Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.16384 (winblue_rtm.130821-1623) 5.51%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.06%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.25%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.00%
6.2.9200.16384 (win8_rtm.120725-1247) 0.95%
6.2.9200.16384 (win8_rtm.120725-1247) 0.95%
6.2.9200.16384 (win8_rtm.120725-1247) 1.98%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.06%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.06%
6.2.8250.0 (winmain_win8beta.120217-1520) 0.00%
6.2.8102.0 (winmain_win8m3.110823-1455) 0.06%
6.1.7600.16385 (win7_rtm.090713-1255) 26.23%
6.1.7600.16385 (win7_rtm.090713-1255) 44.56%
6.1.7600.16385 (win7_rtm.090713-1255) 0.00%
6.1.7600.16385 (win7_rtm.090713-1255) 1.89%
6.1.7600.16385 (win7_rtm.090713-1255) 0.00%
6.1.7600.16385 (win7_rtm.090713-1255) 0.00%
6.0.6000.16386 (vista_rtm.061101-2205) 6.47%
6.0.6000.16386 (vista_rtm.061101-2205) 1.41%
6.0.6000.16386 (vista_rtm.061101-2205) 0.38%
5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 0.00%
5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 0.03%
5.1.2600.5689 (xpsp_sp3_qfe.081003-1407) 0.10%
5.1.2600.5512 (xpsp.080413-2111) 6.20%
5.1.2600.5512 (xpsp.080413-2111) 0.41%
View more

Relationships

Child processes
Related files

svchost.exe

Host Process for Windows Services by Microsoft Corporation (Signed)

Remove svchost.exe
Version:   5.1.2600.5512 (xpsp.080413-2111)
MD5:   27c6d03bcdb8cfeb96b716f3d8be3e18
SHA1:   49083ae3725a0488e0a8fbbe1335c745f70c4667
SHA256:   2910ebc692d833d949bfd56059e8106d324a276d5f165f874f3fb1b6c613cdd5
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is svchost.exe?

Host Process for Windows Tasks is a generic process which acts as a host for processes that run from DLLs rather than EXEs. At startup TASKHOST checks the Services portion of the Registry to construct a list of DLL-based services that it needs to load, and then loads them.

Overview

svchost.exe has been configured with a firewall exception which allows both inbound and outbound network communication without being blocked. The file is digitally signed by Microsoft Corporation. This version is installed on Windows XP and is compiled as a 32 bit program.

DetailsDetails

File name:svchost.exe
Publisher:Microsoft Corporation
Product name:Host Process for Windows Services
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\svchost.exe
Original name:svchost.exe.mui
File version:5.1.2600.5512 (xpsp.080413-2111)
Product version:5.1.2600.5512
Size:14 KB (14,336 bytes)
Certificate
Issued to:Microsoft Corporation
Authority (CA):Microsoft Corporation
Expiration date:Friday, June 13, 2014
Digital DNA
Entropy:5.878473
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Services
This is the shared Service Host controller that runs some of the following shared services:
  • Service name 'QQPCFixSvc'
  • Service name 'Журнал событий Windows'
Drivers
  • SDGame
  • WinDefend
  • 1394hub
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
  • Firewall exception for 'C:\Windows\system32\svchost.exe'
Network connections
Access through an approved Windows firewall exception
  • [UDP] listens on port 1900
  • [UDP] listens on port 123
  • [UDP] listens on port 8590
  • [UDP] listens on port 1027
  • [UDP] listens on port 3062
  • [UDP] listens on port 2466
  • [UDP] listens on port 427
  • [UDP] listens on port 1158
  • [UDP] listens on port 4801
  • [UDP] listens on port 3261
  • [UDP] listens on port 1515

  • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00540216%
    0.028634%
    Kernel CPU:0.00225998%
    0.013761%
    User CPU:0.00314218%
    0.014873%
    Kernel CPU time:846,685 ms/min
    100,923,805ms/min
    Context switches:42/sec
    284/sec
    Memory
    Private memory:6.54 MB
    21.59 MB
    Private (maximum):10.97 MB
    Private (minimum):4.97 MB
    Non-paged memory:6.54 MB
    21.59 MB
    Virtual memory:61.44 MB
    140.96 MB
    Virtual memory (peak):73.13 MB
    169.69 MB
    Working set:6.92 MB
    18.61 MB
    Working set (peak):15.3 MB
    37.95 MB
    Page faults:186,048/min
    2,039/min
    I/O
    I/O read transfer:18.85 KB/sec
    1.02 MB/min
    I/O read operations:6/sec
    343/min
    I/O write transfer:15.15 KB/sec
    274.99 KB/min
    I/O write operations:6/sec
    227/min
    I/O other transfer:11.5 KB/sec
    448.09 KB/min
    I/O other operations:104/sec
    1,671/min
    Resource allocations
    Threads:19
    12
    Handles:411
    600
    GUI GDI count:5
    103
    GUI USER count:6
    49

    BehaviorsProcess properties

    Integrety level:Undefined
    Platform:32-bit
    Command lines:
    • C:\Windows\System32\svchost.exe -k localservice
    • C:\Windows\System32\svchost.exe -k netsvcs
    • C:\Windows\System32\svchost -k rpcss
    • C:\Windows\System32\svchost -k dcomlaunch
    • C:\Windows\System32\svchost.exe -k networkservice
    • C:\Windows\System32\svchost.exe -k imgsvc
    • C:\Windows\System32\svchost.exe -k httpfilter
    • (23 more)
    Owner:SYSTEM
    Parent process:services.exe (Services and Controller app by Microsoft)

    ResourcesThreads

    Averages
     
    wuaueng.dll (Windows Update Agent by Microsoft)
    Total CPU:8.86952066%
    0.272967%
    Kernel CPU:3.14460426%
    0.107585%
    User CPU:5.72491640%
    0.165382%
    Context switches:39/sec
    79/sec
    Memory:1.85 MB
    1.16 MB
    wiaservc.dll (Still Image Devices Service by Microsoft)
    Total CPU:0.79112303%
    Kernel CPU:0.48938876%
    User CPU:0.30173426%
    Context switches:9/sec
    Memory:340 KB
    qmgr.dll (Background Intelligent Transfer Service by Microsoft)
    Total CPU:0.32464530%
    Kernel CPU:0.14038048%
    User CPU:0.18426482%
    Context switches:58/sec
    Memory:428 KB
    wbemcore.dll
    Total CPU:0.20053943%
    Kernel CPU:0.03804713%
    User CPU:0.16249230%
    Context switches:17/sec
    Memory:532 KB
    ipxrip.dll
    Total CPU:0.14904810%
    Kernel CPU:0.00043584%
    User CPU:0.14861226%
    Context switches:3/sec
    Memory:36 KB
    RPCRT4.dll
    Total CPU:0.10654474%
    Kernel CPU:0.02386758%
    User CPU:0.08267716%
    Context switches:15/sec
    Memory:588 KB
    wbemcomn.dll
    Total CPU:0.07063088%
    Kernel CPU:0.02493776%
    User CPU:0.04569312%
    Context switches:3/sec
    Memory:220 KB
    npggNT.des
    Total CPU:0.03039296%
    Kernel CPU:0.00000000%
    User CPU:0.03039296%
    Memory:284 KB
    es.dll (COM Services by Microsoft)
    Total CPU:0.02972652%
    Kernel CPU:0.02972652%
    User CPU:0.00000000%
    Context switches:5/sec
    Memory:272 KB
    ole32.dll
    Total CPU:0.02053535%
    Kernel CPU:0.00297237%
    User CPU:0.01756298%
    Context switches:1/sec
    Memory:1.24 MB
    schedsvc.dll
    Total CPU:0.01804537%
    Kernel CPU:0.00732977%
    User CPU:0.01071559%
    Memory:204 KB
    ntdll.dll
    Total CPU:0.01796910%
    Kernel CPU:0.00369502%
    User CPU:0.01427409%
    Context switches:1/sec
    Memory:712 KB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 8.1 Pro 100.00%

    Distribution by countryDistribution by country

    Austria installs about 79.00% of Host Process for Windows Services.
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE