Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.16384 (winblue_rtm.130821-1623) 5.51%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.06%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.25%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.00%
6.2.9200.16384 (win8_rtm.120725-1247) 0.95%
6.2.9200.16384 (win8_rtm.120725-1247) 0.95%
6.2.9200.16384 (win8_rtm.120725-1247) 1.98%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.06%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.06%
6.2.8250.0 (winmain_win8beta.120217-1520) 0.00%
6.2.8102.0 (winmain_win8m3.110823-1455) 0.06%
6.1.7600.16385 (win7_rtm.090713-1255) 26.23%
6.1.7600.16385 (win7_rtm.090713-1255) 44.56%
6.1.7600.16385 (win7_rtm.090713-1255) 0.00%
6.1.7600.16385 (win7_rtm.090713-1255) 1.89%
6.1.7600.16385 (win7_rtm.090713-1255) 0.00%
6.1.7600.16385 (win7_rtm.090713-1255) 0.00%
6.0.6000.16386 (vista_rtm.061101-2205) 6.47%
6.0.6000.16386 (vista_rtm.061101-2205) 1.41%
6.0.6000.16386 (vista_rtm.061101-2205) 0.38%
5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 0.00%
5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 0.03%
5.1.2600.5689 (xpsp_sp3_qfe.081003-1407) 0.10%
5.1.2600.5512 (xpsp.080413-2111) 6.20%
5.1.2600.5512 (xpsp.080413-2111) 0.41%
View more

Relationships

Child processes
Related files

svchost.exe

Host Process for Windows Services by Microsoft Corporation (Signed)

Remove svchost.exe
Version:   5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
MD5:   8f078ae4ed187aaabc0a305146de6716
SHA1:   da0ff4006859a7580aba81f486f692dead2014fe
SHA256:   16593943861d03d508f37f60e41240dee14221e76f625835487f73d5010ac18a
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is svchost.exe?

Host Process for Windows Tasks is a generic process which acts as a host for processes that run from DLLs rather than EXEs. At startup TASKHOST checks the Services portion of the Registry to construct a list of DLL-based services that it needs to load, and then loads them.

Overview

svchost.exe has been configured with a firewall exception which allows both inbound and outbound network communication without being blocked. The file is digitally signed by Microsoft Corporation. This version is installed on Windows XP and is compiled as a 32 bit program.

DetailsDetails

File name:svchost.exe
Publisher:Microsoft Corporation
Product name:Host Process for Windows Services
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\svchost.exe
Original name:svchost.exe.mui
File version:5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
Product version:5.1.2600.2180
Size:14 KB (14,336 bytes)
Certificate
Issued to:Microsoft Corporation
Authority (CA):Microsoft Corporation
Expiration date:Friday, June 13, 2014
Digital DNA
Entropy:5.878473
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Services
This is the shared Service Host controller that runs some of the following shared services:
  • Service name 'QQPCFixSvc'
  • Service name 'Журнал событий Windows'
Drivers
  • SDGame
  • WinDefend
  • 1394hub
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
  • Firewall exception for 'C:\Windows\system32\svchost.exe'
Network connections
Access through an approved Windows firewall exception
  • [UDP] listens on port 123
  • [UDP] listens on port 1650
  • [UDP] listens on port 1900
  • [UDP] listens on port 4100
  • [UDP] listens on port 1080
  • [UDP] listens on port 1456
  • [UDP] listens on port 4949
  • [UDP] listens on port 1745
  • [UDP] listens on port 1121
  • [UDP] listens on port 2241
  • [UDP] listens on port 1657
  • [UDP] listens on port 4991
  • [UDP] listens on port 1116
  • [UDP] listens on port 1216
  • [UDP] listens on port 1033
  • [UDP] listens on port 1050
  • [UDP] listens on port 1242
  • [UDP] listens on port 1865
  • [UDP] listens on port 1527
  • [UDP] listens on port 42852
  • [UDP] listens on port 3844

    • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00891724%
    0.028634%
    Kernel CPU:0.00476062%
    0.013761%
    User CPU:0.00415662%
    0.014873%
    Kernel CPU time:16,857 ms/min
    100,923,805ms/min
    Context switches:34/sec
    284/sec
    Memory
    Private memory:6.18 MB
    21.59 MB
    Private (maximum):9.3 MB
    Private (minimum):4.62 MB
    Non-paged memory:6.18 MB
    21.59 MB
    Virtual memory:66.11 MB
    140.96 MB
    Virtual memory (peak):73.58 MB
    169.69 MB
    Working set:6.79 MB
    18.61 MB
    Working set (peak):13.75 MB
    37.95 MB
    Page faults:61,976/min
    2,039/min
    I/O
    I/O read transfer:28.29 KB/sec
    1.02 MB/min
    I/O read operations:12/sec
    343/min
    I/O write transfer:30.69 KB/sec
    274.99 KB/min
    I/O write operations:14/sec
    227/min
    I/O other transfer:1.08 KB/sec
    448.09 KB/min
    I/O other operations:44/sec
    1,671/min
    Resource allocations
    Threads:20
    12
    Handles:407
    600
    GUI GDI count:5
    103
    GUI USER count:7
    49

    BehaviorsProcess properties

    Integrety level:Undefined
    Platform:32-bit
    Command lines:
    • C:\Windows\System32\svchost.exe -k localservice
    • C:\Windows\System32\svchost.exe -k netsvcs
    • C:\Windows\System32\svchost -k rpcss
    • C:\Windows\System32\svchost -k dcomlaunch
    • C:\Windows\System32\svchost.exe -k networkservice
    • C:\Windows\System32\svchost.exe -k imgsvc
    • C:\Windows\System32\svchost.exe -k httpfilter
    • (22 more)
    Owner:SYSTEM
    Parent process:services.exe (Services and Controller app by Microsoft)

    ResourcesThreads

    Averages
     
    wiaservc.dll (Still Image Devices Service by Microsoft)
    Total CPU:1.52207643%
    0.272967%
    Kernel CPU:1.07117288%
    0.107585%
    User CPU:0.45090355%
    0.165382%
    Context switches:7/sec
    79/sec
    Memory:340 KB
    1.16 MB
    wbemcore.dll
    Total CPU:0.42529253%
    Kernel CPU:0.05478454%
    User CPU:0.37050799%
    Context switches:29/sec
    Memory:532 KB
    tapisrv.dll (Microsoft Windows Telephony Server by Microsoft)
    Total CPU:0.20114259%
    Kernel CPU:0.16129965%
    User CPU:0.03984294%
    Memory:256 KB
    RPCRT4.dll
    Total CPU:0.17358167%
    Kernel CPU:0.02057562%
    User CPU:0.15300605%
    Context switches:36/sec
    Memory:580 KB
    schedsvc.dll (Task Scheduler Engine by Microsoft)
    Total CPU:0.02012082%
    Kernel CPU:0.00837318%
    User CPU:0.01174764%
    Memory:200 KB
    ole32.dll
    Total CPU:0.01080999%
    Kernel CPU:0.00392934%
    User CPU:0.00688065%
    Memory:1.24 MB
    ntdll.dll
    Total CPU:0.00588307%
    Kernel CPU:0.00251002%
    User CPU:0.00337304%
    Memory:704 KB
    repdrvfs.dll
    Total CPU:0.00483835%
    Kernel CPU:0.00395600%
    User CPU:0.00088235%
    Memory:184 KB
    ADVAPI32.dll
    Total CPU:0.00367176%
    Kernel CPU:0.00126407%
    User CPU:0.00240769%
    Memory:620 KB
    wuaueng.dll
    Total CPU:0.00351534%
    Kernel CPU:0.00175767%
    User CPU:0.00175767%
    Memory:1.63 MB
    ESENT.dll
    Total CPU:0.00193558%
    Kernel CPU:0.00080183%
    User CPU:0.00113375%
    Context switches:2/sec
    Memory:1.05 MB
    svchost.exe (main module)
    Total CPU:0.00151471%
    Kernel CPU:0.00083604%
    User CPU:0.00067867%
    Memory:24 KB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 8.1 Pro 100.00%

    Distribution by countryDistribution by country

    Austria installs about 79.00% of Host Process for Windows Services.
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE