New
#1
scvhost.eve - process or virus
I have run different online scanners as well as my Norton AV, Malwarebytes, and Defender, and am fairly confident I am virus free. However, when going through the Norton Log, I came across numerous instances of where it blocked scvhost from accessing different processes. I downloaded UniBlues Process QuickLinks, to help decypher what process is what, and saw that for svchost.exe it can either be a legitimate process, or about 3 or 4 different Trojans. How on earth do you tell the legit processes apart from the virus? I understand that svchost process is needed to launch .dll files, and is legit, but can't find any info on how to tell a legit instance of it from a virus; other than understanding that enabling heuristic detection on Norton analyzes how something is running (which I always keep cranked up to High, or agressive)
Thanks for helping me understand this! ;-)