Windows uses the Service Host (svchost.exe) process to collect a number of lower-level critical system services into a single process instance for task management. It does this to reduce boot time, system overhead and reduce the number of separate lower-level service processes running.
Windows creates different svchost.exe instances based on the different lower-level processes' system access and security requirements.
To determine which processes are running under a single svchost.exe instance use the following command sequence from the command-line:
tasklist /svc /fi “imagename eq svchost.exe”
Make sure to type it from scratch, sometimes copying and pasting will cause the command parser to misinterpret the section in quotations on this particular command.
It should output something that looks like the following:
Check out this link for a deeper look at TechNet details on the tasklist command:
No comments:
Post a Comment