How to Remove the svchost.exe virus from PC

What is Svchost.exe?

The svchost.exe is an executable file of Microsoft Windows and is tagged as a Generic Host Process for Win32 Services. This is an important Windows file and it is used to load the required DLL files that are used with Microsoft Windows and Windows programs that run on your computer. Some Malware often uses a process by the name “svchost.exe” to mimic the windows process.

The orginal file is located only in c:\windows\system32 or c:\winnt\system32 depending on versions of Windows OS. If the file that is located in any other location, then we can conclude that the system is infected with malware.

svchost.exe provides a service which is used by Windows Defender. There are multiple instances provided by svchost.exe which are used for many operations. One instance may provide single operation and other instance provide several service to windows.To know the service which are currently running. Go to Task Manager and click Processes tab. Click Show all process and Right-click an instance of svchost.exe, and then click Go to Service(s). The services associated with the process are highlighted on the Services tab.

Affected OS/Platform: Windows

How to find System is affected by Svchost.exe malware

Step 1: Open the Task Manager with a CTRL+ALT+DEL key combination

Step 2: Right click on the svchost.exe and Select Open File Location The Open File Location will be showing you the path where the file is actually located c:\windows\system32 or c:\winnt\system32.

If it gets open in some other folder or file location, then it is sure that the system is infected with svchost.exe malware.

How to remove the svchost.exe file from system using Comodo Antivirus?

Download our award-winning Comodo Antivirus software

Installation configuration frames will be displayed. Select the configuration you would like to apply

Select Customize Configuration option and arrange installers, configuration, and file location.

Once the Installation is Finished, restart your PC.

Comodo Internet Security starts to update the software for virus protection. It takes sometime to get updated.

After the update, a Quick scan is executed.

If threats are found upon completion of scanning, you will be prompted with an alert screen.

The Antivirus Software will clean all malware including svchost.exe.

Windows OS PC Security Softwares:

Related Resources:

Malware Entries

First Seen: 23 March 2018 at 12:42 am

No.	Company	File Type	SHA1	MD5	Malware Name	Digitally Signed	File Version	Product Version	Submitted From	Malware Behavior
1	CodePlex Community	Executable	5896173155f6ea91 84c3b3942b7dc81d 0693a99c	6e487d520ce0d0e2 af75837ffd852643	Unclassified Malware	No	1.8.3.0	1.8.3.0	United States	N/A
2	Microsoft	Executable	13da1feff4da2f24 aedfb10e035a69ce 1eac2625	49e15bee9ab1d174 7b9bf1da56127208	Virus.Win32. Sality.gen	No	1.00	1.00	Venezuela	N/A
3	Microsoft Corporation	Executable	dae3a605f6e9d0fe 3268247971b1612a d6f54e9c	54008c3af8489e6d 1c8d4d01349e90bc	Unclassified Malware	No	10.0	10.0	105.186.156.116/32	N/A
4	N/A	Executable	19604ba5cfb8aad3 a7bbc7f0b406ab8e ab0e2efc	4e11d10d5ec1d842 e24d3fc9cbe9dece	ApplicUnwnt	No	N/A	N/A	United States	N/A
5	Microsoft	Executable	ac679cfcad1707c5 486f4b8cd8989716 ac68bcc4	64eceba737011b72 c5d5b8bd591a15dc	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Nigeria	N/A
6	N/A	Executable	84fe1662cb96c45d 428ae49f43a0cd48 11d1c0ec	aa70ec2a124f6ba1 b336cf8134038260	TrojWare.Win 32.Socelars. AA	No	N/A	N/A	Philippines	N/A
7	N/A	Executable	d0cc937d28d3c62a 0503ebbbd68d4e2c ea7e03f2	743de109cfbb3976 26835c581db87c4c	TrojWare.Win 32.Bancteian .A	No	1.0.0.0	1.0.0.0	United States	N/A
8	N/A	Executable	7fb03a7e34bb2154 a345321ddde60548 c335e40e	81c907b6fc9c541a 54058ff4b64d929d	TrojWare.Win 32.Socelars. AA	No	N/A	N/A	United States	N/A
9	N/A	Executable	45166b403c2c0f57 b4cdd237fc9070ce e72b1a92	20f48bc1ac09c29e 0fcedc5082133062	TrojWare.Win 32.Socelars. AA	No	N/A	N/A	United States	N/A
10	Microsoft Corporation	Executable	f19b1947496756a3 34c8c2216d1834ac fc30a6cb	562a15ef2d28f4d0 384f41c78ff402fc	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	154.243.39.154/32	N/A
11	N/A	Executable	1042da1a4c5716f6 ce5e7cfb584eb484 8b8b1a47	108ef7369530bd92 21355e78de8e0f24	Unclassified Malware	No	1, 0, 0, 1	1, 0, 0, 1	China	N/A
12	KurdTeam	Executable	2a0a4805b694b3d6 ee50a52f44d0dbd7 863e89d1	c97040415063e4b6 3815377c3cdf6a4f	Unclassified Malware	No	0.1 alpha	0.1	United States	N/A
13	N/A	Executable	8b539c97662ab21e 8b47c15078255a27 b6039740	540354c5463d92b2 dbbf34c22059ad77	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Venezuela	N/A
14	Microsoft Corporation	Executable	c62cff1c633c39f3 4ad12bb8651dc539 cd7320fd	5ae482a2873818e5 63de7005ed63802b	Virus.Win32. Expiro.CG	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Botswana	N/A
15	N/A	Executable	f8a137ba4f58cb4a 8de30445cfa24322 c4ae921a	a8119f4bcf50eb54 61bac32616066207	Backdoor.MSI L.Bladabindi .A	No	N/A	N/A	United States	N/A
16	N/A	Executable	0c0861750a0c4d5f b718d75002de94ff 6a800a21	412d59a98844b129 ed8370267acd6cac	Unclassified Malware	No	N/A	N/A	China	N/A
17	N/A	Executable	bc228927e5125222 fc0add01b46945bd d9b4510e	41eefa84f409fd3c d1acef1b83da2068	Unclassified Malware	No	N/A	N/A	United States	N/A
18	N/A	Executable	f65ad1a171cac193 3c1cf9e1e1129214 20ad7a8a	16137cdf3f74d1b0 26cdbdce16681313	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Spain	N/A
19	Microsoft	Executable	0eec199774126a11 df9570917c22bd31 4e9cfd4f	cabdb2f83bbbd94d 206c2e3acd257b6c	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	179.5.4.216/32	N/A
20	N/A	Executable	966d51ccd884f05b eb36c0eb1bb6806f 80ac948a	e659cccd815d451e dabfddb4a68fb9be	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Venezuela	N/A
21	www.microsoft.com	Executable	7839ec77b4010c12 40eabcc04f506b71 7a78283f	a91ffd444eec5d65 248e9bd34651906e	Unclassified Malware	No	2.4.4	2.4.4	United States	N/A
22	N/A	Executable	236077247f3c9969 c2f1ec0a08579173 f2fd15e1	a51aae1130e23de2 28fb50a7bba0d81f	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	197.210.172.55/32	N/A
23	N/A	Executable	2106d36d1dc09635 d687a45d94d9542b 699f30e1	56c9a56ac2c4350a a3ddb1767c2ccd8e	TrojWare.Win 32.Socelars. AA	No	N/A	N/A	Poland	N/A
24	Microsoft	Executable	242ce7dd5e8b65c4 6be3ef8f3c0a1075 68af0cb6	7a21bf805ff0786d 9b4e874e9c892560	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	161.10.88.38/32	N/A
25	N/A	Executable	e258a484a9706d9f fa197863c37edfd6 6a26e39d	8aef51931fed472c 6f99a94c45d61880	ApplicUnwnt	Yes	N/A	N/A	Romania	N/A
26	N/A	Executable	670a8c187412f5dd cbbba069786cc518 3aba7a6d	9fef40330ee0fc2c 49dbdb622bd9f301	Backdoor.MSI L.Bladabindi .A	No	N/A	N/A	179.198.182.26/32	N/A
27	Microsoft Corporation	Executable	ea61883400928968 987c67c37cef0f59 ee0be3e2	85129ee5938ec9d2 1051a2eb92976a1f	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Europe	N/A
28	N/A	Executable	d124f379d59f1d51 689b090ee2c4f9ce db65cea3	5e127046aa12c9f9 330c8d224e5ee364	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Indonesia	N/A
29	N/A	Executable	a4e57799fc709f4b 99a2e702b2f4403b fe789f40	b1ff7ec794f234cd 99c9ce4efe0a01d8	TrojWare.Win 32.Socelars. AA	No	N/A	N/A	United States	N/A
30	N/A	Executable	8cee76464e37d019 9766b3b975d8983d 38d99eb8	49c568b8e8b8df24 952935f18945b3a5	TrojWare.Win 32.Trojan.XP ack.~gen1	No	N/A	N/A	China	N/A
31	N/A	Executable	cb29a93c3e4e0873 f2ee2ed4cbb3102e ac59b39d	df05f79fbe1ebbfb 9af24f4bad8bb7c2	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Venezuela	N/A
32	N/A	Executable	38c15f90e0060fd7 84b033c0b267dfbe b694b20d	e5e684e9ebea56d5 cccba7cb9af9d9b0	ApplicUnwnt	No	N/A	N/A	United States	N/A
33	N/A	Executable	a3e28a63a0956c34 244987ea0230f547 03b4d28e	392aa1c25a3e315d 12c1cc1dc5cc52b8	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	181.188.164.234/32	N/A
34	Microsoft	Executable	e21e481478751341 c5be30be2335686b 1a6660c7	5615849eaeec8740 53e43714cda9efb7	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	179.60.229.12/32	N/A
35	Microsoft	Executable	c14c4b8b5ee9b513 ae89c839c8d006f6 3bc32d34	373cfb4a7f058683 dd12be94125215c7	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Vietnam	N/A
36	N/A	Executable	542848e166ca22ac 4848cc511c0d7fed e61f494d	0994792a01d91c9d 91f188a632cddcc2	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Mexico	N/A
37	Microsoft	Executable	b34fc8999aaf1a86 39082c186ce5fffe b45d42c7	1de2192c632cf7f1 af45cdb704e947f4	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
38	N/A	Executable	8b7e6ebdb58467fa 267299d299e9e611 006c0627	1f195979f558f448 0be2bf174d95523c	Unclassified Malware	No	1.0.0.0	1.0.0.0	197.211.63.158/32	N/A
39	N/A	Executable	aa093cbc91f2479c 0833fd38aecc698f bbe94956	2b73e114b7a729ac 523c03fb66bfab12	Unclassified Malware	No	1.0.0.0	1.0.0.0	Russian Federation	N/A
40	N/A	Executable	a97c55417e1d89b2 f4f4cd445ee248ba 3ea6e14a	7c50066933512d05 7ef94d77064af547	Unclassified Malware	No	N/A	N/A	Poland	N/A
41	Microsoft	Executable	f033b40299b4a52e 0bfcda9e3366aa80 dd7cb23f	e612607dcd5ada98 611aa83e2beff18f	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
42	N/A	Executable	d005833ab87f61f3 7e70eb2eff45435e ca5234d4	1ae0df15a044feca b043c6ec20f33f07	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Sri Lanka	N/A
43	Microsoft	Executable	c4559fcc5278823c d3cc5746e51c8fb3 02273159	157b2d07e50549e2 7ae978632469de83	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
44	Microsoft	Executable	347850d30218a2ee 7627eb386a888b95 780b864f	1f7462cab611eccb 931327d6622cd6bf	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	154.73.9.84/32	N/A
45	Microsoft Corporation	Executable	c7a44e9887598384 0a4a969e8c855285 2c2bc264	51a8809c6b130919 ae5ea1b5c355f0bc	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Egypt	N/A
46	N/A	Executable	189b53acb8bac527 ee9515fd06230c8d 1b4edb03	aee7d772894cd277 eaf156d564f81afd	TrojWare.Win 32.Trojan.Ag ent.~IDA	No	N/A	N/A	145.255.21.18/32	N/A
47	N/A	Executable	85c32fb4f1617623 091a7da06dfc4ca1 c1e2735a	9c0e2a8900efbf8e 188b329664f6cc68	Unclassified Malware	No	N/A	N/A	United States	N/A
48	N/A	Executable	5836678422f049c9 026de1a970290269 ca60eb56	5f99c25e2fb44d91 c61d338592151099	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Indonesia	N/A
49	N/A	Executable	019edbf0b53e7ced 5a1468b334c42fca 7a3e927f	dd8399f51ca4a890 eb58a1fd36eb49a9	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Spain	N/A
50	Microsoft	Executable	abfbad178326bc48 84ee91f3e5b3154a 9f213f2d	bcffae31c6856438 88cd9c27dd18c671	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
51	Microsoft Corporation	Executable	9d3540ef05e8af04 6b3d57dd2cc61cfe 5ac29aad	b09d2a34236b622c a8c6111e5fbdf8a0	Unclassified Malware	No	14.0.4756. 0	14.0.4756. 0	United States	N/A
52	N/A	Executable	0c8ba978939dab32 f97fbb774ab77d34 bbaac32a	752d265712b8544a dc0d3f2c966a5684	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	181.188.164.234/32	N/A
53	N/A	Executable	7b436a859ff0fa30 86e101a2c706416f 3b8dcd6a	130a94818d36d421 a4de019d7a2dfeee	Virus.Win32. Virut.CE	No	1.01	1.01	Vietnam	N/A
54	Microsoft	Executable	71f8b24d584ce840 45cbe2cae02700c6 42e7d75f	664820d6a72a1d98 fa43eb0ef8a92f8b	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	181.44.137.69/32	N/A
55	Microsoft Corporation	Executable	2d9c6f694e4cf9f6 425b9f6c57a434fa 5cb2e0aa	77d68d357cc94e6f 6c31eee463c38458	Worm.Win32.D ropper.RA	No	9.0.30729. 1 (SP.030729 -0100)	9.0.30729. 1	China	N/A
56	N/A	Executable	782ab8ae7d2202f5 bc231aacb4bcf54a 7dc93c5a	622d981899d83157 1c25503a676f8430	Unclassified Malware	No	N/A	N/A	Romania	N/A
57	N/A	Executable	f9bb65cbfc9514ba 80fabc2cbd1bfc73 fde2532f	9c49d20320d07d0e 8a778b061a247010	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Indonesia	N/A
58	N/A	Executable	c582b4263e1bcf95 ba2b1ca55d05e3ff afc039d4	e9f70710a4a67ddd c73120146a9fc8b4	Unclassified Malware	No	N/A	N/A	United States	N/A
59	N/A	Executable	dec67ce0892fd0f9 a2f2c2da327e2a8d 5fd3a529	1140ba4c4da9954e 9ad1a46bdb94ab63	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	197.210.28.5/32	N/A
60	Microsoft Corporation	Executable	677c2205067bfaab f762170b3870d15f c7258f5e	66c64ccc7f53dd41 aa6e994d22506f7f	Virus.Win32. Expiro.NB	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	South Africa	N/A
61	N/A	Executable	d977a7f2f9e596ec 5a783ffeecf5b02c af90207c	876fdaaae361e1fb 87bd9e39dfee5e11	TrojWare.Win 32.Agent.OSC F	No	N/A	N/A	China	N/A
62	Microsoft Corporation	Executable	ca94446c056c8fc7 b1f737d2fbc1440f 231be27f	9822101cce4ddc65 1ca54a85aeff47c2	ApplicUnwnt	Yes	10.0.16299 .15 (WinBuild. 160101.080 0)	10.0.16299 .15	China	N/A
63	N/A	Executable	37ab968a28be7902 1d35acd73330a660 8c139445	b81dee9e07747ad3 426a557f9ee07a3e	Virus.Win32. Parite.gen	No	N/A	N/A	Venezuela	N/A
64	N/A	Executable	4da0f341e0cea4a9 3d862dae20f38bda 71f8c269	b9767382266e275f e18b75d77b2b6e67	Backdoor.MSI L.Bladabindi .A	No	N/A	N/A	United States	N/A
65	N/A	Executable	3e5c96b98bfa4ec2 75dd4afa0f990ac2 8eec32e8	801b16a9beacfd7c 807417723e49d18f	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	197.211.63.154/32	N/A

1 2 3...17

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Safe Entries

First Seen: 04 June 2008 at 6:11 pm

No.	Company	File Type	SHA1	MD5	Digitally Signed	File Version	Product Version	Submitted From
1	Microsoft Corporation	Executable	8d38a7b3d68f6590 55d916779d1ce64a 9d446301	c0be6b589924f5eb 20f08aadfeafceff	Yes	10.0.17127 .1 (WinBuild. 160101.080 0)	10.0.17127 .1	Colombia
2	N/A	Executable	2c2bb51e53241cdd 20933f99696d7a46 3de62589	bb19a05c6101dec7 c71d88de20d2ef28	No	N/A	N/A	10.0.17.146/32
3	Microsoft Corporation	Executable	49083ae3725a0488 e0a8fbbe1335c745 f70c4667	27c6d03bcdb8cfeb 96b716f3d8be3e18	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	10.108.51.235/32

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Malware Search Engine

How to Remove “svchost.exe”

What is Svchost.exe?

How to find System is affected by Svchost.exe malware

How to remove the svchost.exe file from system using Comodo Antivirus?