What is hidden behind svchost process? A process that runs on your system. Did you ever wonder?
The svchost exe file is a Microsoft file that its name is Host Process for Windows Services. Using it you can run inner services.
If you open your task manager under the windows operation system, you can see a process name svchost.exe. In fact, you will see a list of svchost.exe processes.
If you look on the command line that was used to start the process. You will see all kind of argument like netsvcs, RPCSS, DcomLaunch, NetworkService, and other network tools related.
If you ask yourself what computer services are using the svchost and running under it, here is a built-in command line that you can use to get the list of services.
So, What is hidden behind svchost process?
If you open a command line you will be able to run the below command line to get the list of services that hidden behind svchost process.
Here is the command to use:
tasklist /svc /fi “imagename eq svchost.exe”
How to open the command line, you ask?
Here we go:
- Press the Windows + R character to open the run dialog.
- Type cmd and press enter.
- A black windows is open.
- Welcome to the command line!
If you want to run it with administrator privilege, follow this:
- Press the windows button.
- A list of tools/software or games will open (like the old start menu).
- start to type cmd.
- You will see a command prompt (with black color icon).
- Right click on it and select Run as administrator.
- If you have a menu with Pin to start and a More option, press the More and you will see the Run as administrator option.
- Pressing it will open the com and line prompt.
Now you have the list of the process that is hidden behind svchost process you can investigate each one of them to gain more information about it.
My recommendation is using google to get extra data from each service.