Exterminate It! Antimalware

malpedia

Known threats:699,443 Last Update:May 26, 18:52

Testimonials

Hi, thanks for the upadte!! It did the trick!!! Must tell you that I have never been this kind of satisfyed with any buy as I am with the Ext.it!! Thaks and I will recomend it anytime, anywhere!!!!

Sincerely Paul

Paul

File: svchost

Location of svchost and Associated Malware

Check whether svchost is present in the following locations:

svchost file locations that are Windows version independent:

  • C:\Windows\svchost
  • C:\Windows\System32\Tasks\svchost

Windows 2000, Windows XP, Windows Server 2003 specific svchost file locations:

  • C:\Documents And Settings\USER_NAME\Local Settings\Temp\svchost

Windows Vista, Windows Server 2008, Windows 7, Windows 8 specific svchost file locations:

  • C:\Users\USER_NAME\AppData\Local\Temp\svchost

If you find svchost file in any of these locations, your computer is very likely to be infected with the following malware:

IMPORTANT: Malware files can be camouflaged with the same file names as legitimate files. The svchost file is associated with malware only if found in the locations listed above.

Notes:

Different Variations of svchost File^

File SizeFile Md5Last Seen
34432CAD5A5A26C9308FAEC237743D4D76FBJan 8, 2010
51838A27A81A04036256B185FF4EAD2AFE6Jan 8, 2010
8059794076D29F6B1AA30A68DD45B80965821Jan 11, 2010
1552772681599224653BDCA3BBA3EF3F6746Jan 12, 2010
1068232E7198C129C9ED109DFEAD29D897413D8Jan 13, 2010
582432293C86823824860343AB20FEA140B7Jan 30, 2010
553698BD22CACA7ECCAE746CFFD8EDC805E2Feb 15, 2010
23807C166F49FA00D8DD054884378A0972A43Feb 19, 2010
5552BBE7DA5DBFD31A8C93A266F905E8229CApr 28, 2010
2848B35271AAB5F448FD824905EE601DBFAEMay 5, 2010
3216DF269D28CF2597420EB584584C4EEC60May 10, 2010
54647738E6F963CCCBA382F3B4BA732B442May 17, 2010
25123A6CC4098152103B5F831B651A6709E7May 27, 2010
31525FDBEF4DE573ACF63E9AED927F835897Jun 9, 2010
35681A3DC906B661580DFB6E5BFB1B6C72E8Jun 25, 2010
359830AA09129567CDCC0BF87303BDAD8F7DJul 7, 2010
1882C3B693AEFCA1E54FB15F131542E982AJul 30, 2010
3264830CF61D9745EF7BFB36C3559020F093Aug 7, 2010
46298B9D18EC811A045E3F110BF0C8E81B07Aug 15, 2010
32647256DFEA3A808FA0ADBBCAECC0911216Aug 26, 2010
3552E8B5461D968734A69489FE18DF482A8BAug 28, 2010
3723923945E4AEDD1CF0940D24A02EA78AAC46BSep 3, 2010
97943AE5D3A53E515147E09BAFB4E2E2FA79DSep 4, 2010
1456D38BBDDA34CD6AA645A8FEC152CCDD73Sep 20, 2010
1766903A78DD047FC43CCBD5392826AC6A308FOct 15, 2010
1376FA7C6DF8CEA541EAA04BD748A18ACC8CNov 13, 2010
40004B1BC0DA6B4D5169CB9031CFCC34F4E8Jan 26, 2011
1846598562B07911170F93557CD42D40DCC796Feb 17, 2011
107597C374E3A28F2B94AB4C72014627983752Feb 17, 2011
3036165B86F1AEBAD54C6358B840D63656CEE5Feb 27, 2011
1494E2DB7639737072048226C05CFED4D334Mar 10, 2011
18403C611372893C600A44EA0739C3070DF8Apr 9, 2011
1552DBEE05ECF87D87561025E8E3AAD739B1Sep 9, 2011
326489E6AE2888BFA3ABC86FA0CC42014644Oct 24, 2011
110230057851DA777737237596CE7E87C4288Dec 27, 2011
18450340779BD88C71331CA7CA19DA15BBB4EBFeb 17, 2011
615936909E9D5A1E94FD6E51EA52153A6C8DABApr 11, 2012
3040957B678CABB68DACBEADD03E150A95F6May 2, 2016
29944D1E3D4416CBE0F46C34147DC0630043May 8, 2016
306097DEBEC61AF8FAEE4E7553FE34EC6A91May 9, 2016
301842A1BEA092BA8764B783D8D1EB6C89BDMay 11, 2016
29825EBAF37325A2B0A2DDC4926C5F0311B5May 11, 2016
303085DE456D2D014DDF2FFAF4363A389130May 12, 2016
2942CB7E7ADCC694F51C8FC1B4EBC58C1AC4May 17, 2016
2930125CD966636FEAE35AFCC7BCCB1A1331May 18, 2016
304679DEBC3F81994F170B2225BF83E03B4FMay 21, 2016
3132C71DF2A3FB29AEE64071CD829AAA5D62May 23, 2016
337438D60AC57500269C0C5056890AC1828DMay 25, 2016
2978657A1A88B2338E484CE1134AA4D3A37AMay 31, 2016
30669CEF8DDF24D14373FB9D43E5B9286D73May 31, 2016
2986638D228B0A45FDC01AB3AE66AC57CF6AMay 31, 2016
3062793359482E3448F0A400D86F675079F1Jun 2, 2016
2974D7F3D81C28FCD3D82779CB9287374EFFJun 5, 2016
296650BF440CA29C848890CA4DAA9FA20E84Jun 5, 2016
30620B299FBE75F2BE7438C2B66AF149EB36Jun 5, 2016
30548DF67CAE9A1CE7E57CFD671B903FA87EJun 6, 2016
3052566D39EFDABEA21AEDF73BE2AC24F69DJun 7, 2016
2976025EDABA07D5DB754D6548C7E33F7569Jun 8, 2016
3006A72739E564A4EF0FB8F6160779BE8107Jun 8, 2016
2964ACC7A2E3672D8ACD55652C15EBAB60E2Jun 9, 2016
2966D2AFC5782E5C60F0DB2FE64864BE3288Jun 11, 2016
29908C470D90C89836910554EDE283037240Jun 15, 2016
300036A2D0B0CC85B054404A21A24CBBB776Jul 8, 2016
30305A21E0A7FAA27B1E8939332C7EE4A0E7Jul 8, 2016
3138132176BAC94B5CDB9DBE5EE0FF633825Jul 16, 2016
2932398A913F3D4AD54F8E2D038BE65929B4Jul 21, 2016
3022893A947A8EEDB92EBDA404EC45D8BC27Jul 24, 2016
3012DB1AE9C92B0B709EA599006917210158Jul 26, 2016
30180380052ADAF6EAE1CABD3E0221783F95Jul 30, 2016
3374752DD557A14BF1249FE4F43199544B8EAug 2, 2016
302617DB874422E5C067D65079CC0738FA02Aug 10, 2016
3030917E2F3B2EF21DF03108F84DA15F4E62Aug 29, 2016
303800881DE3A7E13D99C0031EB0CE25C4F2Aug 30, 2016
297475A5586DA9BE4F0BE56ECF32ACBF883ASep 9, 2016
30285F2AE1ED4B069AE55FA1100E885B403BSep 15, 2016
30287B37509BFD684881D8A22E578F992A65Sep 17, 2016
30389378F2545320CD836F56D0F173F884B0Sep 17, 2016
3040D6E6B0F85EFB6600B05F1B991F6DC125Sep 17, 2016
3118FBB867C54E10F39CB3E3F71DF313FD64Sep 18, 2016
214056BEC1E041BCE2B738D4580F674FC8B9Oct 10, 2016
3034BF813756B77825B31A50D96572C1D59COct 26, 2016
30401BACC7DCA4409D3291FC70332EABF834Nov 20, 2016
216083CD773232555C9B1ABA4AC75FE59049Dec 12, 2016
30347848E7755920B6A9C631C818C7A16BF3Dec 29, 2016
2938EC23BB209BE81F47562F6979DF7EFAE4Jan 27, 2017
3370BECEC56A5A4DDE8C9CBA23E09F21A0AFFeb 2, 2017
3376E46B1FAB1FF5C7C55E212894769D0D88Feb 3, 2017
30285589C0AE0884D1E459EDC87FE973234EFeb 13, 2017
30303300B68B39403782FB9F29DED12A72BFApr 3, 2017
3270782FBC7A6F266013E852389D4EDF67FAApr 26, 2017
3360DAB1AF5D84E719A61C662087408FE21FApr 29, 2017
296634AEAF129EAC765C61BA3207466E4BFAMay 1, 2017
30461E58CAC811A63FFF2A0C6ED130E40F13May 7, 2017
21589EC643B7CAA08A30D34D1F23BA23270BJun 20, 2017

Why Is It Important to Remove Malware Files?^

It is imperative that you delete malware-associated files as soon as possible because they can be used - or are already being used - to inflict serious damage on your PC, including:

  • Disrupting the normal functioning of the operating system or rendering it completely useless.
  • Hijacking valuable private information (credit card numbers, passwords, PIN codes, etc.)
  • Directing all your Web searches to the same unwanted or malicious sites.
  • Dramatically slowing down your computer.
  • Gaining total control of your PC to spread viruses and trojans and send out spam.

How to Remove svchost^

  1. To enable deleting the svchost file, terminate the associated process in the Task Manager as follows:
    • Right-click in the Windows taskbar (a bar that appears along the bottom of the Windows screen) and select Task Manager on the menu.
    • In the Tasks Manager window, click the Processes tab.
    • On the Processes tab, select svchost and click End Process.
  2. Using your file explorer, browse to the file using the paths listed in Location of svchost and Associated Malware.
  3. Select the file and press SHIFT+Delete on the keyboard.
  4. Click Yes in the confirm deletion dialog box.
  5. Repeat steps 2-4 for each location listed in Location of svchost and Associated Malware.
  6. Notes:

    • The deletion of svchost will fail if it is locked; that is, it is in use by some application (Windows will display a corresponding message). For instructions on deleting locked files, see Deleting Locked Files.
    • The deletion of svchost will fail if your Windows uses the NT File System (NTFS) and you have no write rights for the file. Request your system administrator to grant you write rights for the file.

Deleting Locked Files^

You can delete locked files with the RemoveOnReboot utility. You can install the RemoveOnReboot utility from here.

After you delete a locked file, you need to delete all the references to the file in Windows registry.

To delete a locked file:

  1. Right-click on the file and select Send To -> Remove on Next Reboot on the menu.
  2. Restart your computer.

The file will be deleted on restart.

Note: In the case of complex viruses that can replicate themselves, malware files can reappear in the same locations even after you have deleted those files and restarted your computer. Exterminate It! Antimalware can effectively eradicate such viruses from your computer.

To remove all registry references to a svchost malware file:

  1. On the Windows Start menu, click Run.
  2. In the Open box, type regedit and click OK. The Registry Editor window opens.
  3. On the Edit menu, select Find.
  4. In the Find dialog box, type svchost. The name of the first found registry value referencing svchost is highlighted in the right pane of the Registry Editor window.
  5. Right-click the registry value name and select Delete on the menu.
  6. Click Yes in the Confirm Value Delete dialog box.
  7. To delete all other references to svchost, repeat steps 4-6.
IMPORTANT: Malware files can masquerade as legitimate files by using the same file names. To avoid deleting a harmless file, ensure that the Value column for the registry value displays exactly one of the paths listed in Location of svchost and Associated Malware.