The free Svchost Process Analyzer examines all Svchost instances. This makes it easy to detect processes that start up through Svchost and disguise their activities. The Conficker Worm, which infected millions of computers, operated this way.
Version: 1.3Svchost Process Analyzer is a quick and easy freeware product that inspects your Svchost.exe process.
Operating System: Windows
The Svchost.exe process, which is visible in Windows Task Manager, is often misused by spyware or network worms in order to conceal their activities.
Svchost Process Analyzer recognizes these suspicious processes, which hide within an Svchost instance. An example is the infamous Configer (or Conficker) worm.
The genuine Svchost.exe is an important system process that is shipped with Windows 10, 8, 7, Vista, XP and is located in the C:\Windows\System32 folder. When a Windows computer boots, Svchost.exe executes dynamic link libraries (DLLs) found in the Windows Registry as services. There can be several instances of Svchost.exe running at the same time.
The process description is 'Generic Host Process for Win32 Services.' This means that other services use Svchost to run their own executables as Svchost instances. Trojans and other sorts of malware slip into the Svchost process and work through it.
Since Svchost is an important Windows process, even malicious Svchost activities are often not blocked by currently available security software and firewalls.
Svchost Process Analyzer also detects trojan horses, worms or other malware with slightly altered names, such as svhost.exe, scvhost.exe or _svchost.exe.
Version 1.3: Windows 10 compatibel, small bugs fixed
Version 126.96.36.199: small bugs fixed
Version 1.0: first release