How to Remove the svchost.exe virus from PC

What is Svchost.exe?

The svchost.exe is an executable file of Microsoft Windows and is tagged as a Generic Host Process for Win32 Services. This is an important Windows file and it is used to load the required DLL files that are used with Microsoft Windows and Windows programs that run on your computer. Some Malware often uses a process by the name “svchost.exe” to mimic the windows process.

The orginal file is located only in c:\windows\system32 or c:\winnt\system32 depending on versions of Windows OS. If the file that is located in any other location, then we can conclude that the system is infected with malware.

svchost.exe provides a service which is used by Windows Defender. There are multiple instances provided by svchost.exe which are used for many operations. One instance may provide single operation and other instance provide several service to windows.To know the service which are currently running. Go to Task Manager and click Processes tab. Click Show all process and Right-click an instance of svchost.exe, and then click Go to Service(s). The services associated with the process are highlighted on the Services tab.

Affected OS/Platform: Windows

How to find System is affected by Svchost.exe malware

Step 1: Open the Task Manager with a CTRL+ALT+DEL key combination

Step 2: Right click on the svchost.exe and Select Open File Location The Open File Location will be showing you the path where the file is actually located c:\windows\system32 or c:\winnt\system32.

If it gets open in some other folder or file location, then it is sure that the system is infected with svchost.exe malware.

How to remove the svchost.exe file from system using Comodo Antivirus?

Download our award-winning Comodo Antivirus software

Installation configuration frames will be displayed. Select the configuration you would like to apply

Select Customize Configuration option and arrange installers, configuration, and file location.

Once the Installation is Finished, restart your PC.

Comodo Internet Security starts to update the software for virus protection. It takes sometime to get updated.

After the update, a Quick scan is executed.

If threats are found upon completion of scanning, you will be prompted with an alert screen.

The Antivirus Software will clean all malware including svchost.exe.

Windows OS PC Security Softwares:

Related Resources:

Website Malware Directory Resources:

Malware Entries

First Seen: 08 August 2018 at 2:24 pm

No.	Company	File Type	SHA1	MD5	Malware Name	Digitally Signed	File Version	Product Version	Submitted From	Malware Behavior
1	Microsoft Corporation	Executable	50934fde89dfedf5 4469fc0da6b3ff81 cdc052fe	64d239ab96927aba cb9383c7f947373f	Virus.Win32. Sality.gen	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	154.236.177.122/32	N/A
2	N/A	Executable	a295e2a5d4acec9b 522da97ee6a62136 547c9669	40af06bc7e2bb92f b76556db171ce6b9	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Albania	N/A
3	N/A	Executable	9a0a19e94ed54238 c686092520a35483 044ead23	505521ee9cd80df3 24888492f0e792fa	Unclassified Malware	No	N/A	N/A	United States	N/A
4	N/A	Executable	dda2d98cb5bddea4 e7e17382d5c41863 c5448d1f	77887e69fae9848a 095e5240979a9464	Unclassified Malware	No	N/A	N/A	United States	N/A
5	Microsoft Corporation	Executable	86c1858d3ce7a0d4 1760f3310c9be714 40a4b197	439aae1a96f14ca6 6b09d057660d6453	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Lao People's Democratic Republic	N/A
6	N/A	Executable	4793fdc9fce99004 ab03bbaf74f91002 f26b7ee9	cb80763dd38a73bc 13c59f514c5a3682	Unclassified Malware	No	N/A	N/A	United States	N/A
7	Microsoft	Executable	96ca9bf51ea4a8af 81d97c815c0bac80 36b4f3ce	78e267f2599292bf f46f2f97758312b9	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
8	Microsoft Corporation	Executable	ff3205adc4858ce9 0144b1f0c88e237a ec95180b	51cb652bd0d053aa 8100599e18849c12	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Ethiopia	N/A
9	糖苦	Executable	b0f8fba97430b5c1 44375d8cf5ed9531 767945b1	da229967a86ce428 11de3206eb69999a	TrojWare.Win 32.Agent.OSC F	No	1.0.0.5	1.0.0.5	Internal Submission	N/A
10	Microsoft Corporation	Executable	6557bdc614cdaed9 35c24df594f56ac6 819def7c	8617cc75449734a9 5d358127cc9524c9	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	196.189.37.18/32	N/A
11	Microsoft	Executable	37d25dbf7b08fa93 5dd65e920826c55a 19e7c5cf	a525e79326ece06e 8469705031977f01	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Canada	N/A
12	N/A	Executable	4b7fc46f3e3b0f36 480e12e71e2bf6c1 f4a69298	4fb79acdfb19ffa3 e95a2da80aea4de1	Packed.Win32 .MUPACK.~KW	No	N/A	N/A	Internal Submission	N/A
13	N/A	Executable	b3de5130f486312a d546b99d4ff3f3ff ca3280ae	3dd1c30fea4e0172 99cc0bb70ce0b782	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	India	N/A
14	N/A	Executable	c661bdbc6ce94bc1 c95f7ea34d7313e6 d33f90d4	8c595797e094a64c 6728d1d1a23189e7	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	186.179.100.95/32	N/A
15	Microsoft	Executable	84fe649f6c32e63b dec04e7501c4bf44 7adea71d	545212677e5d1a32 3fa50a521e6eba7f	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Canada	N/A
16	N/A	Executable	9b57c04e17211f27 5745f3d9176db85c e990d51d	0c380a222b003a33 b5166edce099b1de	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Indonesia	N/A
17	N/A	Executable	21e7562c3dea715d c0b6c5c5e53ab820 5b49cbe0	c39f8fd7b10c41a9 d0a71de7edc8b390	TrojWare.Win 32.Agent.OSC F	No	N/A	N/A	Internal Submission	N/A
18	N/A	Executable	b9e0cd77bda55b46 a633076a34c5a86a dd6b7760	b44bffc29a7f2e8d 3de70103d2b19080	Win32.Jeefo. A	No	N/A	N/A	Turkey	N/A
19	Microsoft Corporation	Executable	8b743cc58187ef32 6b7f7480a5b68484 60cc0e36	560bccf4105b418b 5c863b0054ca7cea	Virus.Win32. Sality.gen	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	185.202.138.129/32	N/A
20	N/A	Executable	c211e875c734f305 d532d908cb97417d 9a3898fb	44753d76ce7969f8 7b85b4d5de25abb8	ApplicUnwnt	Yes	N/A	N/A	185.150.154.131/32	N/A
21	Support Environment	Executable	b48d38cabf6fb4fe b0a14e4b3e8c5855 446e0225	04aa9ed4f375a210 2f9c112089cd05fc	Unclassified Malware	No	1.0.3.4	1.0.3.4	10.224.25.40/32	N/A
22	Microsoft	Executable	4958f66c6aaa8fc9 a4fe385797e1db8c a4f52f72	4115aceb1d1a03d7 a1df93b0a68a14b5	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	United States	N/A
23	N/A	Executable	1dd94a1183e453a4 135ce732920ea534 2329b820	b54bcb6cb78ad641 3aa4d245d77bc994	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Argentina	N/A
24	N/A	Executable	b1a2700f0c4646c2 956c0cc9b6e4ab70 c9d6b92c	3ead4ddea2ffe65f cea03e9d72f1ec62	Unclassified Malware	No	N/A	N/A	Czech Republic	N/A
25	N/A	Non-executable	e6bae821873c7dbb 9ecdc424d9171dc9 80145713	df713c35f989864b db00b46341a3d105	Unclassified Malware	No	N/A	N/A	Venezuela	N/A
26	N/A	Executable	ef1b9203fe0e806e c5009429d3fdfb97 39160f3c	923efb6877a511ac 02033e2f3c965e86	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Europe	N/A
27	Microsoft	Executable	abbfe8c63b7b8e5e ca482a1723c5c1f4 3aa354db	fa5994e11cf9f2ad 9f4d99785fbf2577	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Italy	N/A
28	N/A	Executable	7cbbece1cbb34bd6 1627508587669d4c 2f44fea7	a6697773a7ea8b97 47a556bec1da252c	Unclassified Malware	No	N/A	N/A	United States	N/A
29	糖苦	Executable	be279314974fe681 3da3c6dffe7abbb6 10ebe1a5	92711d6efe394774 e4a4304bc74897c3	TrojWare.Win 32.Agent.OSC F	No	1.0.0.5	1.0.0.5	Internal Submission	N/A
30	N/A	Executable	4532759454f20640 320a4148160cd014 0a3b1bec	df1bb64ee4193545 bab88bb9afdb8532	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	United Kingdom	N/A
31	Nano Antivirus Tools	Executable	a4d9c5eee2106004 fdb52612cc6d11f6 825ce357	2c0cc6653ff81a59 34ec4dea91556acc	Backdoor.Win 32.Androm.DW F	Yes	1,0,135,0	1,0,135,0	Venezuela	N/A
32	t5B1Zmg	Executable	62409529e1aa6f52 134fb7533599fece e5a29362	f57a3e6193d74357 c000e7a6a0685b34	Unclassified Malware	No	23.15.18.5 3	23.15.18.5 3	156.223.228.107/32	N/A
33	N/A	Executable	c35acd2b1aa02a33 c5aa2cbbfbcb4b41 b89c0a19	bb689484539803fc 16748ef57fd809e3	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Mexico	N/A
34	Macromedia, Inc.	Executable	ca1f0fb0426b6ff8 0f6287de9c538196 5f72918c	1a95b977e1b15fe7 b894c112508e41b4	Virus.Win32. Ramnit.K	No	7,0,14,0	7,0,14,0	181.66.165.80/32	N/A
35	N/A	Executable	aa6d1af484a5eeaa 74686e25c34ef52d 9e3d07ca	e1dedff99e4cba75 048da00061eb5af9	Unclassified Malware	No	1.0.0.0	1.0.0.0	United States	N/A
36	N/A	Executable	f11b5b20973ae6af 31d7b0f7007e6639 41749103	bf9090916b50f16c b6441211e1f47588	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	United Kingdom	N/A
37	NirSoft	Executable	859b49c8fe95ca43 15dea3833b700e22 92734f75	b385a08a3b42c85c ae8b2580c8165c41	Unclassified Malware	No	1.00	1.00	Taiwan	N/A
38	Microsoft	Executable	e689ffbf123644bd da7e70f96fd10bb0 55e4e9ad	b695c8a794240a76 442f83d3d6870723	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Mexico	N/A
39	Microsoft	Executable	a0dab67e1b0d0821 acefa428c6575660 ed00c510	782c2e2b2d2c4cfa 61b08be5a0dd2080	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Chile	N/A
40	N/A	Executable	dc553d4cc15f1059 b3b48b79c2d05a88 1e24f405	ef70a27fa02cf597 58c98896909afff8	Unclassified Malware	No	N/A	N/A	United States	N/A
41	N/A	Executable	943e0e9302b61b4c d9ffbb9996eeac86 f8665c46	a58134a977cc8bbd 5d5f3bd4d20f5587	Win32.Neshta .A	No	N/A	N/A	United States	N/A
42	Anonymous	Executable	f9391e84b8eb87d3 189c3ef1fa9dc3ad 1b71cccd	4ea0695099575511 a8969b20f9ef5205	TrojWare.Win 32.TrojanDow nloader.Smal l.CO	No	N/A	N/A	United States	N/A
43	N/A	Executable	e711cdb3c822ac72 2748ea1a48be1d33 48ff5603	1fc377e938a38e95 d55a8686d86a693d	Unclassified Malware	No	N/A	N/A	Taiwan	N/A
44	N/A	Executable	1818626701d0b7cd d72393e2c844865c 2d77a2b4	7e17d743230d79ad 5debeb2ed2e0684f	Win32.Neshta .A	No	N/A	N/A	Russian Federation	N/A
45	Microsoft	Executable	e9e5f74b2069be47 ed04b92865100217 bdf552b8	702fba14e499020e 8f84bd0aa0398295	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Mexico	N/A
46	Microsoft Corporation	Executable	1521f8cb9398121e 0b9b01b35405f0dd 782741b2	64629607d76fcfc8 bddc820a363e59f8	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Iran, Islamic Republic of	N/A
47	Microsoft	Executable	94f8d6258695743d 198b97df038d9c65 115b968b	02e5e950b585ba34 78487da12942dd6b	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
48	N/A	Executable	846d5466f4bbdf6e 65f7477bd1d2e1c7 2db3bc3d	65ccc09d506bfa96 280a71b0556bc1e6	Unclassified Malware	No	4.6.2	N/A	Philippines	N/A
49	N/A	Executable	a1689fd664ab1fc8 235df3b9a54027a8 9ef7e0a4	30a17eacff990e86 bf29d22a91caa24c	TrojWare.Win 32.Bancteian .A	No	1.0.0.0	1.0.0.0	105.172.52.55/32	N/A
50	Microsoft	Executable	25b0149b18b52803 17e6e788bc60ec20 921dd123	13b78d4a11b35932 a4a7a5bee2347da8	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	197.210.29.192/32	N/A
51	N/A	Executable	3a8fed126aa3515c ae81ca067238255f f9673f86	6d18f61149ad777f 34abd7dd83493177	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Pakistan	N/A
52	Microsoft	Executable	9b443544a523bc0c 78743aa5b6f6fa74 57900b86	811a290b5b25d735 d603782480288d03	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Germany	N/A
53	CPUID	Executable	f6f4859935ba963d 6a13504ad7475bf2 0074668c	9f19ed40b08f2775 7ab6ffd8e1b4b167	Unclassified Malware	No	1.3.5.0	1.3.5.0	United States	N/A
54	N/A	Executable	be8c25db95b07388 7fbb566c6051d522 b7cd0e75	c0c86feb7568b0a0 64284e38077eda2c	Unclassified Malware	No	N/A	N/A	United States	N/A
55	N/A	Executable	d095a21d446020f1 cbce380c3236b608 dd8b2c85	03f75c7edcdd63d1 534cb24d72fa070f	Win32.Jeefo. A	No	N/A	N/A	177.220.175.249/32	N/A
56	Microsoft	Executable	1b6488ac58aa58a1 ce26d4a45c6a86a8 2c0315ec	4c584a3e95ea6dc6 1a7c740f257961dd	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
57	N/A	Non-executable	c6f6702f1e61da3c 54e48ef7e4c4b898 509eb104	1890199a06bd6289 f4fc4b44fcdc38e7	Unclassified Malware	No	N/A	N/A	Algeria	N/A
58	N/A	Executable	ced858dfa1d95aeb d608f942ac8f1713 1d18ac4c	44ee86a9afd2764e 3c31aaa3b075b8c1	Unclassified Malware	No	N/A	N/A	United States	N/A
59	Microsoft Corporation	Executable	ed112e61fb0580b3 fb4fc629fb67256f 8c7c420b	f31a89911546c6ef c6fab490292e11aa	Unclassified Malware	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Malaysia	N/A
60	Microsoft	Executable	e7a73cffff7e5e34 0fb4d8dcf91aade9 ca21898a	69ab2571bbfc5aa0 8592d221f216d277	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Canada	N/A
61	N/A	Executable	1b958e3ec9b53ac7 f07a648e51abaf53 e9ca8212	45782d384c7d8331 65ffc79af0a725ce	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	United Kingdom	N/A
62	N/A	Executable	31f19aeaea11da37 cf2e776e16d8de0f 0e9832e0	649ec11539e931ab 9d2f16aa1a849348	Unclassified Malware	No	N/A	N/A	197.38.56.83/32	N/A
63	N/A	Executable	05286ea596335afb 778802e15fce8c9d e5082318	89d1a147129ea8d8 c07a7259ccbb23f0	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	Cambodia	N/A
64	Microsoft	Executable	4bc39fbba0ae821a 14b5e628f1b6a83a bad40578	b21b7a81ecba9ed3 9db7434e8117a1e5	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
65	N/A	Executable	74b332344e593891 39f0aa36efb84b06 4707c8b6	c551b8d8f902766d 278ed1362e5d92e6	Unclassified Malware	No	N/A	N/A	31.2.212.78/32	N/A
66	N/A	Executable	cd9da01c65d2daf1 f94a27816af0f46d cde76692	367e81a35459a788 48c51d761883e8ea	TrojWare.Win 32.Bancteian .A	No	1.0.0.0	1.0.0.0	Indonesia	N/A
67	Microsoft	Executable	423904e0f11cf56f d3c9974b7a4c7ff5 fef7cbb5	37a439d4257c9883 80731b9908b15bd5	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
68	Microsoft	Executable	3b7a8213b74fa4e0 dd6c56775edb3507 3edcf999	db09285ad1ce6096 78f7d4a099e8c760	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Ecuador	N/A
69	N/A	Executable	6b4b7e86fcb75d46 e417f033eb5eca69 5a249976	bf188ae2d2b2dda1 c6edf55f0e035de5	TrojWare.Win 32.VB.QOTY	No	1.00	1.00	105.112.18.88/32	N/A
70	Microsoft	Executable	e4ba438eb60d043c c0ef5ce8d8891c16 9eb0c944	576322adfafacb6c a043836212c951fc	TrojWare.Win 32.VB.OSKB	No	1.00	1.00	Venezuela	N/A
71	N/A	Executable	3a6d85a47d4f5ad8 1e6b2e279b4a55ae 948b04ef	9249329cb190427c ce2a7a61d3b71530	Unclassified Malware	No	N/A	N/A	United States	N/A
72	N/A	Executable	abb1aaf3d0621957 e2a943c6d376aeee a38660c8	d80e48bd143d5096 15b3003e5775d3e6	TrojWare.Win 32.Agent.CIE	No	N/A	N/A	United States	N/A

1 2 3...18

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Safe Entries

First Seen: 07 December 2015 at 8:27 am

No.	Company	File Type	SHA1	MD5	Digitally Signed	File Version	Product Version	Submitted From
1	Microsoft Corporation	Executable	800a4c2e524fc392 c45748eae1691fa0 1d24ea4c	8497852ed44aff90 2d502015792d315d	Yes	10.0.10586 .0 (th2_relea se.151029- 1700)	10.0.10586 .0	United States

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Malware Search Engine

How to Remove “svchost.exe”

What is Svchost.exe?

How to find System is affected by Svchost.exe malware

How to remove the svchost.exe file from system using Comodo Antivirus?