How to Remove svchost.exe Virus | svchost.exe Malware Removal

What is Svchost.exe?

The svchost.exe is an executable file of Microsoft Windows and is tagged as a Generic Host Process for Win32 Services. This is an important Windows file and it is used to load the required DLL files that are used with Microsoft Windows and Windows programs that run on your computer. Some Malware often uses a process by the name “svchost.exe” to mimic the windows process.

The orginal file is located only in c:\windows\system32 or c:\winnt\system32 depending on versions of Windows OS. If the file that is located in any other location, then we can conclude that the system is infected with malware.

svchost.exe provides a service which is used by Windows Defender. There are multiple instances provided by svchost.exe which are used for many operations. One instance may provide single operation and other instance provide several service to windows.To know the service which are currently running. Go to Task Manager and click Processes tab. Click Show all process and Right-click an instance of svchost.exe, and then click Go to Service(s). The services associated with the process are highlighted on the Services tab.

Affected OS/Platform: Windows

How to find System is affected by Svchost.exe malware

Step 1: Open the Task Manager with a CTRL+ALT+DEL key combination

Step 2: Right click on the svchost.exe and Select Open File Location The Open File Location will be showing you the path where the file is actually located c:\windows\system32 or c:\winnt\system32.

If it gets open in some other folder or file location, then it is sure that the system is infected with svchost.exe malware.

How to remove the svchost.exe virus from the system using Comodo Antivirus?

Download our award-winning Comodo Antivirus software

Installation configuration frames will be displayed. Select the configuration you would like to apply

Select Customize Configuration option and arrange installers, configuration, and file location.

Once the Installation is Finished, restart your PC.

Comodo Internet Security starts to update the software for virus protection. It takes sometime to get updated.

After the update, a Quick scan is executed.

If threats are found upon completion of scanning, you will be prompted with an alert screen.

The Antivirus Software will clean all malware including svchost.exe virus.

Windows OS PC Security Softwares:

Related Resources:

Website Malware Directory Resources:

Malware Entries

Safe Entries

First Seen: 07 October 2011 at 7:23 pm

No.	Company	File Type	SHA1	MD5	Malware Name	Digitally Signed	File Version	Product Version	Submitted From	Malware Behavior
1	Acoustica Inc.	Executable	1c80c1a7be5dd3b7 1e8205166d57f17a 7fc118af	4c9a59bcdb40e39f 0c72820f381b9ab2	TrojWare.Win 32.Injector. ADKK	No	2, 0, 18, 0	2, 0, 18, 0	United Kingdom	N/A
2	N/A	Executable	31478e6e996cb2f7 f9b0d4c2ce9ac088 28b0a2cb	e6d6685365d60593 5189f6512e03b19d	Application. Win32.Adware .RuKoma.A	Yes	N/A	N/A	185.150.154.131/32	N/A
3	Tencent	Executable	f904baffceb56a4d cbae23788066e290 963a380d	fa508241066ee437 5d8bcbe6b843baa5	TrojWare.Win 32.Magania.~ AAD	No	1, 57, 1961, 0	1, 57, 1961, 0	Internal Submission	N/A
4	NULL	Executable	049c34d55d31e987 a204f536174b21a8 d5911601	f7f724517b39e2af 1fc8263d60afa177	Unclassified Malware	No	1.0.0.0	1.0.0.0	Internal Submission	N/A
5	Tencent	Executable	78bb1482113a230e dbf74c2fa68ebb3a 7d1bdb29	e6f22990f0bd3f45 e123bba6baf75b8f	TrojWare.Win 32.Magania.~ AAD	No	1, 57, 1961, 0	1, 57, 1961, 0	Internal Submission	N/A
6	N/A	Executable	418d03e9b490674c 36612c371b608a58 b9f7dbcf	bc6fdea5f16135a7 fb5c903feebdd9f8	TrojWare.Win 32.Trojan.Ag ent.~ICT	No	N/A	N/A	Venezuela	N/A
7	Macromedia, Inc.	Executable	d4e5eb07b999ca47 cc3c1c8d465bb087 8a48b851	0fe56475f9e3e27b 330096616e2ee9c1	Virus.Win32. Ramnit.K	No	7,0,14,0	7,0,14,0	Philippines	N/A
8	N/A	Executable	a5fff2a5f8f5f188 b42ad708954dab11 7246511c	5533abf652f1022f 9ac8c8e818a89351	Heur.Suspici ous	No	N/A	N/A	United States	N/A
9	Microsoft	Executable	9ab0a6be2ea4d870 549cdf57446d1ecd 02f09568	135c2ac06f35bf75 d796d66cbc13fb3b	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	197.210.55.75/32	N/A
10	Tencent	Executable	8ec5556385246bf7 2249a2e06e7a2cb0 f4003f5c	70f101c523266235 5a91660a28651af4	TrojWare.Win 32.Zegost.IN A	No	1, 57, 1961, 0	1, 57, 1961, 0	Internal Submission	N/A
11	N/A	Executable	d6fedc86fb53b566 ca86351a16b80d77 2568a4e7	7f478b734ee4ec3b ef9eb7e71c4e9384	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	United States	N/A
12	N/A	Executable	253894860de0301d 4e956ce1b7029143 cf16a267	5d3da46a1a40ba1b aff24c14af2a26e3	Win32.Jeefo. A	No	N/A	N/A	Poland	N/A
13	N/A	Executable	ebecf007e8f64082 a1618c3fb6814bea 44b99eea	54fbd0d0240a3e02 49e4008c72b053d8	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Venezuela	N/A
14	Cronosoft	Executable	c5a66c82ab502bdf 6322b18a2487435b 5338ee1d	7cc569dcc12f69f9 1dfc2af73c33966b	Virus.Win32. Virut.Ce	No	10.10	10.10	Trinidad and Tobago	N/A
15	Microsoft	Executable	055373e7540df0cb c986b0f346f0a8ca baa3324d	5d3175dfd0e5e2b5 91f1b1150d8c9293	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	France	N/A
16	N/A	Executable	7fab7ad2fd66b33e fe384311f5e02c35 17e704cd	b7c94edfb34c5dc0 ce0acf5c0390a540	Unclassified Malware	No	N/A	N/A	102.156.188.229/32	N/A
17	N/A	Executable	de4f3b38d7f2c456 e88fac9e711a780d 4e8ccac6	e76b94c53d1818dc 6366fb42a57400a1	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Cote D'Ivoire	N/A
18	Microsoft Corporation	Executable	21e9e0bb48e67062 599f4a28d300994f 3150ec0c	17750b217ee388cc 128b7b990da4368f	TrojWare.Win 32.Spy.Banke r.Gen	No	N/A	1.0.0.0	Internal Submission	N/A
19	Microsoft	Executable	0a5237c797ffa4c2 f626c54b4f502cb7 7d58cbf6	f91a7c6f6991db5a 431fbe47d91654d8	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
20	N/A	Executable	482775d175b5e367 268f2bc26a94d5bf f3e1412a	00efe775c630c3f7 66526c8996cc062c	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Japan	N/A
21	N/A	Executable	5167f0d0e8b7eb39 5b707f972caf3ec2 4ed0e288	0c5b91322485e5de e779afdff986cb0a	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Indonesia	N/A
22	Microsoft Corporation	Executable	75bc2a585278b623 241389da15299197 2256170c	b40d1e0b5d3928cc e2a1afdaffc1d1aa	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	102.164.99.57/32	N/A
23	Microsoft Corporation	Executable	50ce963b5a45c8d9 47514b731c6d8ebd 0103c866	20b7ac1e937eb630 d7e997d69f2cd2cb	TrojWare.Win 32.Spy.Banke r.Gen	No	6.1.760	6.1.760.16 390	Bangladesh	N/A
24	NULL	Executable	0df0281e26c13dc9 f1e6caed997baefa 73f58a6f	16129e19a5ae41f7 ccc8f8cb188784a0	Unclassified Malware	No	2.03.0001	2.03.0001	10.224.1.116/32	N/A
25	N/A	Executable	1c0f0079c329a054 51cc69cb9dac6eee 82974050	0b6bbdb71222a8f0 8b2b82578b8bdcd2	Unclassified Malware	No	N/A	N/A	Internal Submission	N/A
26	N/A	Executable	2179bf5f1073866b 7bae1fde2758d98f ffb23d22	84ca7f70d557482d 5d0f36c239cdbd39	TrojWare.Win 32.Bancteian .AC	No	1.0.0.0	1.0.0.0	Turkey	N/A
27	Microsoft	Executable	18385c47e7e8e01d b3d6af744c4704cc a0302680	18959ff096cc0e0a 6ce0ae65006b7afc	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	France	N/A
28	N/A	Executable	02ff290a8cb42482 8629a1459c926f86 9fac0920	2867cc250bacc4cc 87f5b9110c7189b2	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Indonesia	N/A
29	N/A	Executable	fccc658886cdd84a b3c4c30ee81a542b b1afead1	f015e8c4d7f8b0fc b82aed6704a82a0a	TrojWare.MSI L.Spy.Agent. CP	No	N/A	N/A	Europe	N/A
30	Microsoft Corporati逧n	Executable	308aa5261be1874a 322f55d726515d75 767c8aec	5a4747fc864d58d6 3e06e24b00ef690d	TrojWare.Win 32.Kryptik.K AZ	No	5.2.3790.4 566 (srv03_sp2 _qfe.09080 5-1438)	5.2.3790.4 566	Internal Submission	N/A
31	N/A	Executable	0fcd6821902f3b58 a6b9b37364426177 8abd18a0	b9c50b9afd44f6fb 4c2026dd41194b39	ApplicUnwnt	No	N/A	N/A	United States	N/A
32	N/A	Executable	e24cc152e52ebd76 6c1ba59ffc50eb8f bab6b8b9	fcee41edc7f851ef 0fdf60e057b66335	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Lebanon	N/A
33	Redondo	Executable	1ea5a0bb45789de5 1fd39fe1257767ce 1b022ede	c4b6d916790a34ee f6c71cfea4526d8f	TrojWare.Win 32.TrojanDro pper.Agent.V CC	No	3.45.0005	3.45.0005	Internal Submission	N/A
34	Microsoft	Executable	da022f6a1f6dd8c8 19e8d7d9097ff8bb 6dd112b3	13f9b9ac5c7d7503 f85009b202591d3f	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	France	N/A
35	Microsoft	Executable	b7d18c9f2cfe371a daee4db6d20d2587 1d4f8555	16f1cb13a8e8c8f7 8b1ac155207886a5	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
36	N/A	Executable	492bae04efd7049a 1dce8fdc5c616451 40ed202e	209ed86b9d6182ec 8ea95a331a02c4b3	Backdoor.Win 32.Amtar.vna	No	N/A	N/A	Brazil	N/A
37	Microsoft	Executable	95a2e40e36307194 7922c5963ae375a4 84f81269	7721ea3dae61a394 69d6a6f2e506685a	TrojWare.Win 32.Kryptik.G T	No	1.00	1.00	Vietnam	N/A
38	Tencent	Executable	42b319cf1ac38fc9 4159cd9636732e48 38314e2d	368fdb173eff682d 56a34c894014fc78	TrojWare.Win 32.Magania.~ AAD	No	1, 57, 1961, 0	1, 57, 1961, 0	Internal Submission	N/A
39	N/A	Executable	a3445f6d5269d5ca bc522b98b1208e9f 76cac114	29d14dad82951b49 17f54a59e14419c6	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	India	N/A
40	N/A	Executable	3af3389137d42c80 c34ba1cbcbd7884b ecd1c19f	faf46e5851b3aeb7 d97ecc33aedafbb3	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Colombia	N/A
41	Windows (R) Win 7 DDK provider	Executable	6439827587255651 66eaa02af1c52e1a 3c7424ef	f105258798f10531 e2df2a81f67a9d76	TrojWare.Win 32.Trojan.Ag ent.Gen	No	9.3.7800.2 1715	9.3.7800.2 1715	Brazil	N/A
42	NULL	Executable	42c26766d16cb9c2 1c3a95bac84b88bc 1469d7c5	a8caf03b50c424e9 639580cdcc28507b	Heur.Suspici ous	No	1, 0, 0, 1	1, 0, 0, 1	Internal Submission	N/A
43	N/A	Executable	eaeb8ed49c4140f1 4864aaa99160edb7 1e7beb63	1c47e3b5209b6f5a 62fb499a1914b887	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Norway	N/A
44	N/A	Executable	16cbd75b6cf96ee0 2b9da6f2b5f6174e fc727595	c0308f7016c08381 904585357dd55cea	TrojWare.Win 32.Bancteian .AC	No	1.0.0.0	1.0.0.0	Cote D'Ivoire	N/A
45	N/A	Executable	484e004faf68965c 2e46ab92924a8593 f70a1496	3635790791dca6ad bdf464dcac14c480	TrojWare.Win 32.ButeRat.P P	No	N/A	N/A	Internal Submission	N/A
46	NULL	Executable	253d0eaf957524a1 01ac4a07ed7bec5c 0896197d	c242eeff0c2f1e0b f6531079b74b10bb	Unclassified Malware	No	0.0.0.0	0.0.0.0	Internal Submission	N/A
47	N/A	Executable	22958515b53b0865 2f640b19ebf6d20b 833df631	fe7361e62be8d420 b8c9f2e52b0f441c	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	170.245.217.156/32	N/A
48	N/A	Executable	73620c33243187b8 181669103855794b 9e6a116b	07a8e5844c5aac92 4b2154ed1e75a69f	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Philippines	N/A
49	NULL	Executable	951e1a7912e3019d 8e96ecf9098ff879 0dc98385	c2be33709a42b54a f6dd938eec6f337f	Heur.Suspici ous	No	1, 0, 48, 05	1, 0, 48, 05	Internal Submission	N/A
50	N/A	Executable	a0a3b7d3a7aa48eb b7f638cb65810433 d6f51e72	c95be3b51632de94 22be5855f4876bd9	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Venezuela	N/A
51	Microsoft Corporation	Executable	4b14d9e3eaad097d 67d515f6ff19dbba 9e340918	dc4b6da3947fa903 dee3ed3474d53221	Virus.Win32. Sality.gen	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Ukraine	N/A
52	Microsoft	Executable	ca040eb6788bf910 28fccb033355bbdb 5f1abb18	0e5fb6265e381e2c 4ac62911544f7a52	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	186.167.251.150/32	N/A
53	N/A	Executable	62660efdbef40156 aa7742a595f6715d a167ab54	b64c3f1080761262 f5b6ecdfc9ffd065	TrojWare.Win 32.Bancteian .AC	No	1.0.0.0	1.0.0.0	105.172.227.43/32	N/A
54	N/A	Executable	f041fdd4e3a869ca 4bc7611f80de6aa8 c32d2680	d63ec55fe5ca914e 65f1c674d1a694d6	TrojWare.Win 32.Bancteian .AC	No	1.0.0.0	1.0.0.0	Cote D'Ivoire	N/A
55	N/A	Executable	ef7bf3fba56e876b 45652b8870fadb47 816385da	687c9abdf95e18c0 7a35f218e71cc3a2	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Indonesia	N/A
56	N/A	Executable	a2fb28cbe6b7940c 9178c8dc4f0c8f8a 4b906c1b	3d8478922f2a95c5 a5bf60a9a0f6795a	Unclassified Malware	No	N/A	N/A	United States	N/A
57	Microsoft Corporation	Executable	d5cb761c3ae996f6 5377ecdbfefc98e7 ac34e92f	5e193c27e02d5451 c2b29c1ca4248f72	Virus.Win32. Virut.CE	No	5.1.0.0	5.1.0.0	India	N/A
58	Microsoft	Executable	564f6aebbfd7338c 16f4c682bb405909 1f331a57	cdb3f14a9a2d0fb0 74dd892297c203f5	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	France	N/A
59	µßµµ	Executable	4e755fda05a7e5d2 f246f746d21ddb1e 1ab890a8	05a31eaadbb3b3ae 810d7415cffda041	Unclassified Malware	No	6.1.5.2	7.6.2.3	United Kingdom	N/A
60	Auto Debug System	Executable	9e6ee262006c3cab 0857bfa1ff020212 b5ebebe4	7facf547115b145b c20adf9f2e939147	TrojWare.Win 32.Buzus.rfg w	No	1, 1, 1, 10	1, 1, 1, 10	Russian Federation	N/A
61	N/A	Executable	c1cf858880da481d 105857052c9555ab 80508690	33a41b884c097010 70c882b213df421a	TrojWare.Win 32.Bancteian .AC	No	1.0.0.0	1.0.0.0	Cote D'Ivoire	N/A
62	N/A	Executable	5fda9be06756e6ed 0141ac8417fa3ff5 010c8fcd	7b992936a199e917 d565a38b4f4e530f	TrojWare.MSI L.Kryptik.ES	No	N/A	N/A	United Kingdom	N/A
63	NULL	Executable	6af5a9e1cff63240 7262750b8b08e482 6b8dd0ed	be8fd6e6a370aa78 f9f7dd419af1e68a	Heur.Suspici ous	No	1.00	1.00	Internal Submission	N/A
64	Microsoft	Executable	fb7b8ca059630ad9 4056057ae9acfbac 2b9b0854	06be0c89ed8502de e8c74c7d31db351e	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	181.237.146.178/32	N/A
65	Tencent	Executable	054841d53f269a96 94655af8cc463fa5 1c6f15f6	9aa8dbf276d35593 dfd1b36b22c95c17	TrojWare.Win 32.Magania.~ AAD	No	1, 57, 1961, 0	1, 57, 1961, 0	Internal Submission	N/A
66	N/A	Executable	c83a914988115bb4 a2f5a41f7ac929b4 15a4faaf	fafc44ccfb015a9f 53e5c93e2861e197	Unclassified Malware	No	N/A	N/A	Internal Submission	N/A
67	N/A	Executable	02c900a4492e55a3 0503ea7fe4fa2336 0fcc63db	70817e13029001ab 63a7c0027a4aaecd	TrojWare.Win 32.Packed.PN C	No	N/A	N/A	Internal Submission	N/A
68	N/A	Executable	120a2146a9f78a19 8e8dfc0f817d771f a94bdeb8	31e2ef53c6ec0a88 3b9121a1eda3931e	TrojWare.Win 32.Magania.~ AAD	No	N/A	N/A	Internal Submission	N/A
69	N/A	Executable	e3b4feb222944577 d30efd5b15360f67 e712aabb	0760a5a2fa1ce283 cfbdbf0e2f1ea626	TrojWare.Win 32.Bancteian .AC	No	1.0.0.0	1.0.0.0	United States	N/A
70	N/A	Executable	69b790920dc5b9ab c5decc25d754d84d 7cce8d3d	b858e9b1f80c285d 0cf7689f54d21b24	Backdoor.Win 32.RmtSvc.as d	No	N/A	N/A	Internal Submission	N/A

Prev 1 2 3...18 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Safe Entries

First Seen: 06 May 2008 at 1:41 pm

No.	Company	File Type	SHA1	MD5	Digitally Signed	File Version	Product Version	Submitted From
1	N/A	Executable	a802bd37b91accba 45391bfd50b337bb 15d44efb	7bef0e87abecbe18 e50835c0839906db	No	N/A	N/A	Internal Submission
2	Microsoft Corporation	Executable	da0ff4006859a758 0aba81f486f692de ad2014fe	8f078ae4ed187aaa bc0a305146de6716	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Internal Submission
3	Microsoft Corporation	Executable	8fbf73dbc557be21 bc4b229d67c1f94d 84a253ff	a22d7b3594c381ef b3395a072725fe95	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Internal Submission
4	N/A	Executable	95d4bcbf60a3a489 0858c7c39faaaa83 ee569c8b	9ea1560c138be592 e5a38f46689916e3	No	N/A	N/A	Internal Submission
5	N/A	Executable	b9b2f767ecd5e4b8 83c135ffa9b95def 3d024f2f	b04037573b76e565 6b0c33cdc678e791	No	N/A	N/A	United States
6	N/A	Executable	7f6bbc2631938496 74021e1add533a96 5002bcf5	37a3c03034e0db21 bd11248f728c0a16	No	3, 3, 6, 1	N/A	Internal Submission
7	Microsoft Corporation	Executable	6d43a102a1646197 85ed33ad87cb59ec 3f047ce5	dda2d46da1f0bd25 d6eb0194cb3ab3e4	No	5.2.3790.3 959 (srv03_sp2 _rtm.07021 6-1710)	5.2.3790.3 959	Internal Submission
8	N/A	Executable	1239bbd299df3675 33f479a851e3a029 f76b3308	d582a51cf51bd619 bab6aa8ae2ed7428	No	3, 3, 6, 1	N/A	Internal Submission

Prev 1 2 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Malware Search Engine

How to Remove “svchost.exe”

What is Svchost.exe?

How to find System is affected by Svchost.exe malware

How to remove the svchost.exe virus from the system using Comodo Antivirus?