September 2008 Reader Challenge Winner
Congratulations to the winner of our September 2008 Reader Challenge. Connie Greene, of Ohio, asked for a copy of “Running QuickBooks in Nonprofits,” (CPA911 Publishing) because she volunteers IT services to her church.
How to Do the Reader Challenge
Solve this month's Vista Update challenge, and you might win a prize! Email your solution (don't use an attachment) to challenge@windowsitpro.com by Oct.7, 2008. You MUST include your full name, street mailing address (no P.O. Boxes), and a telephone number. Without that information, we can't send you a prize if you win, so your answer is eliminated, even if it’s correct.
I choose winners at random from the pool of correct entries. I’m a sucker for humor and originality, and a cleverly written correct answer gets an extra chance. Because I receive so many entries each month, I can't reply to respondents, and I never respond to a request for an email receipt. Look for the solutions to this month's problem at http://www.windowsitpro.com/articles/index.cfm?articleid=100455 on Oct. 8,2008.
Take The October 2008 Challenge
This month's challenge is inspired by several email queries from users. All of them asked the same question, in almost the same words: "What is the program svchost.exe and why does the Processes tab of Task Manager show multiple instances of svchost.exe running at the same time?" Can you answer their questions? Here are some choices--tell me which answer is correct.
A. It's a Windows program that controls all Internet services, including the browser, the firewall, and network connections, and runs separately for each service.
B. It's a generic executable that runs in order to control DLLs launched by application software, to make sure those DLLs don't interfere with Windows services.
C. It's a generic executable that runs in order to launch Windows services that run as DLLs and opens a new instance of itself for each related group of DLLs.
Answer: C
Actually, this is a clever way to manage services that run as DLLs. DLLs can't open by themselves, they're called by an .exe file, which is the role of svchost.exe. If you ran only one instance of svchost.exe to control all DLL services, a failure of one DLL service could impact svchost.exe, and that would affect every DLL service, bringing down the system. (Also, even without a problem in a DLL service, your system would probably run at a crawl if every DLL service were running under a single instance of svchost.exe.) By dividing DLL services into logical groups, and launching each group from a different instance of svchost.exe, Windows minimizes the chance of catastrophic failure.
You can view the instances of svchost.exe in Task Manager by going to the Processes tab and selecting Show Processes From All Users. Each instance is linked to a Name; not a user name, instead names like LOCAL SERVICE, NETWORK SERVICE, SYSTEM. You can view the groups controlled by svchost.exe in the registry at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost, which has a subkey for each group of DLL services.
Vista has a more sophisticated approach to Task Manager than previous versions of Windows. Go to the Processes tab, click Show Processes From All Users, right-click an instance of svchost.exe and select Go To Services. You're switched to the Services tab where all the services controlled by the selected instance of svchost.exe are highlighted.
Why would you want to know which services are controlled by each instance of svchost.exe? If your system is unusually slow and you notice high CPU usage on a particular instance of svchost.exe, restarting the services launched by that instance usually solves the problem, and that's easier and faster than shutting down all your applications and restarting Windows.