How to Remove the svchost.exe virus from PC

What is Svchost.exe?

The svchost.exe is an executable file of Microsoft Windows and is tagged as a Generic Host Process for Win32 Services. This is an important Windows file and it is used to load the required DLL files that are used with Microsoft Windows and Windows programs that run on your computer. Some Malware often uses a process by the name “svchost.exe” to mimic the windows process.

The orginal file is located only in c:\windows\system32 or c:\winnt\system32 depending on versions of Windows OS. If the file that is located in any other location, then we can conclude that the system is infected with malware.

svchost.exe provides a service which is used by Windows Defender. There are multiple instances provided by svchost.exe which are used for many operations. One instance may provide single operation and other instance provide several service to windows.To know the service which are currently running. Go to Task Manager and click Processes tab. Click Show all process and Right-click an instance of svchost.exe, and then click Go to Service(s). The services associated with the process are highlighted on the Services tab.

Affected OS/Platform: Windows

How to find System is affected by Svchost.exe malware

Step 1: Open the Task Manager with a CTRL+ALT+DEL key combination

Step 2: Right click on the svchost.exe and Select Open File Location The Open File Location will be showing you the path where the file is actually located c:\windows\system32 or c:\winnt\system32.

If it gets open in some other folder or file location, then it is sure that the system is infected with svchost.exe malware.

How to remove the svchost.exe file from system using Comodo Antivirus?

Download our award-winning Comodo Antivirus software

Installation configuration frames will be displayed. Select the configuration you would like to apply

Select Customize Configuration option and arrange installers, configuration, and file location.

Once the Installation is Finished, restart your PC.

Comodo Internet Security starts to update the software for virus protection. It takes sometime to get updated.

After the update, a Quick scan is executed.

If threats are found upon completion of scanning, you will be prompted with an alert screen.

The Antivirus Software will clean all malware including svchost.exe.

Windows OS PC Security Softwares:

Related Resources:

Website Malware Directory Resources:

Malware Entries

First Seen: 02 February 2019 at 7:19 am

No.	Company	File Type	SHA1	MD5	Malware Name	Digitally Signed	File Version	Product Version	Submitted From	Malware Behavior
1	Microsoft Corporation	Executable	299de14161c8a9fc d33c5c6ade761c99 974754ba	ea8df37fe9706c9c 872a8b17a5d1d900	TrojWare.Win 32.Ransom.Xo rist.ET	No	6.1.7601.2 3403 (win7sp1_l dr.160325- 0600)	6.1.7601.2 3403	Ukraine	N/A
2	N/A	Executable	1638d8697c0b802c 0902cdb4a70e34d0 164b9d62	5b38291ce6a4670b 4bfc2ed6cb5f12b9	Unclassified Malware	No	N/A	N/A	United States	N/A
3	N/A	Executable	cf2b77048f4be446 67a959d1ec17e5ad a233b91f	258d782fe06b8a8b 3e8da8ca4ee04678	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Pakistan	N/A
4	N/A	Executable	97c3cc681ba65063 671152dcb7d85ba4 a12d5a5d	ff3b21cc9ea6e1bd 19797f39a6aa67ac	Unclassified Malware	No	N/A	N/A	South Africa	N/A
5	Microsoft	Executable	26c2cfe0726e1e85 764c2751d13efafb 96fccf68	1402b91380747418 e0df533dc1c274e3	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
6	Microsoft	Executable	22d04199c04101d7 b036a04f26cbc5f9 6585de50	fb1882d8e4c00a20 e81ab1346615c486	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
7	N/A	Executable	fadbc05ffa00d733 b6164a71eb66dc62 7ecd2436	82158e61ebe301c3 0494f607811f0edd	Unclassified Malware	No	N/A	N/A	Poland	N/A
8	Microsoft	Executable	f5c48463d1cbe630 313f9c9a81f90746 d7916f05	7840923a69c3f5da fd9f3b191c0f4998	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	190.124.30.251/32	N/A
9	N/A	Executable	ce4e82a47cedc1aa 8837872a76951ac9 e929e533	80bd92588c94bd82 0d6d84ad0bb44e2a	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	103.116.12.244/32	N/A
10	N/A	Executable	195c844ae5b399bb 446985036d93098f 3e93431d	967d27361c4470b5 f57e0565181dec05	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Colombia	N/A
11	Microsoft	Executable	73155a96eca311c7 08b672ae25b0b8d1 01b04e05	4ba1ef915c291e90 1d0ec11fd0ebf8d9	Unclassified Malware	No	1.0.0.0	1.0.0.0	10.224.25.177/32	N/A
12	N/A	Executable	a49fb45b17f59fe8 9fbe11856e89a79a 00d5f634	d080f6c5fe2a0870 274b83ec4b8e4f30	Win32.Neshta .A	No	N/A	N/A	103.230.104.28/32	N/A
13	N/A	Executable	88d618a5ea27b555 838f39a0693b8e4b 2f3ae440	add63db1e5594e3d 7eacb649cbc63a71	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Canada	N/A
14	Microsoft Corporation	Executable	dc1eea7f0543834d 020d8bb526e7790d cc7a72e2	b44cd2a2c63bfaf4 c64d940e31f3ec1a	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Egypt	N/A
15	N/A	Executable	ec2c401938a564d3 8783d6225b53bd03 7513d573	e67878cf3255aaf1 67fdebb7f5f6ecdb	Unclassified Malware	No	1.0.0.0	1.0.0.0	Indonesia	N/A
16	Microsoft Corporation	Executable	1873e3c30a2b18ab 1a79164ab523c511 453dd89d	786c94f5340def74 407c9d1fbf59d634	Virus.Win32. Sality.gen	No	5.7.0.1659 9	5.7.0.1659 9	Egypt	N/A
17	N/A	Executable	5444285a5db3fbc8 216ea9e367c27b75 78c9476e	c55c7c2e94c32ad6 bae601e522970b0a	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	United States	N/A
18	N/A	Executable	18afb18a96b3d292 211d95ca1a7f0402 ea9f48a0	bb7f18e91be126c2 a85f0ede3704d2fd	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Mexico	N/A
19	N/A	Non-executable	c2d411fc9fdad751 dc45fa201d88620b 23b41d7b	a69becd48f5c0296 57ad373a96f5a426	Unclassified Malware	No	N/A	N/A	Venezuela	N/A
20	N/A	Executable	65ca31a2ebe3ec61 69db63fbbf7edde1 582f1aa4	af5b3c7ea92c3799 a28c57f9af77006e	Unclassified Malware	Yes	N/A	N/A	10.224.25.32/32	N/A
21	N/A	Executable	d728a4c50b6ab84a 30e446872c3e4b04 a1147724	e3c249d2ec894b71 201609014dbb03c8	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Mexico	N/A
22	Microsoft Corporation	Executable	6dc58e3af3b768cb 27a99c00cbf89d62 13a1f5ca	c94745d2a8bbf388 710194ba1f731f89	Unclassified Malware	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Thailand	N/A
23	Microsoft Corporation	Executable	d316b900c04e49ae a3b1d22b7f3007e2 148a8a5f	d937914870a7ad4f 1c9ec800907b0bb7	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
24	N/A	Executable	210f35245a13490b 1c9786bddc6827c9 377af942	c68976325c5057e5 2d0fdf23bc47089e	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Bolivia	N/A
25	N/A	Executable	d32cda9fcb24ee1f 34efc145874191b8 26b8e670	803dbbab23895c81 8e7d82aadb5b27e3	TrojWare.Win 32.Agent.ksw uv	No	N/A	N/A	Poland	N/A
26	N/A	Executable	c88f6f305954d286 e95d5281e1998ada 0108e725	4099b1c88a083331 dbb0ee064be05008	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	United States	N/A
27	Microsoft Corporation	Executable	6da55740ee3c5f62 052ce6165a2686b6 a794c49a	cb17f1ca0d0d3f1b 4fc25955f906d8f0	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	United States	N/A
28	N/A	Executable	da4ce1d2dfd997b8 eda39c40111e9694 3f31cbca	108d4d899e9e9cb3 58d8111425901334	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Venezuela	N/A
29	N/A	Executable	e06588f43aca5d21 1612b7fad713033b 931e9d1a	5b740866b0a4bb30 f4b7213261e16d0d	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Indonesia	N/A
30	N/A	Executable	da94ca9fb2bb68fb c49cfc7158b0a83b 47226955	c907b12625c2046c d397f60bff005579	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Canada	N/A
31	Microsoft Corporation	Executable	4ecce6cc4e445fe2 cc91ae373437348b 14981a75	6a99e5570a24ce9f 811e1b0558f75d15	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	156.198.33.15/32	N/A
32	N/A	Executable	d5da0eb203df5d3b 22fa1f9ded248351 0b315bf9	457506a1821c031b f6e969a2e9ca23c7	TrojWare.Win 32.TrojanDro pper.Binder. v	No	N/A	N/A	Italy	N/A
33	N/A	Executable	a0d9b3bf3ce6902c 4409dfe2e421637c cec18b4d	fb19908dca2acb24 b2b81c1f1870adbd	Unclassified Malware	Yes	1, 0, 0, 1	1, 0, 0, 1	Internal Submission	N/A
34	N/A	Executable	f21b6654a4923f1a 3edae1a06fd035e7 e4dd3ddb	3b05335e86dce16d ebdf51fcb38a3553	Unclassified Malware	No	3.3.14.5	3.3.14.5	Russian Federation	N/A
35	N/A	Executable	5672d5429411a499 0721dc9cd6f1e80b cd668c2d	54a3b00cb426bbec 652d74b4c7504434	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	179.25.76.193/32	N/A
36	N/A	Executable	c8532109f3ea8fc9 198312131d7a783a a57e4263	cf3b15c94da56fe2 658cdda0bdd73f84	ApplicUnwnt	No	N/A	N/A	10.224.25.40/32	N/A
37	小奈	Executable	2759ae21a92f9b68 d65fae42754d7a1d 50287297	35fd66f4e8781b36 1d9e523be8822b5b	TrojWare.Win 32.Agent.OSC F	No	1.0.0.0	1.0.0.0	Internal Submission	N/A
38	N/A	Executable	4708f8d4b168ac17 b595c9518790f45e 2a16cc4c	3f50bfbffb00426c 96a36a6e3af137d1	TrojWare.Win 32.Bancteian .A	No	1.0.0.0	1.0.0.0	Vietnam	N/A
39	Microsoft Corporation	Executable	fd47eafe8dba40d0 a60956246510a8d7 39489ada	7c8166a460a7bdaa cdfbd4aeb3045daf	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
40	N/A	Executable	fab6daede9866705 23da5ce75487002f 0d236473	ffc8329ec29ba541 b3a9f71046f4a7d5	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Philippines	N/A
41	N/A	Executable	92a5d8c9874eac94 c91dc40b7629b988 a1bb9a95	fae4534544cddec5 17316a3bf0cee096	Unclassified Malware	No	N/A	N/A	Poland	N/A
42	Microsoft Corporation	Executable	37888569cebbcdfe 5f667b5b2a2de53c 5ecbe1f9	7ea8c23407958a21 2a63df082496fb6d	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	197.59.184.98/32	N/A
43	N/A	Executable	fac1de84705b739d 006f4c5f1b7ee913 708eae2e	ffaa7db2c79d9e84 833cc7cd255ddd00	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	165.16.80.63/32	N/A
44	N/A	Executable	120091aee4ee0866 9503b54753a32381 f19060b2	96a266e793cff4f5 5a0ab51c175a17e0	ApplicUnwnt	No	N/A	N/A	Taiwan	N/A
45	N/A	Executable	52f105a9dadd54ac e16fa79bfa12ede0 93409ecc	4bc6f4459a87dc1c 2e9e44f1b4f00825	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Canada	N/A
46	N/A	Executable	1aa0ae37d7878078 0b19c64309408f10 7989ec34	722e42b7660a2462 8dbb2ce19c838c91	Packed.Win32 .MUPACK.~KW	No	1.0.0.0	1.0.0.0	Internal Submission	N/A
47	Microsoft Corporation	Executable	c37ff29b11927fa6 7280e1984434b8be ce22bce0	d681d9c41cc5985f e14f2d0a1721ab22	Virus.Win32. Sality.gen	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Ukraine	N/A
48	N/A	Executable	a74ee8797d08dfcb b617d36b610ddf7d a6655e7d	2425b78678ec50d6 e9e8e103163edfa9	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Argentina	N/A
49	N/A	Executable	611789860635db06 40ea9a3b1ffc7e68 7dbac463	a1f1114256bd97d2 04cc5d40fc6a02e6	Unclassified Malware	No	3.3.14.2	3.3.14.2	Kazakhstan	N/A
50	N/A	Executable	68eb165bbb5dd817 e660eb7d168fb94a 2ad1fac4	ba44e9853e8db05d 17daad3ab81b6851	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Spain	N/A
51	N/A	Executable	1e29be325131c311 b7ad279ab0b38238 cf69178b	07b22bd19756e1ab 66c111ade9cbb6d8	TrojWare.Win 32.VB.QOTY	No	N/A	N/A	Morocco	N/A
52	N/A	Executable	17cc95503e363c1b f87628b3ca54cb50 cdb8a3b3	bf73145337316f91 463620cb8858ea17	Backdoor.MSI L.Bladabindi .DQ	No	N/A	N/A	United Kingdom	N/A
53	N/A	Executable	6d4bdb99bf6f12e7 99c89ba1e1ba9180 de2a6708	d6b3dc41256c3b0b 9dc2fd1dbf247d76	TrojWare.MSI L.Spy.Agent. CP	No	N/A	N/A	176.14.161.104/32	N/A
54	N/A	Executable	a4cb9589ac0d1326 b4d22728e0655247 5e8091c0	3bc467aa523bd257 6ef3b432403a1fca	Packed.Win32 .MNSP.Gen	No	N/A	N/A	Internal Submission	N/A
55	House	Executable	30d9b2cb83b9d837 14bc1f2df8864518 576ca0b1	e7e5263c569f0f77 1b54ab40141f79a5	Virus.Win32. Sality.gen	No	1, 3, 4, 7	3, 0, 0, 0	Egypt	N/A
56	N/A	Executable	a55dc4d599793e1f d54bfd294ce50c34 6e22a493	b06fb1e8684810bc d7705da1ff33f530	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	United States	N/A
57	N/A	Executable	62b3f61a35ba1bb5 05754d21d0f98ee1 92beae9c	b63322c7ecd37561 aeef75c677ea0b57	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Philippines	N/A
58	Microsoft Corporation	Executable	0252aa14e11f2b06 dbc75c43b8f44b4f 57b04462	c16e2198cd478969 b4fdffb5d14949af	Unclassified Malware	Yes	6.3.9600.1 7415 (winblue_r 4.141028-1 500)	6.3.9600.1 7415	10.224.25.40/32	N/A
59	N/A	Executable	fa8dc50f0515c4a1 6fd06333b9984bea 92226a0b	2a78056586e1fd87 e68499c90ffe01b9	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Canada	N/A
60	N/A	Executable	1e6acfa2af038121 ebf45b44954a8281 096ba08a	ce99de4ad02c6a51 47b3d7270dd6447d	Unclassified Malware	No	1.0.0.0	1.0.0.0	Nigeria	N/A
61	N/A	Executable	04aac69f75d36e8b a240a18c930d434a 8d2c86ad	ac8934fd5d0bbc78 6580ad23290d0254	Virus.Win32. Virut.CE	No	N/A	N/A	Japan	N/A
62	Microsoft	Executable	73645cdd0758377e 217941c81505cbf8 9edd90aa	30d9dbf9e713c781 b68e7e6d9714eb5a	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Malta	N/A
63	N/A	Non-executable	483ecc31f609bdcb cb43c5945c5bbb87 801db029	c09ba40714244f38 e82614e51a094da0	Unclassified Malware	No	N/A	N/A	Australia	N/A
64	N/A	Executable	7d6aa007f4ad2f05 907a9ba119fb7ee0 6047bff7	952ea04f541bb70f de4b06e32b38f12d	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Spain	N/A
65	N/A	Executable	091cd766bba9300e 53e1a327c60fb093 3b0d9496	a6b0314762cc7b06 0c348df7a3798134	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	India	N/A
66	N/A	Executable	351a6b955fb32ea4 89ed5c2eef1c866b 7dfada6c	921fe1b8778ba018 e9ff3d87fed45e69	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Canada	N/A
67	N/A	Executable	874b1d70e3ff0e6e a3a518d4f41ab68d af1d3fb4	76b51ab65b3b215b 0ba958b148f0357c	Unclassified Malware	No	N/A	N/A	128.79.123.204/32	N/A
68	N/A	Executable	af8eaa66b46aad3b 583528d681071075 8214001a	afad3bbfd04fd286 749b2434f6db5a42	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Vietnam	N/A
69	N/A	Executable	9aec33bacf45c804 f05aa99e28735795 04a1aa1b	d78fc3ab527b38dd a4836dd115eeaf17	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	United States	N/A
70	N/A	Executable	1b765c635b29e8c6 352487bf77d43c07 7d5db358	7b31bff0a91742cd 9c0ec9bfe89d594d	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Venezuela	N/A
71	N/A	Executable	7cacc034d3fd4780 e9a15a235680c512 11ba89c9	74f575e9d49670a3 1a5515575a20e443	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Canada	N/A
72	Microsoft	Executable	a6611b35a95f2c9c 0c7e2de92a286cbc a73f5a6c	b3cfd89411a89025 8ed9791cdd0f4323	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Nicaragua	N/A
73	N/A	Executable	c846e71e92c5cbcf f1d4799911110f60 f6e44328	882cf3d52cb722ea 225079b9311739b5	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Philippines	N/A
74	Microsoft Corporation	Executable	ba9d1b9c92b7c2b4 80ae59ebd21c25f3 1722cd99	f800411aed9f5bce e2fcf14a99af159a	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	156.199.49.172/32	N/A
75	Microsoft	Executable	e2130cd0fab52073 8d0ff09935f91858 e9d2ec19	ed96399b80c21dac ee11cf5db99c22a1	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Colombia	N/A
76	N/A	Executable	654195d84c888b60 3c1dea6a1fc796d1 dc6e7315	79e601ae288d4aea 9aac5199fa1e2684	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Spain	N/A
77	N/A	Executable	2e676dd1c204ba3b 53e6ea942502d7c6 4fd74355	f2ae57c6302a0693 d44a3794fccb113b	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Mexico	N/A
78	N/A	Executable	476bfc40c6ea1413 5db7b71acc8f326d 7ecedd93	d1a743fc40a77945 58db163a25de524c	Unclassified Malware	Yes	N/A	N/A	103.230.5.230/32	N/A
79	Microsoft	Executable	e706dd143e563622 e09c46d1264aa197 7df47f52	6a46da2fc06a5d8f fd922f99dd2e2d50	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	186.167.249.239/32	N/A
80	N/A	Executable	3aab532f6d6d6e21 57687ccf736fa7d7 6b85d588	40a7bb7aeb19f1a5 b198035e8809fe5c	Unclassified Malware	No	1.0.0.0	1.0.0.0	Indonesia	N/A
81	N/A	Executable	0b2dadf19760bd05 54996e557b7e6d6a aeaf5a8a	9ba6e3c3283f6379 2576d7d260045cce	Virus.Win32. Virut.CE	No	N/A	N/A	Indonesia	N/A
82	Microsoft Corporation	Executable	482767e8fc55272d 551fcec867b5ec71 51d2f916	19a7829cab762168 004eae81aadb032c	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Egypt	N/A
83	N/A	Executable	47aba7da89dce77c 45cc4ce9e4e33f55 332d72d0	6e7b465793267759 5c359ca4960776ac	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Canada	N/A
84	Microsoft Corporation	Executable	f18374e5c385c779 ca8fc2f69c826645 09ad67f5	4ac2114aaeb7024c 996a88a6d120eee1	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Lao People's Democratic Republic	N/A
85	N/A	Executable	3a12928f60f9fca2 cd4f4a15e619030f 52a6a5d1	a557bef940a0670c 7780de4edd72dda7	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Canada	N/A
86	N/A	Executable	59b6ba03d0bbcccd 28c36ff65f58a035 20a04459	18f013e3beb997f7 ee016641c1acd261	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Venezuela	N/A