August 9, 2009

Svchost Process Analyzer

According to Microsoft, ‘Svchost.exe is a generic host process name for services that run from dynamic-link libraries (DLLs)’. At Windows start-up, it checks the services part of the registry to construct a list of services that it must load. The authentic svchost.exe file is located in C:\Windows\System32, but numerous viruses and Trojans use the same file and process name to hide their activities.

Svchost Process Analyzer is a free tool that lists all Svchost instances and checks the services they contain. This makes it easy to uncover Svchost worms like the infamous Conficker worm.

Svchost Process Analyzer only analyzes the Svchost.exe files and lists the suspicious Svchost file as marked; there is no provision for further analyzing the file with in this tool. You required some other tools like their TaskManager in order to check it.

The program does not require any installation. Simply download and run the software. It supports Windows Vista, XP, 2000, 2003, 2008 (32bit and 64 bit)

No comments:

Post a Comment