On Fri, 10 Dec 2010 11:11:07 -0500, mm <(E-Mail Removed)>
wrote:
> On Wed, 01 Dec 2010 11:40:46 -0600, Big Steel <(E-Mail Removed)>
> wrote:
> >On Wed, 01 Dec 2010 11:43:09 -0500, Yousuf Khan
> ><(E-Mail Removed)> wrote:
> >> On 01/12/2010 9:51 AM, Big Steel wrote:
> >> > If svchost.exe is not running out of the windows.system32
folder,
> >then
> >> > it could be malware that it is running. You should check what
> >> > svchost.exe is hosting by using Process Explorer. PE is free
to
> >use, and
> >> > you can use Bing or Google to find out how to use PE to look
at a
> >> > running process, see what it is hosting and see what directory
a
> >> > process/program is located when it is running.
> >
> >
> >> Yes, I know about ProcExplorer, that is what I was using to
report
> >this
> >> size.
> >
> >But do you know how to use it to determine what svchost.exe is
> >hosting and what process in svchost.exe is sucking up the CPU?
> >Svchost.exe does nothing on its own. It only host processes.
> So how do you determine that stuff?
You go to menu View. You select Show Lower Pane. You select Lower
Pane View. You select DLLs. After you have done that, then when you
left click on a running process in the upper pane, that will show you
everything a process is hosting. You can right click a line in the
lower pane and it will show where the DLL is located.
You can right click a process in the upper pane and go to Properties.
You will see several tabs and you can see other info. about the
process.
--
posted with a Droid
|
Similar Threads
Linear Mode
