Process ID (scvhost)

Hi,

Issue: Track down which “svchost.exe” is constantly trying to connect to the internet.
Setup: Comodo 10, Firewall Custom Ruleset

svchost.exe have multiple process running depending on your services list. The issue with Comodo currently is that doesn’t care about individual process. It doesn’t show the Process ID (PID) also (at least that I know of). So all Firewall connection under svchost is shared.

Is there a way for me to find out which specific svchost.exe that is trying to connect to the internet?

Thank you.

Hi fghcoc,

Currently there is no easy way to do this by CIS, I would advise to use tcpview from Microsoft Sysinternals tools

Kind Regards,
Ronny

Hi Ronny,

Thank you for your reply. I’ll try using the tool you provide the link to. If all else fail, I just hope future milestone will include PID feature or of similar/improved tool.

Thank you.