top | item 39594290

(no title)

kogir | 2 years ago

svchost.exe is literally what the name implies. It's a generic service host. You pass it a dll and an entrypoint (via command line arguments and registry keys) and it runs it.

You should look at which thing it's actually running to see what's using all your CPU.

Some articles detailing what it does and how it works: [1] https://nasbench.medium.com/demystifying-the-svchost-exe-pro... [2] https://pusha.be/index.php/2020/05/07/exploration-of-svchost... [3] https://blog.didierstevens.com/2019/10/29/quickpost-running-...

discuss

atlas_hugged|2 years ago

I went to help desk cuz I was being lazy, but Help desk was unfortunately kind of useless. They just wanted to reimage my machine and I haven’t had the time to go that route yet. I’m always busy. I did a bit of investigating with ProcMon recently but I really need to spend more time on it. As always, it comes down to time with these things.

These articles were great by the way! I’ve never gotten significantly down and dirty in svchost, so these were a treat to read. I much appreciate the effort in your response. Have a pleasant day!