Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.16384 (winblue_rtm.130821-1623) 4.74%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.05%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.22%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.00%
6.2.9200.16384 (win8_rtm.120725-1247) 0.81%
6.2.9200.16384 (win8_rtm.120725-1247) 0.82%
6.2.9200.16384 (win8_rtm.120725-1247) 1.70%
6.2.9200.16384 (win8_rtm.120725-1247) 13.81%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.05%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.05%
6.2.8250.0 (winmain_win8beta.120217-1520) 0.00%
6.2.8102.0 (winmain_win8m3.110823-1455) 0.05%
6.1.7600.16385 (win7_rtm.090713-1255) 22.55%
6.1.7600.16385 (win7_rtm.090713-1255) 38.30%
6.1.7600.16385 (win7_rtm.090713-1255) 0.00%
6.1.7600.16385 (win7_rtm.090713-1255) 1.62%
6.1.7600.16385 (win7_rtm.090713-1255) 0.00%
6.1.7600.16385 (win7_rtm.090713-1255) 0.00%
6.1.7600.16385 (win7_rtm.090713-1255) 0.23%
6.0.6000.16386 (vista_rtm.061101-2205) 5.56%
6.0.6000.16386 (vista_rtm.061101-2205) 1.21%
6.0.6000.16386 (vista_rtm.061101-2205) 0.32%
5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 0.00%
5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 0.02%
5.1.2600.5689 (xpsp_sp3_qfe.081003-1407) 0.09%
View more

Relationships

Child processes
Related files

svchost.exe

Host Process for Windows Services by Microsoft Corporation (Signed)

Remove svchost.exe
Version:   6.3.9431.0 (winmain_bluemp.130615-1214)
MD5:   f7191317f1cd10f35dc74e24c1b71e06
SHA1:   01c21ae89c35c33eda304f5a65037dd0d23a4b06
SHA256:   f8881a4f3c5aadddbe355c4bf215a1dd4bccd14b5c059b867388ef988ac83dc7
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is svchost.exe?

Host Process for Windows Tasks is a generic process which acts as a host for processes that run from DLLs rather than EXEs. At startup TASKHOST checks the Services portion of the Registry to construct a list of DLL-based services that it needs to load, and then loads them.

Overview

svchost.exe has been configured with a firewall exception which allows both inbound and outbound network communication without being blocked. The file is digitally signed by Microsoft Corporation. and is compiled as a 64 bit program.

DetailsDetails

File name:svchost.exe
Publisher:Microsoft Corporation
Product name:Host Process for Windows Services
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\svchost.exe
Original name:svchost.exe.mui
File version:6.3.9431.0 (winmain_bluemp.130615-1214)
Product version:6.3.9431.0
Size:36.88 KB (37,768 bytes)
Build date:6/15/2013 3:48 PM
Certificate
Issued to:Microsoft Corporation
Authority (CA):Microsoft Corporation
Expiration date:Friday, June 13, 2014
Digital DNA
Entropy:5.878473
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Services
This is the shared Service Host controller that runs some of the following shared services:
  • Service name 'QQPCFixSvc'
  • Service name 'Журнал событий Windows'
Drivers
  • SDGame
  • WinDefend
  • 1394hub
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
  • Firewall exception for 'C:\Windows\system32\svchost.exe'
Network connections
Access through an approved Windows firewall exception
  • [TCP] 64.206.68.186:80
  • [TCP] 64.206.68.185:80
  • [UDP] listens on port 123
  • [UDP] listens on port 52218
  • [UDP] listens on port 63282
  • [UDP] listens on port 53928
  • [UDP] listens on port 51281
  • [UDP] listens on port 58653
  • [UDP] listens on port 54930
  • [UDP] listens on port 5355
  • [UDP] listens on port 55352
  • [UDP] listens on port 53934
  • [UDP] listens on port 55187
  • [UDP] listens on port 53705
  • [UDP] listens on port 59280

    • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00809413%
    0.028634%
    Kernel CPU:0.00377366%
    0.013761%
    User CPU:0.00432048%
    0.014873%
    Kernel CPU time:29,447 ms/min
    100,923,805ms/min
    CPU cycles:2,206,277/sec
    17,470,203/sec
    Context switches:43/sec
    284/sec
    Memory
    Private memory:17.44 MB
    21.59 MB
    Private (maximum):24.26 MB
    Private (minimum):18.66 MB
    Non-paged memory:17.44 MB
    21.59 MB
    Virtual memory:210.43 MB
    140.96 MB
    Virtual memory (peak):288.91 MB
    169.69 MB
    Working set:22.05 MB
    18.61 MB
    Working set (peak):36.79 MB
    37.95 MB
    Page faults:229,458/min
    2,039/min
    I/O
    I/O read transfer:860.44 KB/sec
    1.02 MB/min
    I/O read operations:67/sec
    343/min
    I/O write transfer:245.08 KB/sec
    274.99 KB/min
    I/O write operations:17/sec
    227/min
    I/O other transfer:138.06 KB/sec
    448.09 KB/min
    I/O other operations:616/sec
    1,671/min
    Resource allocations
    Threads:17
    12
    Handles:632
    600

    BehaviorsProcess properties

    Integrety level:System
    Platform:64-bit
    Command lines:
    • C:\Windows\System32\svchost.exe -k localservicenonetwork
    • C:\Windows\System32\svchost.exe -k netsvcs
    • C:\Windows\System32\svchost.exe -k rpcss
    • C:\Windows\System32\svchost.exe -k localservice
    • C:\Windows\System32\svchost.exe -k localservicenetworkrestricted
    • C:\Windows\System32\svchost.exe -k networkservice
    • C:\Windows\System32\svchost.exe -k dcomlaunch
    • (14 more)
    Owner:SYSTEM

    ResourcesThreads

    Averages
     
    sechost.dll
    Total CPU:0.06841992%
    0.272967%
    Kernel CPU:0.03023435%
    0.107585%
    User CPU:0.03818557%
    0.165382%
    CPU cycles:1,788,275/sec
    5,741,424/sec
    Memory:348 KB
    1.16 MB
    wuaueng.dll (Windows Update Agent by Microsoft)
    Total CPU:0.06380063%
    Kernel CPU:0.03441092%
    User CPU:0.02938971%
    CPU cycles:1,582,817/sec
    Memory:3.28 MB
    sysmain.dll (Superfetch Service Host by Microsoft)
    Total CPU:0.05949427%
    Kernel CPU:0.05760556%
    User CPU:0.00188871%
    CPU cycles:1,866,470/sec
    Context switches:6/sec
    Memory:1.18 MB
    ntdll.dll
    Total CPU:0.02464003%
    Kernel CPU:0.01329897%
    User CPU:0.01134106%
    CPU cycles:748,023/sec
    Context switches:7/sec
    Memory:1.66 MB
    hidserv.dll (Human Interface Device Service by Microsoft)
    Total CPU:0.01146062%
    Kernel CPU:0.00573031%
    User CPU:0.00573031%
    CPU cycles:222,578/sec
    Memory:48 KB
    ESENT.dll
    Total CPU:0.00935899%
    Kernel CPU:0.00935899%
    User CPU:0.00000000%
    CPU cycles:7,336/sec
    Memory:2.69 MB
    fntcache.dll (Windows Font Cache Service by Microsoft)
    Total CPU:0.00794224%
    Kernel CPU:0.00224759%
    User CPU:0.00569465%
    CPU cycles:201,704/sec
    Memory:1.3 MB
    wevtsvc.dll
    Total CPU:0.00392696%
    Kernel CPU:0.00233806%
    User CPU:0.00158890%
    CPU cycles:130,182/sec
    Memory:1.6 MB
    sessenv.dll (Remote Desktop Configuration service by Microsoft)
    Total CPU:0.00364488%
    Kernel CPU:0.00084375%
    User CPU:0.00280113%
    CPU cycles:41,734/sec
    Memory:344 KB
    rpcss.dll
    Total CPU:0.00257304%
    Kernel CPU:0.00002236%
    User CPU:0.00255068%
    CPU cycles:30,671/sec
    Memory:752 KB
    mmcss.dll (Multimedia Class Scheduler Service by Microsoft)
    Total CPU:0.00200757%
    Kernel CPU:0.00000000%
    User CPU:0.00200757%
    CPU cycles:12,232/sec
    Memory:152 KB
    fdPnp.dll
    Total CPU:0.00171230%
    Kernel CPU:0.00000000%
    User CPU:0.00171230%
    CPU cycles:45,002/sec
    Memory:68 KB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 8.1 Pro 100.00%

    Distribution by countryDistribution by country

    Austria installs about 79.00% of Host Process for Windows Services.
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE