Generic Host Processes for Win 32 Services?

Discussion in 'Computer Information' started by John, Oct 24, 2004.

  1. John

    John Guest

    Hello.

    I just wondered what this "Generic Host Processes for Win 32 Services"
    is exactly?

    In my firewall there are two logos and that is the description for
    them. One of them seems to be using the Internet a lot for some
    reason but I don't know what its doing.

    Thanks

    John
     
    John, Oct 24, 2004
    #1
    1. Advertising

  2. John

    Duane Arnold Guest

    John <> wrote in news:4nfmn0hn3a0p5kgp0jppgu3ob6khgv9gc2@
    4ax.com:

    > Hello.
    >
    > I just wondered what this "Generic Host Processes for Win 32 Services"
    > is exactly?
    >
    > In my firewall there are two logos and that is the description for
    > them. One of them seems to be using the Internet a lot for some
    > reason but I don't know what its doing.



    http://support.microsoft.com/default.aspx?scid=kb;en-us;314056#kb2

    svchost.exe *the Generic Host Processor* performs many task for the NT
    based O/S. One of the tasks is communications on the network such as the
    Internet. There can be many occurrences of svchost.exe running. Not only
    does the O/S use svchost.exe on its behalf and other legit programs running
    on the computer, but Trojans and malware can use svchost.exe too. So you
    must always be aware of what svchost.exe is trying to connect to on remote
    IP(s).

    There are tools such as Active Ports and Process Explorer (free) that can
    help you make the determination as to what a program is connecting to and
    what processes are using the program look inside the running program or
    process.

    http://tinyurl.com/klw1

    If svchost.exe is not running out of the %SystemRoot%\System32 folder, then
    it's a Trojan.

    You can go to the Command Prompt and enter SET and press the Enter-key and
    it will shoe what is %SystemRoot%.


    Duane :)
     
    Duane Arnold, Oct 24, 2004
    #2
    1. Advertising

  3. John

    John Guest

    On Sun, 24 Oct 2004 06:21:37 GMT, A strange species called Duane
    Arnold <> wrote:

    >John <> wrote in news:4nfmn0hn3a0p5kgp0jppgu3ob6khgv9gc2@
    >4ax.com:
    >
    >> Hello.
    >>
    >> I just wondered what this "Generic Host Processes for Win 32 Services"
    >> is exactly?
    >>
    >> In my firewall there are two logos and that is the description for
    >> them. One of them seems to be using the Internet a lot for some
    >> reason but I don't know what its doing.

    >
    >
    >http://support.microsoft.com/default.aspx?scid=kb;en-us;314056#kb2
    >
    >svchost.exe *the Generic Host Processor* performs many task for the NT
    >based O/S. One of the tasks is communications on the network such as the
    >Internet. There can be many occurrences of svchost.exe running. Not only
    >does the O/S use svchost.exe on its behalf and other legit programs running
    >on the computer, but Trojans and malware can use svchost.exe too. So you
    >must always be aware of what svchost.exe is trying to connect to on remote
    >IP(s).
    >
    >There are tools such as Active Ports and Process Explorer (free) that can
    >help you make the determination as to what a program is connecting to and
    >what processes are using the program look inside the running program or
    >process.
    >
    >http://tinyurl.com/klw1
    >
    >If svchost.exe is not running out of the %SystemRoot%\System32 folder, then
    >it's a Trojan.
    >
    >You can go to the Command Prompt and enter SET and press the Enter-key and
    >it will shoe what is %SystemRoot%.
    >
    >
    >Duane :)



    Thanks.

    I downloaded the Process Explorer, and they all seem to be acting out
    of the right folder. It doesn't seem to show which ip or web address
    they are talking to though.

    John
     
    John, Oct 24, 2004
    #3
  4. John

    Duane Arnold Guest

    John <> wrote in
    news::

    > On Sun, 24 Oct 2004 06:21:37 GMT, A strange species called Duane
    > Arnold <> wrote:
    >
    >>John <> wrote in
    >>news:4nfmn0hn3a0p5kgp0jppgu3ob6khgv9gc2@ 4ax.com:
    >>
    >>> Hello.
    >>>
    >>> I just wondered what this "Generic Host Processes for Win 32
    >>> Services" is exactly?
    >>>
    >>> In my firewall there are two logos and that is the description for
    >>> them. One of them seems to be using the Internet a lot for some
    >>> reason but I don't know what its doing.

    >>
    >>
    >>http://support.microsoft.com/default.aspx?scid=kb;en-us;314056#kb2
    >>
    >>svchost.exe *the Generic Host Processor* performs many task for the NT
    >>based O/S. One of the tasks is communications on the network such as
    >>the Internet. There can be many occurrences of svchost.exe running.
    >>Not only does the O/S use svchost.exe on its behalf and other legit
    >>programs running on the computer, but Trojans and malware can use
    >>svchost.exe too. So you must always be aware of what svchost.exe is
    >>trying to connect to on remote IP(s).
    >>
    >>There are tools such as Active Ports and Process Explorer (free) that
    >>can help you make the determination as to what a program is connecting
    >>to and what processes are using the program look inside the running
    >>program or process.
    >>
    >>http://tinyurl.com/klw1
    >>
    >>If svchost.exe is not running out of the %SystemRoot%\System32 folder,
    >>then it's a Trojan.
    >>
    >>You can go to the Command Prompt and enter SET and press the Enter-key
    >>and it will shoe what is %SystemRoot%.
    >>
    >>
    >>Duane :)

    >
    >
    > Thanks.
    >
    > I downloaded the Process Explorer, and they all seem to be acting out
    > of the right folder. It doesn't seem to show which ip or web address
    > they are talking to though.
    >
    > John
    >
    >
    >


    Active Ports gives you that information when a program is running such as
    svchost.exe and it has remote connections on the LAN or (WAN-Internet) to
    an IP.

    Duane :)
     
    Duane Arnold, Oct 24, 2004
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Sam

    What Are Generic Host Processes?

    Sam, Jun 9, 2004, in forum: Computer Support
    Replies:
    4
    Views:
    2,763
    °Mike°
    Jun 9, 2004
  2. Replies:
    6
    Views:
    1,184
    °Mike°
    Nov 23, 2004
  3. wes40oz
    Replies:
    5
    Views:
    514
    =?Utf-8?B?SGlja3hfNQ==?=
    Oct 9, 2005
  4. Rachana
    Replies:
    6
    Views:
    781
    §ñühwØ£f
    Sep 17, 2008
  5. Replies:
    3
    Views:
    4,913
    Gerry
    Oct 24, 2008
Loading...

Share This Page