Hello there guys,happy new year!
Lately i have been getting a lot weird connections and activity from svchost.exe.More or less this is the executable which is targeted 99% of the time by trojans.I would really appreciate a ruleset until i find out a way to deal with this permanently.
1)As of lately I have been thinking about installing a program to protect svchost.exe and similar important windows files but i haven’t out anything.I am trying to find a shadowing/sandboxing combo program in which i can monitor programs which ask access from svchost.exe and afterwards accordingly permanently allow them or revert to the previous state.Thing is that most of the time the intruder stays permanently there.
2)I am using Comodo Firewall and HIPS and i can say that i am very satisfied.However i have been looking for a way to isolate a program and run it in a sandboxed environment which doesn’t allow interaction with any other program or net access.
3)Also i am looking for system hardening tools for windows 7!
Thank you for your time guys!Any help is appreciated!