?
It is not common for the service host to be replaced by a virus since Microsoft owns this executable and it is very difficult to change it. Even so, if you want to check if the host is real you can right-click and select Open File Location. If the host is in the Windows/System32 folder then the executable is valid.