New
#11
Seems about normal to me (The overall # of processes, but there are a lot of svchost). I'm looking at my Work laptop (running anniversary update), is sitting at 120 processes.
(get-process |where-object {$_.ProcessName -Match "svchost"}).Count
Returned 68 instances on my Creators Update install, while that same command only returned 18 instances on my anniversary update work laptop.
Turns out this is a change by design. Starting with Build 14942, Microsoft is not grouping services if you have sufficient amounts of memory. With this change, every service will have it's own dedicated svchost.exe process.
With higher amounts of RAM being commonplace today, there really wasn't a good reason for MS to share the svchost.exe process. With this new model, if 1 service happens to crash, it won't affect other services.
...As well as bugsolving, security issues etc. as explained in the article I read.
Oh, by the way:
(get-process |where-object {$_.ProcessName -Match "svchost"}).Count
counts all processes named "svchost"... is there any command to count all the services started by every svchost?
This can do it
$array=get-process |where-object {$_.ProcessName -Match "svchost"}|Select Id
foreach ($item in $array.Id){
Get-WmiObject -Class win32_service -Filter "ProcessID='$item'" | select DisplayName
}
It's not a language (per se), it's PowerShell. PowerShell is Microsoft's configuration management engine intended for task automation and configuration management. it is based on .NET framework. It's a series of commands (called cmdlets) which return objects, rather than text. It's become a staple in Microsoft Exchange, and is being used more and more frequently across Microsoft products.
It's less complicated than learning a programming language because everything is based on a verb-noun concept (like, get-process). And you typically take the output of 1 command and Pipe it (|) into another command to string together a series of commands to end at the result you are looking for.
For example, you can start with
get-service
That command will return a list of services on your box, whether it's running or stopped and the name of the service.
You can build on that command with
get-service |Select *
Now you are seeing all of the available information you can get on each of the services
You can then modify that command to
get-service |select Name,CanShutdown,StartType
Which shows you specific columns you want.
Now, you can take get-service spo*|stop-service
That command will take all services that start with spo and stop them.
Now, run
get-service spooler and it should be stopped
Can now restart with
start-service spooler
Want to shut down your computer faster, you can run
stop-computer
Here is another example
start-process notepad.exe
Run it 2 more times
start-process notepad.exe
start-process notepad.exe
Then,
get-process |where-object ProcessName -eq notepad
Then,
get-process|where-object ProcessName -eq notepad|Select *
Then,
get-process|where-object ProcessName -eq notepad|select StartTime,WS
Now you can see the start time and the memory size used.
Now, kill them all
get-process |where ProcessName -eq notepad|stop-process
Thank You pparks1. It's very versatile! :)