How to Remove the svchost.exe virus from PC

What is Svchost.exe?

The svchost.exe is an executable file of Microsoft Windows and is tagged as a Generic Host Process for Win32 Services. This is an important Windows file and it is used to load the required DLL files that are used with Microsoft Windows and Windows programs that run on your computer. Some Malware often uses a process by the name “svchost.exe” to mimic the windows process.

The orginal file is located only in c:\windows\system32 or c:\winnt\system32 depending on versions of Windows OS. If the file that is located in any other location, then we can conclude that the system is infected with malware.

svchost.exe provides a service which is used by Windows Defender. There are multiple instances provided by svchost.exe which are used for many operations. One instance may provide single operation and other instance provide several service to windows.To know the service which are currently running. Go to Task Manager and click Processes tab. Click Show all process and Right-click an instance of svchost.exe, and then click Go to Service(s). The services associated with the process are highlighted on the Services tab.

Affected OS/Platform: Windows

How to find System is affected by Svchost.exe malware

Step 1: Open the Task Manager with a CTRL+ALT+DEL key combination

Step 2: Right click on the svchost.exe and Select Open File Location The Open File Location will be showing you the path where the file is actually located c:\windows\system32 or c:\winnt\system32.

If it gets open in some other folder or file location, then it is sure that the system is infected with svchost.exe malware.

How to remove the svchost.exe file from system using Comodo Antivirus?

Download our award-winning Comodo Antivirus software

Installation configuration frames will be displayed. Select the configuration you would like to apply

Select Customize Configuration option and arrange installers, configuration, and file location.

Once the Installation is Finished, restart your PC.

Comodo Internet Security starts to update the software for virus protection. It takes sometime to get updated.

After the update, a Quick scan is executed.

If threats are found upon completion of scanning, you will be prompted with an alert screen.

The Antivirus Software will clean all malware including svchost.exe.

Windows OS PC Security Softwares:

Related Resources:

Website Malware Directory Resources:

Malware Entries

First Seen: 13 January 2019 at 6:15 am

No.	Company	File Type	SHA1	MD5	Malware Name	Digitally Signed	File Version	Product Version	Submitted From	Malware Behavior
1	Microsoft Corporation	Executable	c74c2b8c2285a2b9 4bf2d8fa7e0fdcc3 3abb6272	d3b5d98304019094 ab75eab5263734bd	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	103.218.190.136/32	N/A
2	N/A	Executable	1638d8697c0b802c 0902cdb4a70e34d0 164b9d62	5b38291ce6a4670b 4bfc2ed6cb5f12b9	Unclassified Malware	No	N/A	N/A	United States	N/A
3	N/A	Executable	97c3cc681ba65063 671152dcb7d85ba4 a12d5a5d	ff3b21cc9ea6e1bd 19797f39a6aa67ac	Unclassified Malware	No	N/A	N/A	South Africa	N/A
4	N/A	Executable	fadbc05ffa00d733 b6164a71eb66dc62 7ecd2436	82158e61ebe301c3 0494f607811f0edd	Unclassified Malware	No	N/A	N/A	Poland	N/A
5	N/A	Executable	195c844ae5b399bb 446985036d93098f 3e93431d	967d27361c4470b5 f57e0565181dec05	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Colombia	N/A
6	N/A	Executable	1e29be325131c311 b7ad279ab0b38238 cf69178b	07b22bd19756e1ab 66c111ade9cbb6d8	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Morocco	N/A
7	Microsoft Corporation	Executable	1873e3c30a2b18ab 1a79164ab523c511 453dd89d	786c94f5340def74 407c9d1fbf59d634	Virus.Win32. Sality.gen	No	5.7.0.1659 9	5.7.0.1659 9	Egypt	N/A
8	N/A	Executable	428e30ac6214f4e2 786c24a1591d23eb e4eae751	5d4fc4d87662e62f 14560c4c4f429f98	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Philippines	N/A
9	Microsoft Corporation	Executable	6dc58e3af3b768cb 27a99c00cbf89d62 13a1f5ca	c94745d2a8bbf388 710194ba1f731f89	Unclassified Malware	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Thailand	N/A
10	N/A	Executable	d32cda9fcb24ee1f 34efc145874191b8 26b8e670	803dbbab23895c81 8e7d82aadb5b27e3	TrojWare.Win 32.Agent.ksw uv	No	N/A	N/A	Poland	N/A
11	N/A	Executable	c88f6f305954d286 e95d5281e1998ada 0108e725	4099b1c88a083331 dbb0ee064be05008	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	United States	N/A
12	N/A	Executable	b9600cf761416f0c e6af2bec8be8303a 50f741c4	ebc01ca17b1ee9f5 b31126939a661106	N/A	No	N/A	N/A	Mexico	N/A
13	N/A	Executable	e06588f43aca5d21 1612b7fad713033b 931e9d1a	5b740866b0a4bb30 f4b7213261e16d0d	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Indonesia	N/A
14	N/A	Executable	da94ca9fb2bb68fb c49cfc7158b0a83b 47226955	c907b12625c2046c d397f60bff005579	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Canada	N/A
15	Microsoft Corporation	Executable	4ecce6cc4e445fe2 cc91ae373437348b 14981a75	6a99e5570a24ce9f 811e1b0558f75d15	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	156.198.33.15/32	N/A
16	N/A	Executable	29dda2041ec63e32 107c974c91b246bd 3e4ff122	92c0b9bc145b422b 2e76465306be44d0	Unclassified Malware	No	N/A	N/A	Internal Submission	N/A
17	N/A	Executable	f728a35c08f56828 b2c523e6d3df1ff0 0c7cb379	a43a25b218062b9e 88e2472689d597b1	Unclassified Malware	No	N/A	N/A	Pakistan	N/A
18	N/A	Executable	a0d9b3bf3ce6902c 4409dfe2e421637c cec18b4d	fb19908dca2acb24 b2b81c1f1870adbd	Unclassified Malware	Yes	1, 0, 0, 1	1, 0, 0, 1	Internal Submission	N/A
19	N/A	Executable	abf5fd8d6566266b 36d3b16a90d0647f 83a61a3c	28fd16ce158e4634 e260716a0cd69ef1	Unclassified Malware	No	1.0.0.0	1.0.0.0	197.210.47.240/32	N/A
20	N/A	Executable	f21b6654a4923f1a 3edae1a06fd035e7 e4dd3ddb	3b05335e86dce16d ebdf51fcb38a3553	Unclassified Malware	No	3.3.14.5	3.3.14.5	Russian Federation	N/A
21	N/A	Executable	5672d5429411a499 0721dc9cd6f1e80b cd668c2d	54a3b00cb426bbec 652d74b4c7504434	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	179.25.76.193/32	N/A
22	N/A	Executable	c7980165d25eda05 ca5aaac6f6e1fa77 056f25af	4603ff87da764fe4 a55318f5c52fecb4	Unclassified Malware	No	N/A	N/A	Internal Submission	N/A
23	N/A	Executable	60b23b373b1688ce 79f175988711bfbb 5f029ab2	b48fbe9ac643e108 3b958d65dc49981d	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Spain	N/A
24	CPUID	Executable	356c88b782d96263 1ef2a46526cb150b 9b79f537	1724dd11572535ea 056d92d84c4d2082	Unclassified Malware	No	1.8.5.0	1.8.5.0	United States	N/A
25	N/A	Executable	6f2f554f45fd00c6 7460129c53239855 7db2e6c4	cce36235a525858e b55070847296c4c8	Unclassified Malware	No	N/A	N/A	10.224.25.40/32	N/A
26	N/A	Executable	ef1b9203fe0e806e c5009429d3fdfb97 39160f3c	923efb6877a511ac 02033e2f3c965e86	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Europe	N/A
27	Microsoft	Executable	abbfe8c63b7b8e5e ca482a1723c5c1f4 3aa354db	fa5994e11cf9f2ad 9f4d99785fbf2577	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Italy	N/A
28	N/A	Executable	bbd36e7c5b125d07 030e80408874d297 4e18f4ed	2768f1d212ed39c1 b61508d6795015f1	Backdoor.Win 32.Popwin.~I Q	No	N/A	N/A	Internal Submission	N/A
29	N/A	Executable	a70cb17aef98d05d dea354b97e45308b fcd5b180	60503acb5ddfcd40 e04369671d82da50	Unclassified Malware	No	1.0.0.0	1.0.0.0	Nigeria	N/A
30	Microsoft Corporation	Executable	afd9134fbfd3091f f47533360f81204a bd65b674	b08d24916f5219cf 36e14c3d5e907c4f	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Egypt	N/A
31	N/A	Executable	5dbba3fa472ebbf5 68520b1ee1d40a08 e29faa0a	f2621c4f6cc2a57b 29237eaed4d09f4a	ApplicUnwnt	No	N/A	N/A	10.224.25.32/32	N/A
32	N/A	Executable	fab6daede9866705 23da5ce75487002f 0d236473	ffc8329ec29ba541 b3a9f71046f4a7d5	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Philippines	N/A
33	N/A	Executable	226cfbb18b732514 e11e87e5115c9d0d bf7b091e	e4dc64f3b66da7e3 cf5d96c22e377475	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Spain	N/A
34	N/A	Executable	b33ac380605b2623 62a00b8133c7b1b4 0028c2be	1f628e5a3fdce50d 04509d70b8a83e76	Unclassified Malware	No	N/A	N/A	Estonia	N/A
35	N/A	Executable	92a5d8c9874eac94 c91dc40b7629b988 a1bb9a95	fae4534544cddec5 17316a3bf0cee096	Unclassified Malware	No	N/A	N/A	Poland	N/A
36	N/A	Executable	b3284d85973c3cff eddb1c3471f0139e c8b0b006	467d2326bf80e66d e3a1f09a2d296992	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Kuwait	N/A
37	Microsoft Corporation	Executable	07c12b8ce8d0f584 2891c6ffc1f79527 0b60a118	7ebb6cfc35b3fca2 d698004ee412bb9f	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	156.217.101.221/32	N/A
38	N/A	Executable	fac1de84705b739d 006f4c5f1b7ee913 708eae2e	ffaa7db2c79d9e84 833cc7cd255ddd00	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	165.16.80.63/32	N/A
39	N/A	Executable	0ac0241e0697fd92 1d796b948fac27ef 862d3abb	a93e19a824f4aea0 0d964cb1d3f58b6f	TrojWare.Win 32.Virlock.X U	No	N/A	N/A	176.210.186.40/32	N/A
40	N/A	Executable	7d5aced90cc22081 0f463d3cce4e9560 76bb0043	cb115c416d856a7a 74145e7c4b2cf09b	Unclassified Malware	No	N/A	N/A	Sri Lanka	N/A
41	N/A	Executable	1aa0ae37d7878078 0b19c64309408f10 7989ec34	722e42b7660a2462 8dbb2ce19c838c91	Packed.Win32 .MUPACK.~KW	No	1.0.0.0	1.0.0.0	Internal Submission	N/A
42	N/A	Executable	bf5b0d779ac3704d e23a24f3634cba13 a680c90a	651c71389f49a446 b6cf3f12452182f8	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Philippines	N/A
43	Microsoft Corporation	Executable	1521f8cb9398121e 0b9b01b35405f0dd 782741b2	64629607d76fcfc8 bddc820a363e59f8	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Iran, Islamic Republic of	N/A
44	Microsoft Corporation	Executable	c37ff29b11927fa6 7280e1984434b8be ce22bce0	d681d9c41cc5985f e14f2d0a1721ab22	Virus.Win32. Sality.gen	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Ukraine	N/A
45	Microsoft	Executable	94f8d6258695743d 198b97df038d9c65 115b968b	02e5e950b585ba34 78487da12942dd6b	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
46	N/A	Executable	4f99ed4e5c785f58 467df6ee807465bb 80ebea6b	30792437832bcc99 72ce94a189987d9a	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	103.83.224.18/32	N/A
47	N/A	Executable	6eb3637ab9f36b5d a4f089317ad27a7a f6b7221f	598274682cb07f10 3f3e05882faac48f	Unclassified Malware	No	N/A	N/A	Pakistan	N/A
48	N/A	Executable	a74ee8797d08dfcb b617d36b610ddf7d a6655e7d	2425b78678ec50d6 e9e8e103163edfa9	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Argentina	N/A
49	N/A	Executable	575c004c0d2e14f7 cc7be615fdf05d7e 635ff262	079221a4fb93f240 3b1bc840decc552a	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Venezuela	N/A
50	N/A	Executable	611789860635db06 40ea9a3b1ffc7e68 7dbac463	a1f1114256bd97d2 04cc5d40fc6a02e6	Unclassified Malware	No	3.3.14.2	3.3.14.2	Kazakhstan	N/A
51	N/A	Executable	104cd2150461048d bc5f0be79862ec2b 04a86fa1	2b60bd69def2364e c503445f87b68ffa	Unclassified Malware	No	0.0.0.0	0.0.0.0	Czech Republic	N/A
52	N/A	Executable	831f1983c5e78ac0 a8fee8f846030297 c06da839	6f3c4f2dfa998a66 986a9af5065f1220	ApplicUnwnt	No	N/A	N/A	Thailand	N/A
53	N/A	Executable	a4cb9589ac0d1326 b4d22728e0655247 5e8091c0	3bc467aa523bd257 6ef3b432403a1fca	Packed.Win32 .MNSP.Gen	No	N/A	N/A	Internal Submission	N/A
54	N/A	Executable	80119c3015831cdc e177d27194f1d308 5d097aa2	e0f6421b2d79084a 465a0b9845812a29	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Morocco	N/A
55	Microsoft Corporation	Executable	0252aa14e11f2b06 dbc75c43b8f44b4f 57b04462	c16e2198cd478969 b4fdffb5d14949af	Unclassified Malware	Yes	6.3.9600.1 7415 (winblue_r 4.141028-1 500)	6.3.9600.1 7415	10.224.25.40/32	N/A
56	N/A	Executable	1e6acfa2af038121 ebf45b44954a8281 096ba08a	ce99de4ad02c6a51 47b3d7270dd6447d	Unclassified Malware	No	1.0.0.0	1.0.0.0	Nigeria	N/A
57	N/A	Executable	ba4ed57249a1dde4 529d9cef841d07d1 3007bd3c	c06d82003d3b850d ae88a5c013c7983c	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Canada	N/A
58	Microsoft	Executable	73645cdd0758377e 217941c81505cbf8 9edd90aa	30d9dbf9e713c781 b68e7e6d9714eb5a	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Malta	N/A
59	Microsoft Corporation	Executable	680cc1f1b19fd6c2 ee2ec613a9ab471e 33dd907d	44cb0b14d6e93e07 0eb7644f0977a2df	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	156.217.101.221/32	N/A
60	N/A	Executable	1853f8c126803752 7716c61a3fa06d7a 79fa66f7	83bcddd6f8b549ce 4f2b1e74b243991c	Unclassified Malware	No	0.0.0.0	0.0.0.0	Hungary	N/A
61	N/A	Executable	091cd766bba9300e 53e1a327c60fb093 3b0d9496	a6b0314762cc7b06 0c348df7a3798134	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	India	N/A
62	N/A	Executable	8bb25eabea4e38f9 b36363a78913d2f0 0a552657	937cdea43d9f7def c2648a8f1d39bfed	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	India	N/A
63	Microsoft Corporation	Executable	0287947c723456c7 4a2c5ef1b058d261 662bb904	adec42a0c4d05f10 41365d01a46831d5	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	197.156.80.220/32	N/A
64	N/A	Executable	bd2246b2db28b758 4f0ab866f0b97f42 834a62de	404612ec0ddde7b0 665ab12fe5724e6b	Unclassified Malware	No	1.0.0.0	1.0.0.0	India	N/A
65	N/A	Executable	af8eaa66b46aad3b 583528d681071075 8214001a	afad3bbfd04fd286 749b2434f6db5a42	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Vietnam	N/A
66	N/A	Executable	4e23166d0f7376e8 6c2ace243bdeb40e ab96f204	a3fdbcedd60ba0b5 b2d2d8e6de340ed6	Unclassified Malware	No	1.0.0.0	1.0.0.0	176.88.31.5/32	N/A
67	N/A	Executable	7cacc034d3fd4780 e9a15a235680c512 11ba89c9	74f575e9d49670a3 1a5515575a20e443	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Canada	N/A
68	N/A	Executable	31f19aeaea11da37 cf2e776e16d8de0f 0e9832e0	649ec11539e931ab 9d2f16aa1a849348	Unclassified Malware	No	N/A	N/A	197.38.56.83/32	N/A
69	Microsoft	Executable	028fb76a75fa54ba 04a8d56b3a3ee449 664916b9	31b2eef021c66ada 058b7fb439caf8ee	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	United States	N/A
70	N/A	Executable	c827db16581a9f60 8a7595d185d90d97 f4fc4c96	b5772208feaaf18c 3b0ef91ccf8eb153	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Italy	N/A
71	Microsoft Corporation	Executable	ba9d1b9c92b7c2b4 80ae59ebd21c25f3 1722cd99	f800411aed9f5bce e2fcf14a99af159a	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	156.199.49.172/32	N/A
72	N/A	Executable	543416bc3cba9dd0 a7b465fb4365ff58 60610eb3	bed198e55fb4c0fb 2137b3c1fb3ce632	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Venezuela	N/A
73	Microsoft	Executable	4bc39fbba0ae821a 14b5e628f1b6a83a bad40578	b21b7a81ecba9ed3 9db7434e8117a1e5	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
74	Microsoft	Executable	e2130cd0fab52073 8d0ff09935f91858 e9d2ec19	ed96399b80c21dac ee11cf5db99c22a1	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Colombia	N/A
75	N/A	Executable	476bfc40c6ea1413 5db7b71acc8f326d 7ecedd93	d1a743fc40a77945 58db163a25de524c	Unclassified Malware	Yes	N/A	N/A	103.230.5.230/32	N/A
76	Microsoft	Executable	e706dd143e563622 e09c46d1264aa197 7df47f52	6a46da2fc06a5d8f fd922f99dd2e2d50	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	186.167.249.239/32	N/A
77	N/A	Executable	3aab532f6d6d6e21 57687ccf736fa7d7 6b85d588	40a7bb7aeb19f1a5 b198035e8809fe5c	Unclassified Malware	No	1.0.0.0	1.0.0.0	Indonesia	N/A
78	N/A	Executable	187b2a94a80335d8 09199ad764e8cad5 4b47e7e0	b7e99fef6819eef5 c7cf85b3a36774d2	Unclassified Malware	No	1.0.0.0	1.0.0.0	Nigeria	N/A
79	N/A	Executable	16d95aad045deb77 8634b766467a4de4 438711bc	7919021432d1a781 3b18357d7974506c	Unclassified Malware	No	N/A	N/A	Philippines	N/A
80	N/A	Executable	0b2dadf19760bd05 54996e557b7e6d6a aeaf5a8a	9ba6e3c3283f6379 2576d7d260045cce	Virus.Win32. Virut.CE	No	N/A	N/A	Indonesia	N/A
81	N/A	Executable	6388bc014aa928a6 700b99d026d60049 29e8a58b	1b1f8181332cdc02 6170a871839af561	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Morocco	N/A
82	Microsoft C	Executable	b3ed113660dd3bb1 c0baeba2abff909b 1b1b59b5	3b3443f42115fb6f 28ac1737241b4657	TrojWare.Win 32.UMal.kkqd e	No	6.1.7601	N/A	United Kingdom	N/A
83	N/A	Executable	59b6ba03d0bbcccd 28c36ff65f58a035 20a04459	18f013e3beb997f7 ee016641c1acd261	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Venezuela	N/A