Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.16384 (winblue_rtm.130821-1623) 4.74%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.05%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.22%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.00%
6.2.9200.16384 (win8_rtm.120725-1247) 0.81%
6.2.9200.16384 (win8_rtm.120725-1247) 0.82%
6.2.9200.16384 (win8_rtm.120725-1247) 1.70%
6.2.9200.16384 (win8_rtm.120725-1247) 13.81%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.05%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.05%
6.2.8250.0 (winmain_win8beta.120217-1520) 0.00%
6.2.8102.0 (winmain_win8m3.110823-1455) 0.05%
6.1.7600.16385 (win7_rtm.090713-1255) 22.55%
6.1.7600.16385 (win7_rtm.090713-1255) 38.30%
6.1.7600.16385 (win7_rtm.090713-1255) 0.00%
6.1.7600.16385 (win7_rtm.090713-1255) 1.62%
6.1.7600.16385 (win7_rtm.090713-1255) 0.00%
6.1.7600.16385 (win7_rtm.090713-1255) 0.00%
6.1.7600.16385 (win7_rtm.090713-1255) 0.23%
6.0.6000.16386 (vista_rtm.061101-2205) 5.56%
6.0.6000.16386 (vista_rtm.061101-2205) 1.21%
6.0.6000.16386 (vista_rtm.061101-2205) 0.32%
5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 0.00%
5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 0.02%
5.1.2600.5689 (xpsp_sp3_qfe.081003-1407) 0.09%
View more

Relationships

Parent process
Child processes
Related files

svchost.exe

Host Process for Windows Services by Microsoft Corporation (Signed)

Remove svchost.exe
Version:   6.0.6000.16386 (vista_rtm.061101-2205)
MD5:   3794b461c45882e06856f282eef025af
SHA1:   bf15549a7ec01ac505ccac036aba5b9bae688135
SHA256:   d4f79d7bc639fe86ac68961e6273836b9d7af491773fd054395b33d317017beb
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is svchost.exe?

Host Process for Windows Tasks is a generic process which acts as a host for processes that run from DLLs rather than EXEs. At startup TASKHOST checks the Services portion of the Registry to construct a list of DLL-based services that it needs to load, and then loads them.

Overview

svchost.exe has been configured with a firewall exception which allows both inbound and outbound network communication without being blocked. The file is digitally signed by Microsoft Corporation. This version is designed to run on Windows Vista and is compiled as a 32 bit program.

DetailsDetails

File name:svchost.exe
Publisher:Microsoft Corporation
Product name:Host Process for Windows Services
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\svchost.exe
Original name:svchost.exe.mui
File version:6.0.6000.16386 (vista_rtm.061101-2205)
Product version:6.0.6000.16386
Size:21 KB (21,504 bytes)
Certificate
Issued to:Microsoft Corporation
Authority (CA):Microsoft Corporation
Expiration date:Friday, June 13, 2014
Digital DNA
Entropy:5.878473
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Services
This is the shared Service Host controller that runs some of the following shared services:
  • Service name 'QQPCFixSvc'
  • Service name 'Журнал событий Windows'
Drivers
  • SDGame
  • WinDefend
  • 1394hub
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
  • Firewall exception for 'C:\Windows\system32\svchost.exe'
Network connections
Access through an approved Windows firewall exception
  • [TCP] 157.56.77.158:443
  • [UDP] listens on port 55956
  • [UDP] listens on port 4500
  • [UDP] listens on port 5355
  • [UDP] listens on port 1900
  • [UDP] listens on port 61557
  • [UDP] listens on port 58451
  • [UDP] listens on port 49402
  • [UDP] listens on port 123
  • [UDP] listens on port 61892
  • [UDP] listens on port 58504
  • [UDP] listens on port 520
  • [UDP] listens on port 59722
  • [UDP] listens on port 57847
  • [UDP] listens on port 50182
  • [UDP] listens on port 53650
  • [UDP] listens on port 427
  • [UDP] listens on port 57032
  • [UDP] listens on port 62303
  • [UDP] listens on port 63860
  • [UDP] listens on port 51872

  • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00145009%
    0.028634%
    Kernel CPU:0.00072229%
    0.013761%
    User CPU:0.00072780%
    0.014873%
    Kernel CPU time:94,126,486 ms/min
    100,923,805ms/min
    CPU cycles:1,731,437/sec
    17,470,203/sec
    Context switches:186/sec
    284/sec
    Memory
    Private memory:17.95 MB
    21.59 MB
    Private (maximum):40.98 MB
    Private (minimum):9.87 MB
    Non-paged memory:17.95 MB
    21.59 MB
    Virtual memory:86.49 MB
    140.96 MB
    Virtual memory (peak):133.42 MB
    169.69 MB
    Working set:15.53 MB
    18.61 MB
    Working set (peak):66.6 MB
    37.95 MB
    Page faults:237,505/min
    2,039/min
    I/O
    I/O read transfer:265.94 KB/sec
    1.02 MB/min
    I/O read operations:28/sec
    343/min
    I/O write transfer:14.79 KB/sec
    274.99 KB/min
    I/O write operations:14/sec
    227/min
    I/O other transfer:14.99 KB/sec
    448.09 KB/min
    I/O other operations:381/sec
    1,671/min
    Resource allocations
    Threads:16
    12
    Handles:389
    600

    BehaviorsProcess properties

    Integrety level:System
    Platform:32-bit
    Command lines:
    • C:\Windows\System32\svchost.exe -k localservice
    • C:\Windows\System32\svchost.exe -k localsystemnetworkrestricted
    • C:\Windows\System32\svchost.exe -k netsvcs
    • C:\Windows\System32\svchost.exe -k localservicenonetwork
    • C:\Windows\System32\svchost.exe -k rpcss
    • C:\Windows\System32\svchost.exe -k localserviceandnoimpersonation
    • C:\Windows\System32\svchost.exe -k gpsvcgroup
    • (24 more)
    Owner:LOCAL SERVICE
    Parent process:services.exe (Services and Controller app by Microsoft)

    ResourcesThreads

    Averages
     
    qmgr.dll (Background Intelligent Transfer Service by Microsoft)
    Total CPU:1.18063033%
    0.272967%
    Kernel CPU:0.88636681%
    0.107585%
    User CPU:0.29426352%
    0.165382%
    CPU cycles:23,296,898/sec
    5,741,424/sec
    Context switches:1/sec
    79/sec
    Memory:1.75 MB
    1.16 MB
    wuaueng.dll (Windows Update Agent by Microsoft)
    Total CPU:0.74438902%
    Kernel CPU:0.39234087%
    User CPU:0.35204814%
    CPU cycles:15,642,164/sec
    Context switches:10/sec
    Memory:1.85 MB
    sysmain.dll (Superfetch Service Host by Microsoft)
    Total CPU:0.57596257%
    Kernel CPU:0.55564781%
    User CPU:0.02031475%
    CPU cycles:12,929,539/sec
    Context switches:3/sec
    Memory:552 KB
    ntdll.dll
    Total CPU:0.57217246%
    Kernel CPU:0.50074394%
    User CPU:0.07142852%
    CPU cycles:12,294,473/sec
    Memory:1.16 MB
    RPCRT4.dll
    Total CPU:0.33011290%
    Kernel CPU:0.21080681%
    User CPU:0.11930610%
    CPU cycles:6,597,520/sec
    Context switches:3/sec
    Memory:776 KB
    WININET.dll
    Total CPU:0.26278103%
    Kernel CPU:0.17780698%
    User CPU:0.08497405%
    CPU cycles:10,104,841/sec
    Memory:1.11 MB
    msvcrt.dll (Windows NT CRT DLL by Microsoft)
    Total CPU:0.23276356%
    Kernel CPU:0.03083869%
    User CPU:0.20192486%
    CPU cycles:5,979,017/sec
    Memory:680 KB
    mshtml.dll (Windows Internet Explorer by Microsoft)
    Total CPU:0.14408726%
    Kernel CPU:0.06594311%
    User CPU:0.07814415%
    CPU cycles:2,788,928/sec
    Memory:11.77 MB
    emdmgmt.dll (ReadyBoost Service by Microsoft)
    Total CPU:0.12728193%
    Kernel CPU:0.04528090%
    User CPU:0.08200102%
    CPU cycles:2,443,578/sec
    Context switches:1/sec
    Memory:568 KB
    wbemcore.dll
    Total CPU:0.12683653%
    Kernel CPU:0.04127881%
    User CPU:0.08555772%
    CPU cycles:2,047,249/sec
    Context switches:2/sec
    Memory:740 KB
    ESENT.dll
    Total CPU:0.12350827%
    Kernel CPU:0.10725675%
    User CPU:0.01625152%
    CPU cycles:3,005,993/sec
    Memory:1.41 MB
    smss.exe (Windows Session Manager by Microsoft)
    Total CPU:0.04595192%
    Kernel CPU:0.02402415%
    User CPU:0.02192776%
    CPU cycles:25,681,966/sec
    Memory:36 KB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 8.1 Pro 100.00%

    Distribution by countryDistribution by country

    Austria installs about 79.00% of Host Process for Windows Services.
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE