Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.16384 (winblue_rtm.130821-1623) 4.74%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.05%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.22%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.00%
6.2.9200.16384 (win8_rtm.120725-1247) 0.81%
6.2.9200.16384 (win8_rtm.120725-1247) 0.82%
6.2.9200.16384 (win8_rtm.120725-1247) 1.70%
6.2.9200.16384 (win8_rtm.120725-1247) 13.81%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.05%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.05%
6.2.8250.0 (winmain_win8beta.120217-1520) 0.00%
6.2.8102.0 (winmain_win8m3.110823-1455) 0.05%
6.1.7600.16385 (win7_rtm.090713-1255) 22.55%
6.1.7600.16385 (win7_rtm.090713-1255) 38.30%
6.1.7600.16385 (win7_rtm.090713-1255) 0.00%
6.1.7600.16385 (win7_rtm.090713-1255) 1.62%
6.1.7600.16385 (win7_rtm.090713-1255) 0.00%
6.1.7600.16385 (win7_rtm.090713-1255) 0.00%
6.1.7600.16385 (win7_rtm.090713-1255) 0.23%
6.0.6000.16386 (vista_rtm.061101-2205) 5.56%
6.0.6000.16386 (vista_rtm.061101-2205) 1.21%
6.0.6000.16386 (vista_rtm.061101-2205) 0.32%
5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 0.00%
5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 0.02%
5.1.2600.5689 (xpsp_sp3_qfe.081003-1407) 0.09%
View more

Relationships

Parent process
Child processes
Related files

svchost.exe

Host Process for Windows Services by Microsoft Corporation (Signed)

Remove svchost.exe
Version:   6.2.9200.16384 (win8_rtm.120725-1247)
MD5:   0a175af8b65797bd22c11903a8bfeb2d
SHA1:   075d04db237e1fcb7d45d780268371fa80c512a2
SHA256:   fed63df0389061c5eb6d8cf9c203bbe95fa2165d4f112464f33935370105adda
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is svchost.exe?

Host Process for Windows Tasks is a generic process which acts as a host for processes that run from DLLs rather than EXEs. At startup TASKHOST checks the Services portion of the Registry to construct a list of DLL-based services that it needs to load, and then loads them.

Overview

svchost.exe has been configured with a firewall exception which allows both inbound and outbound network communication without being blocked. The file is digitally signed by Microsoft Corporation. This version is installed on Windows 8 and is compiled as a 32 bit program.

DetailsDetails

File name:svchost.exe
Publisher:Microsoft Corporation
Product name:Host Process for Windows Services
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\svchost.exe
Original name:svchost.exe.mui
File version:6.2.9200.16384 (win8_rtm.120725-1247)
Product version:6.2.9200.16384
Size:22.5 KB (23,040 bytes)
Certificate
Issued to:Microsoft Corporation
Authority (CA):Microsoft Corporation
Expiration date:Friday, June 13, 2014
Digital DNA
Entropy:5.878473
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Services
This is the shared Service Host controller that runs some of the following shared services:
  • Service name 'QQPCFixSvc'
  • Service name 'Журнал событий Windows'
Drivers
  • SDGame
  • WinDefend
  • 1394hub
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
  • Firewall exception for 'C:\Windows\system32\svchost.exe'
Network connections
Access through an approved Windows firewall exception
  • [TCP] ABTS-mum-Static-075.123.169.122.airtelbroadband.in (122.169.123.75:80)
  • [TCP] 80-239-205-205.customer.teliacarrier.com (80.239.205.205:80)
  • [TCP] vh013.pbt.microsoft.com (65.55.11.247:80)
  • [UDP] listens on port 1900
  • [UDP] listens on port 5355
  • [UDP] listens on port 65375
  • [UDP] listens on port 123
  • [UDP] listens on port 54511
  • [UDP] listens on port 68
  • [UDP] listens on port 4500
  • [UDP] listens on port 55176
  • [UDP] listens on port 63356
  • [UDP] listens on port 63354
  • [UDP] listens on port 58510
  • [UDP] listens on port 55270
  • [UDP] listens on port 49985
  • [UDP] listens on port 59685
  • [UDP] listens on port 59207
  • [UDP] listens on port 55038
  • [UDP] listens on port 59485
  • [UDP] listens on port 60687

  • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00309705%
    0.028634%
    Kernel CPU:0.00135797%
    0.013761%
    User CPU:0.00173908%
    0.014873%
    Kernel CPU time:428,980,639 ms/min
    100,923,805ms/min
    CPU cycles:2,402,954/sec
    17,470,203/sec
    Context switches:34/sec
    284/sec
    Memory
    Private memory:11 MB
    21.59 MB
    Private (maximum):21.54 MB
    Private (minimum):10.14 MB
    Non-paged memory:11 MB
    21.59 MB
    Virtual memory:85.72 MB
    140.96 MB
    Virtual memory (peak):123.18 MB
    169.69 MB
    Working set:13.12 MB
    18.61 MB
    Working set (peak):41.01 MB
    37.95 MB
    Page faults:322,196/min
    2,039/min
    I/O
    I/O read transfer:181.39 KB/sec
    1.02 MB/min
    I/O read operations:68/sec
    343/min
    I/O write transfer:790.33 KB/sec
    274.99 KB/min
    I/O write operations:20/sec
    227/min
    I/O other transfer:84.83 KB/sec
    448.09 KB/min
    I/O other operations:764/sec
    1,671/min
    Resource allocations
    Threads:18
    12
    Handles:626
    600

    BehaviorsProcess properties

    Integrety level:System
    Platform:32-bit
    Command lines:
    • C:\Windows\System32\svchost.exe -k localservicenonetwork
    • C:\Windows\System32\svchost.exe -k dcomlaunch
    • C:\Windows\System32\svchost.exe -k localservice
    • C:\Windows\System32\svchost.exe -k localsystemnetworkrestricted
    • C:\Windows\System32\svchost.exe -k rpcss
    • C:\Windows\System32\svchost.exe -k localservicenetworkrestricted
    • C:\Windows\System32\svchost.exe -k localserviceandnoimpersonation
    • (16 more)
    Owner:LOCAL SERVICE
    Parent process:services.exe (Services and Controller app by Microsoft)

    ResourcesThreads

    Averages
     
    wuaueng.dll (Windows Update Agent by Microsoft)
    Total CPU:1.07167085%
    0.272967%
    Kernel CPU:0.53303273%
    0.107585%
    User CPU:0.53863811%
    0.165382%
    CPU cycles:19,432,652/sec
    5,741,424/sec
    Context switches:18/sec
    79/sec
    Memory:2.59 MB
    1.16 MB
    wbemcore.dll
    Total CPU:0.33775730%
    Kernel CPU:0.13226987%
    User CPU:0.20548742%
    CPU cycles:7,553,850/sec
    Context switches:21/sec
    Memory:1012 KB
    qmgr.dll (Background Intelligent Transfer Service by Microsoft)
    Total CPU:0.15776722%
    Kernel CPU:0.13066823%
    User CPU:0.02709899%
    CPU cycles:2,802,017/sec
    Context switches:6/sec
    Memory:632 KB
    sysmain.dll (Superfetch Service Host by Microsoft)
    Total CPU:0.05462683%
    Kernel CPU:0.05462683%
    User CPU:0.00000000%
    CPU cycles:1,998,288/sec
    Context switches:71/sec
    Memory:1.01 MB
    ntdll.dll
    Total CPU:0.05134264%
    Kernel CPU:0.02703400%
    User CPU:0.02430864%
    CPU cycles:1,048,008/sec
    Context switches:7/sec
    Memory:1.4 MB
    sechost.dll
    Total CPU:0.03808101%
    Kernel CPU:0.00583000%
    User CPU:0.03225100%
    CPU cycles:823,180/sec
    Context switches:2/sec
    Memory:208 KB
    audiosrv.dll (Windows Audio Service by Microsoft)
    Total CPU:0.02550736%
    Kernel CPU:0.00557548%
    User CPU:0.01993189%
    CPU cycles:714,265/sec
    Context switches:6/sec
    Memory:608 KB
    dhcpcore6.dll
    Total CPU:0.02157424%
    Kernel CPU:0.02157138%
    User CPU:0.00000286%
    CPU cycles:149,315/sec
    Context switches:3/sec
    Memory:212 KB
    combase.dll
    Total CPU:0.00240675%
    Kernel CPU:0.00104020%
    User CPU:0.00136655%
    CPU cycles:38,540/sec
    Memory:1.21 MB
    ESENT.dll
    Total CPU:0.00230744%
    Kernel CPU:0.00172219%
    User CPU:0.00058525%
    CPU cycles:48,042/sec
    Memory:2.32 MB
    nlasvc.dll (Network Location Awareness 2 by Microsoft)
    Total CPU:0.00173940%
    Kernel CPU:0.00149395%
    User CPU:0.00024545%
    CPU cycles:28,847/sec
    Memory:292 KB
    fntcache.dll (Windows Font Cache Service by Microsoft)
    Total CPU:0.00126625%
    Kernel CPU:0.00065493%
    User CPU:0.00061133%
    CPU cycles:27,910/sec
    Memory:1008 KB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 8.1 Pro 100.00%

    Distribution by countryDistribution by country

    Austria installs about 79.00% of Host Process for Windows Services.
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE