How to Remove the svchost.exe virus from PC

What is Svchost.exe?

The svchost.exe is an executable file of Microsoft Windows and is tagged as a Generic Host Process for Win32 Services. This is an important Windows file and it is used to load the required DLL files that are used with Microsoft Windows and Windows programs that run on your computer. Some Malware often uses a process by the name “svchost.exe” to mimic the windows process.

The orginal file is located only in c:\windows\system32 or c:\winnt\system32 depending on versions of Windows OS. If the file that is located in any other location, then we can conclude that the system is infected with malware.

svchost.exe provides a service which is used by Windows Defender. There are multiple instances provided by svchost.exe which are used for many operations. One instance may provide single operation and other instance provide several service to windows.To know the service which are currently running. Go to Task Manager and click Processes tab. Click Show all process and Right-click an instance of svchost.exe, and then click Go to Service(s). The services associated with the process are highlighted on the Services tab.

Affected OS/Platform: Windows

How to find System is affected by Svchost.exe malware

Step 1: Open the Task Manager with a CTRL+ALT+DEL key combination

Step 2: Right click on the svchost.exe and Select Open File Location The Open File Location will be showing you the path where the file is actually located c:\windows\system32 or c:\winnt\system32.

If it gets open in some other folder or file location, then it is sure that the system is infected with svchost.exe malware.

How to remove the svchost.exe file from system using Comodo Antivirus?

Download our award-winning Comodo Antivirus software

Installation configuration frames will be displayed. Select the configuration you would like to apply

Select Customize Configuration option and arrange installers, configuration, and file location.

Once the Installation is Finished, restart your PC.

Comodo Internet Security starts to update the software for virus protection. It takes sometime to get updated.

After the update, a Quick scan is executed.

If threats are found upon completion of scanning, you will be prompted with an alert screen.

The Antivirus Software will clean all malware including svchost.exe.

Windows OS PC Security Softwares:

Related Resources:

Malware Entries

First Seen: 26 May 2018 at 2:16 pm

No.	Company	File Type	SHA1	MD5	Malware Name	Digitally Signed	File Version	Product Version	Submitted From	Malware Behavior
1	N/A	Executable	a170a3703bb0ccd9 574cf1a488f7c058 34e184d3	06a191cce614be68 5ebc72f0271f19d6	Backdoor.MSI L.Bladabindi .A	No	N/A	N/A	United States	N/A
2	N/A	Executable	34400c1e88326fb6 79d90a701c42af0d 5b115604	c7476604075b65bd 79b3c64f19a14108	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Venezuela	N/A
3	N/A	Executable	df340309d4d6e930 43f247ef367cedde cd083b71	c8ac4c04ce2b46b5 8f8d59b8124823f0	ApplicUnwnt	Yes	N/A	N/A	185.150.154.131/32	N/A
4	N/A	Executable	da8097de6b56b0e8 70474a139ac4c373 18496450	68f4c6d62154c9aa 866e3b146bc1c7ea	ApplicUnwnt	Yes	N/A	N/A	185.150.154.144/32	N/A
5	N/A	Executable	f17deb6a60ca8353 1bcaa453d88034d9 5b4b6815	5dfdc21e265cc2f5 6e31ecf8351ded28	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	United States	N/A
6	Microsoft Corporation	Executable	38fb24d0759278f1 dcf6e37c4cc46a3c 6a5757ca	f92e31c29a83cb41 c66be13ccffdd4db	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Ghana	N/A
7	N/A	Executable	73aa17021a1fe67b e9a872ec194ad668 e08e55d9	c500f4080dbf684d 60382f97ff916340	Backdoor.MSI L.Bladabindi .A	No	N/A	N/A	United States	N/A
8	N/A	Executable	002d1526d2b87ce9 02ad3e4948e01fac f2b8648e	3750961e969f8909 4119d4d73fb00dfd	Unclassified Malware	No	1.0	1.0	United States	N/A
9	Microsoft Corporation	Executable	c879543c4219c430 ef7d0d12525683a3 562076c2	60264f41ebdc2440 1d826da251f87058	Unclassified Malware	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	United States	N/A
10	N/A	Executable	0a2b793f481169c4 306f9d779654a061 eea5cfe8	ef1e733864636e17 d88142efe7a9b3cf	ApplicUnwnt	Yes	N/A	N/A	185.150.154.131/32	N/A
11	Microsoft Corporation	Executable	d32ee4727a23b9ee 06f1e946dd691f57 d66fd5b5	4b05d253d2523e2a fcc915266a16780f	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	197.34.10.238/32	N/A
12	N/A	Executable	b8432a8658612429 a33c2324d9413a35 06692f8e	cc9c20ab0d962a03 023a3a31c0d5eb55	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Argentina	N/A
13	N/A	Executable	6f9b0ceee9ca8d10 ca15ffc392431206 4b794e97	eeb7afb544cf60fd e2d7b3ce0b008655	Unclassified Malware	No	N/A	N/A	United States	N/A
14	N/A	Executable	548f17a6bdc718f8 6d46c652ca41264e a8085092	a289c566ff6f3eb7 7646d8f8f6c0625e	ApplicUnwnt	Yes	N/A	N/A	Russian Federation	N/A
15	N/A	Executable	49a895ed11de502f 23ddeebe12bccac2 8b423ec1	448579292159a7fd 61b935778984452c	ApplicUnwnt	Yes	N/A	N/A	185.150.154.131/32	N/A
16	Microsoft	Executable	06602a70d27fdd79 2e7f342f36434cf3 d582e9f9	63682af74e094a8e c1de2fbc9c2569f7	Virus.Win32. Sality.gen	No	1.00	1.00	Venezuela	N/A
17	N/A	Executable	e10eb8aaf68cb5e3 984f7a1fcfa2f331 c7d16ca4	085baceb0b7af9cd 5148216787b29549	Unclassified Malware	Yes	N/A	N/A	185.150.154.131/32	N/A
18	Microsoft	Executable	7e25131587a2c485 9a1a4f5e01565fe4 fc91cf38	202c17441fff100c 190be954e11fe837	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Germany	N/A
19	N/A	Executable	af195d9bf6afd2bb d9d9bc23f1f3fd2d c93bad7c	deff2b76a60aad30 f10101697354876d	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	United States	N/A
20	No Company	Executable	27acd479a187a266 5e8212ba95ec60aa 08d2fa03	aa2e81bf331a10f9 97a5285114f2dc8a	Unclassified Malware	No	0.5.0	0.5.0	89.22.188.113/32	N/A
21	N/A	Executable	59863c773753d4fc 38cb9a301ab58353 311651aa	322eaa5cb48110c7 730acb6a7b372f35	ApplicUnwnt	Yes	N/A	N/A	185.150.154.131/32	N/A
22	N/A	Executable	1055cc811627c68e 7303cd7a215b8123 0b72bc06	9fa46fe673d6609f b812f952188a6b82	ApplicUnwnt	Yes	N/A	N/A	185.150.154.131/32	N/A
23	N/A	Executable	28c9eb59b289f493 0da84a9f0905e995 09ad3b1c	e1b4d9b82398bb96 6337e6a33b7a3705	Unclassified Malware	Yes	N/A	N/A	Russian Federation	N/A
24	N/A	Executable	4ec4ac33456aec8d f5843336ec229377 59c13a40	6ff2022d17bf0376 7b2298bee9b7fcf9	ApplicUnwnt	Yes	N/A	N/A	Ukraine	N/A
25	N/A	Executable	25e98cd0c85887dc 7629b5a659617158 61862742	5d04c9ce8dd27fa0 5fd86ac0a576a5c4	TrojWare.Win 32.KeyLogger .Ardamax.K	No	N/A	N/A	United States	N/A
26	Microsoft	Executable	d61aec3c48bb633d 544b9661a8589d93 f82dde37	0b1804af31f361fd e68c6aed88fa2eaf	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	200.63.106.140/32	N/A
27	N/A	Executable	3a9e1a74382bc09c d890445ce102db30 d2235ae5	22befe681fabebac e7b2382019d744ff	Unclassified Malware	Yes	N/A	N/A	India	N/A
28	N/A	Executable	6d971f815d8e8a16 a88a725973629cdf 079f74b8	f2795374f54a6fcb 659d9a52eaaaaa25	Unclassified Malware	No	N/A	N/A	United States	N/A
29	Microsoft Corporation	Executable	0feaa2cf2e013aca 1bf1c840ddaa7dee e650cb37	d112e77fbbb5fd14 a48252917d4ec0b4	Virus.Win32. Expiro.CG	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Turkey	N/A
30	N/A	Executable	bb2d203e9f6fbb45 b60c0977459eedf4 8d4afa2a	691d9eb46363a49f bfa4bdf824348de3	Unclassified Malware	No	N/A	N/A	Russian Federation	N/A
31	N/A	Executable	f18c3ea650dc96a9 fc943cf74abe9a2b c7838bfb	9ae5ec2206abd894 9e4f14f0cb0d0c74	TrojWare.Win 32.TrojanCli cker.Agent.N YY	No	N/A	N/A	United States	N/A
32	N/A	Executable	0d5a82f20e6bdac1 4e46850e41aece82 89db4bf3	fbb23cb4c4c8acaf d3bfa7dced94e3d0	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Indonesia	N/A
33	N/A	Executable	641aca1834e45013 aef31fabc87a62e9 4cd6ab3a	3670771d667e5817 10d3529bb6076f25	ApplicUnwnt	Yes	N/A	N/A	185.150.154.131/32	N/A
34	SOFTWIN S	Executable	0f582b54b823b999 0ee283958dc76877 60d68fca	4def7291a3ec0663 5dfe85ff252948eb	Win32.Jeefo. A	No	106.42.73	106.4	Tunisia	N/A
35	Microsoft	Executable	1c1b44346e158a2a 64b25512c830010d 97a5f093	2df896456315deab 41f50f80fa7dd75e	Unclassified Malware	No	2.5.2	2.5.2	United States	N/A
36	N/A	Executable	1f1a2a8344ace999 b78d83b493ecd839 5fda6d91	e0a761b437fef45c a0bddf299a28a3b0	Unclassified Malware	No	N/A	N/A	United States	N/A
37	N/A	Executable	164003fcda2f2819 8974f0b33798c631 2b28473c	1915fe1f30d92c75 eae25e92cd32218f	Unclassified Malware	No	N/A	N/A	United States	N/A
38	N/A	Executable	23aae3eb1c47cdce 5becd0fbcfee8261 be247475	0a4cd0a31b4667dd 10f3408ef03a5fa0	Unclassified Malware	No	N/A	N/A	Ukraine	N/A
39	N/A	Executable	aa1d9918a46e9be7 b3d142e2093d00a1 eff3a18b	d2fabadbc5a3ca4c 6c18d8be44b0b52f	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	181.174.101.53/32	N/A
40	N/A	Executable	0592f344085103ff 22b56dd65b6f8147 2541be89	bc8f5262853bf08e 82cdc8d852a34174	Unclassified Malware	No	2, 2, 2, 1232	2, 2, 2, 1232	China	N/A
41	Microsoft	Executable	9b9149c800b9e3c1 dda779d8dc80356e 9b9caecd	33d2f1d583ae1349 8e1186a0ba5cb47c	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Vietnam	N/A
42	N/A	Executable	64af20ddf769c172 eb2d9ff33a449441 1dc14bb8	3ab498727a406a64 41736b56ceadcb33	N/A	No	N/A	N/A	31.10.153.140/32	N/A
43	N/A	Executable	4d1f8d63a2ab538e 5c6b744a24e7b47e b5ddd43d	93c2042da435d3aa ba23d6e476f2c8db	TrojWare.MSI L.Injector.~ TRV	No	1.0.0.0	1.0.0.0	179.183.57.122/32	N/A
44	Microsoft Corporation	Executable	0d938ca353a75a35 d7203ddf5396a47c 0b459285	72328026a693ab96 86c9b4ca04f6253a	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Philippines	N/A
45	N/A	Executable	d3215aaa9dbd8fb9 3b93c8d14b395964 4175d783	698e55175434e421 6d6653826a2ebe72	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	177.252.242.101/32	N/A
46	Microsoft Corporation	Executable	dff4de809a27d28e 318c70ca42b3bf94 aaa2a315	70d42295d67a6b12 41ea17374dc21ec9	Virus.Win32. Sality.gen	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Canada	N/A
47	Microsoft	Executable	610d6a676c703b01 0e1c3e0fff54378d 6fb61a97	8f9ef6b18cc58f7e 949b1dfa8cfe0402	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Spain	N/A
48	Microsoft	Executable	ebf0bc2510c8a094 0e53a94cbe7b23fc ecca5d8a	97c04d1aaf71002d e233293399851c4f	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
49	Microsoft	Executable	ef189032029e6e06 94d2357f7bfcf4b7 7e2acf70	90303b34b726fc24 2e97fda4455436be	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Chile	N/A
50	Microsoft	Executable	b078e80fe950cfaa e1fb52129ef3e249 ee97c6fd	8529876a2d93f538 4e5fc5aa74de13aa	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	197.210.172.54/32	N/A
51	N/A	Executable	9b71bfbc03749bf0 a218a57efd347b84 e7ccdc03	460170d74b6b03b8 92e96b07bd0a28f1	Unclassified Malware	No	N/A	N/A	Bolivia	N/A
52	DjawaTorent, Inc.	Executable	ae40f7ee701bce3c bf814278be1a09c0 2e4288d1	8f5ff7d3c9279c4f e0dbb27b8b935d72	TrojWare.Win 32.KeyLogger .Agent.~das	No	2.0.0.1862 0	2.0.0.1862 0	United States	N/A
53	N/A	Executable	8bec94f03afa1133 a3b057e2cf86b668 0ecbf14d	4d3d9dca8990919f 64a82385acb6399a	ApplicUnwnt	Yes	N/A	N/A	Pakistan	N/A
54	N/A	Executable	63e2dcfb0f66e5ab 43cb4b50f6bcdf83 6505023c	d69f4e7605dbb439 7fb67415f987ba5e	ApplicUnwnt	Yes	N/A	N/A	185.150.154.131/32	N/A
55	N/A	Executable	9a2d36efc6ef99ed fce3c7942770ec73 f0234aa7	fea9e1ff9f8565ef d1da81c8558364f2	Unclassified Malware	No	N/A	N/A	Austria	N/A
56	Microsoft	Executable	6438a43a807b7dec 140207f66715417e e8242232	f394a4daff14703c 23856543d6cea6f6	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
57	N/A	Executable	e4d8ecf432289878 653e6c6cab5ec891 f7203e0b	de5853b31670e24f 4f4d402822fdca81	ApplicUnwnt	Yes	N/A	N/A	Europe	N/A
58	N/A	Executable	cc905132ac2f1ad7 36f13398f7e7750e 5a3666fb	2b59f8abd1d72fd9 c3606ef9ac8a477d	TrojWare.Win 32.CoinMiner .~BMM	No	1.00	1.00	Russian Federation	N/A
59	N/A	Executable	930956a2c1d5434e 2c1ce55d33332a81 1e50a0c8	b59a0fe3e04d0bcb f3dc44507020f5c8	Unclassified Malware	Yes	N/A	N/A	185.150.154.131/32	N/A
60	Microsoft	Executable	fb3dc873843b99ac e08839e5e8ae387e 5d3c0956	3c72e97a3a2f09c3 2f4e850eff9e7750	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Vietnam	N/A
61	N/A	Executable	1ac43c0a028cc143 ec3b44c438f1cf02 de127dab	f777151a925b2ab3 7ad95260e96f0501	N/A	No	N/A	N/A	31.10.153.140/32	N/A
62	N/A	Executable	5a06b73f216addb8 e621595ab26d64bc 3c3863cf	b584030e6a89856e f10dc36fb0e90f6b	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	177.252.247.100/32	N/A
63	N/A	Executable	687f84648366fb12 46927b03e608d46a a9a748d4	0c0acb51b50f0a8a 9a482d917bfb7ebf	ApplicUnwnt	Yes	N/A	N/A	176.105.211.0/32	N/A
64	N/A	Executable	7ddaf6b387fbb874 5a122b88f33f39e2 f980c0ae	79fab341b551c44a 82bff7215ad5d122	ApplicUnwnt	Yes	N/A	N/A	185.150.154.131/32	N/A
65	N/A	Executable	bc571f9d9a1f2617 958625ee9e905761 037e49c1	432f82ba2b308c18 a9925816bc2757b3	Unclassified Malware	Yes	N/A	N/A	5.137.52.228/32	N/A
66	N/A	Executable	9543b735d2916df9 1d12de6f872ad8d5 bf186759	acb959d648762009 db66bde7e442c859	ApplicUnwnt	No	N/A	N/A	31.10.153.140/32	N/A
67	N/A	Executable	431bfa89af204180 cc4f0f9f63d84da2 04e2ec6e	11dded0e48fb40e9 b6cf6094dc3cf96a	Unclassified Malware	No	0.0.0.0	0.0.0.0	United States	N/A
68	N/A	Executable	10e46a0026cef2b7 5cc65c6e98c5ffab 880cb3e5	897ce9daf79ab930 5dc0f6b0e39a1ae0	Unclassified Malware	No	N/A	N/A	Bolivia	N/A
69	Microsoft Corporation	Executable	3668a62a8d63432a beffc7685065c5f6 563f2c22	da6a4569608ccc02 e7a9f4bb706213cc	Unclassified Malware	No	10.0.16299 .15 (WinBuild. 160101.080 0)	10.0.16299 .15	United States	N/A
70	Microsoft	Executable	9181cd244bc7a3ef 1a871e439d8e4178 0626d0cf	c78d0489612d4297 6f6514c91ab55a67	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	132.157.128.209/32	N/A
71	N/A	Executable	b473a04c8c62a4ba 082cefcdd10e81a3 9cdd8699	71de9cc1e7da5c85 31c67bba2a81c850	Win32.Mkar.E	No	N/A	N/A	81.162.67.222/32	N/A
72	Microsoft Corporation	Executable	86b9d017fdc06c72 415851133acdad2c d299d323	356bf48d879ae8d2 9a7a45acebcfdac9	Virus.Win32. Virut.q	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Taiwan	N/A
73	N/A	Executable	5c99043bab96ece6 a53df26bcd6f97bd 22192e37	7a19cbf93758d6b4 8b0bb75460c5255c	Unclassified Malware	No	0.0.0.0	0.0.0.0	Poland	N/A
74	N/A	Executable	848f0f43bebb4792 7949b314e75d5513 6db1a1b1	7cdc89b0145d3b7f e4149d571fee6733	ApplicUnwnt	No	N/A	N/A	31.10.153.140/32	N/A
75	N/A	Executable	9e1b623ee1de3968 0662a65bf62c2935 aa6bc263	860a99af1183d371 803579d0e9e8488f	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	United States	N/A
76	N/A	Executable	a4202cd58da2efcf 3b7bdee081d9de6b 74a6e89d	94b2f758ba3fc0f7 178d537a4059a691	Unclassified Malware	No	1.0.0.0	1.0.0.0	Nigeria	N/A
77	Internet Explorer	Executable	65b8031520fe97e3 d5fd2fda239873df 975975de	34779873f3dfdb69 4e9e9064a482b734	Unclassified Malware	No	10.0.7600. 16385	10.0.7600. 16385	United States	N/A
78	N/A	Executable	b3530e50850c1af2 9ec23c4dbc4b0415 323ae46a	9a86c880c4435fc4 7c96b99fa71ad93a	Worm.Win32.A utoRun.BDZ	No	N/A	N/A	United States	N/A
79	N/A	Executable	ce71f6d2796c40f4 82f414202da34bae f68fb541	931f2c59858d30ce bd777177246148d7	TrojWare.Win 32.Bancteian .A	No	1.0.0.0	1.0.0.0	Vietnam	N/A

1 2 3...20

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Safe Entries

First Seen: 03 October 2008 at 7:29 pm

No.	Company	File Type	SHA1	MD5	Digitally Signed	File Version	Product Version	Submitted From
1	ReactOS Development Team	Executable	5e44d0531db4b24e ac77c3dd6c46a820 05884c60	161a0953cfc90b3e 5be5d7a9e838244d	No	0.4.8	0.4.8	10.108.51.194/32
2	Microsoft Corporation	Executable	18930fd524b3fdfa ca1c0e6a81524f5a 282b3009	e31fb4f13f5949b8 68c117714bb44375	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	United States
3	Microsoft Corporation	Executable	4eea9bdfe0eb4175 9d96ec9bd224c451 9314a8fa	e4ca434f25168159 0d0538bc21c32d2f	Yes	6.3.9600.1 6384 (winblue_r tm.130821- 1623)	6.3.9600.1 6384	United States
4	Microsoft Corporation	Executable	4eea9bdfe0eb4175 9d96ec9bd224c451 9314a8fa	e4ca434f25168159 0d0538bc21c32d2f	Yes	6.3.9600.1 6384 (winblue_r tm.130821- 1623)	6.3.9600.1 6384	10.108.51.116/32

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Malware Search Engine

How to Remove “svchost.exe”

What is Svchost.exe?

How to find System is affected by Svchost.exe malware

How to remove the svchost.exe file from system using Comodo Antivirus?