How To: Figure Out What svchost.exe Is Actually Doing

svchostthumWindows XP/Vista:  If you’ve ever dug around in your Windows Task Manager (available by pressing CTRL + SHIFT + ESC and clicking the Processes tab), you no doubt have noticed multiple instances of a process called svchost.exe.  Not only is the title of this process ambiguous, it typically exists as System, Network Service, and Local Service resources.

So what exactly are these processes doing, and are they safe to kill?  Svchost Process Analyzer is a free (and portable – no installation required) application that will analyze and identify all of the services that are currently running under the guise of svchost.exe.

How is this useful, then?  Although it isn’t typically safe to kill any svchost processes, many viruses and trojans (such as the Conficker worm) embed themselves into this process to avoid detection.  Even if you don’t find any malware in your svchost process, it still is interesting seeing what exactly your system is doing behind the scenes.


Svchost Process Analyzer is a tiny (400 kb), free download for all flavors of Windows.  [Download]



, ,



Leave a Reply