Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.16384 (winblue_rtm.130821-1623) 0.43%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.02%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.69%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.24%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.64%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.05%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.05%
6.2.9200.16420 (win8_gdr.120919-1813) 0.02%
6.2.9200.16420 (win8_gdr.120919-1813) 0.07%
6.2.9200.16420 (win8_gdr.120919-1813) 0.45%
6.2.9200.16420 (win8_gdr.120919-1813) 1.42%
6.2.9200.16420 (win8_gdr.120919-1813) 0.28%
6.2.9200.16420 (win8_gdr.120919-1813) 2.48%
6.2.9200.16420 (win8_gdr.120919-1813) 1.85%
6.2.9200.16420 (win8_gdr.120919-1813) 0.19%
6.2.9200.16384 (win8_rtm.120725-1247) 0.14%
6.2.9200.16384 (win8_rtm.120725-1247) 0.19%
6.2.9200.16384 (win8_rtm.120725-1247) 0.07%
6.2.9200.16384 (win8_rtm.120725-1247) 0.14%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.07%
6.2.8250.0 (winmain_win8beta.120217-1520) 0.02%
6.2.8250.0 (winmain_win8beta.120217-1520) 0.02%
6.2.8102.0 (winmain_win8m3.110823-1455) 0.05%
6.2.8102.0 (winmain_win8m3.110823-1455) 0.05%
6.1.7600.16385 (win7_rtm.090713-1255) 3.15%
View more

Relationships

Parent process
Child process
Related files

PE structurePE file structure
Show functions
Import table
api-ms-win-core-apiquery-l1-1-0.dll
ApiSetQueryApiSetPresence
api-ms-win-core-com-l1-1-0.dll
CoInitializeSecurity, CoCreateInstance, CoEnableCallCancellation, CoDisableCallCancellation, CoCancelCall, CoUninitialize, CoInitializeEx, StringFromCLSID, CoTaskMemFree
api-ms-win-core-com-l1-1-1.dll
CoInitializeSecurity, CoCancelCall, CoDisableCallCancellation, CoEnableCallCancellation, CoCreateInstance, CoUninitialize, CoInitializeEx
api-ms-win-core-debug-l1-1-1.dll
IsDebuggerPresent, OutputDebugStringA
api-ms-win-core-delayload-l1-1-1.dll
ResolveDelayLoadedAPI, DelayLoadFailureHook
api-ms-win-core-errorhandling-l1-1-0.dll
UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetLastError, SetLastError
api-ms-win-core-errorhandling-l1-1-1.dll
GetLastError, SetUnhandledExceptionFilter, UnhandledExceptionFilter, SetLastError
api-ms-win-core-handle-l1-1-0.dll
CloseHandle
api-ms-win-core-heap-l1-1-0.dll
GetProcessHeap, HeapAlloc, HeapSize, HeapReAlloc, HeapDestroy, HeapFree, HeapCreate
api-ms-win-core-heap-l1-2-0.dll
GetProcessHeap, HeapDestroy, HeapAlloc, HeapSize, HeapReAlloc, HeapFree, HeapCreate
api-ms-win-core-heap-obsolete-l1-1-0.dll
LocalFree
api-ms-win-core-interlocked-l1-1-0.dll
InterlockedCompareExchange, InterlockedDecrement, InterlockedIncrement, InterlockedExchange
api-ms-win-core-interlocked-l1-1-1.dll
InterlockedDecrement, InterlockedIncrement, InterlockedCompareExchange, InterlockedExchange
api-ms-win-core-interlocked-l1-2-0.dll
InterlockedDecrement, InterlockedIncrement, InterlockedCompareExchange, InterlockedExchange
api-ms-win-core-libraryloader-l1-1-1.dll
LoadStringW, GetModuleHandleW, GetModuleHandleA, GetProcAddress
api-ms-win-core-libraryloader-l1-2-0.dll
GetModuleHandleW, LoadStringW, GetModuleHandleA
api-ms-win-core-localregistry-l1-1-0.dll
RegGetValueW
api-ms-win-core-processthreads-l1-1-0.dll
OpenProcessToken
api-ms-win-core-processthreads-l1-1-1.dll
TerminateProcess, GetExitCodeThread, GetStartupInfoW, SetProcessShutdownParameters, GetCurrentProcess, GetCurrentThread, CreateThread, GetCurrentThreadId, SetThreadPriority, GetCurrentProcessId, GetThreadPriority, IsProcessorFeaturePresent, OpenProcessToken
api-ms-win-core-processthreads-l1-1-2.dll
GetThreadPriority, TerminateProcess, GetCurrentProcess, GetExitCodeThread, GetCurrentThreadId, GetCurrentProcessId, SetProcessShutdownParameters, CreateThread, GetStartupInfoW, GetCurrentThread, SetThreadPriority
api-ms-win-core-profile-l1-1-0.dll
QueryPerformanceCounter
api-ms-win-core-registry-l1-1-0.dll
RegGetValueW
api-ms-win-core-string-l1-1-0.dll
WideCharToMultiByte
api-ms-win-core-synch-l1-1-1.dll
DeleteCriticalSection, EnterCriticalSection, CreateEventW, InitializeSRWLock, InitOnceExecuteOnce, ReleaseSRWLockExclusive, InitializeCriticalSection, Sleep, SetEvent, WaitForSingleObject, LeaveCriticalSection, AcquireSRWLockExclusive, ResetEvent
api-ms-win-core-synch-l1-2-0.dll
EnterCriticalSection, ResetEvent, ReleaseSRWLockExclusive, AcquireSRWLockExclusive, WaitForSingleObject, InitializeSRWLock, SetEvent, InitializeCriticalSection, DeleteCriticalSection, LeaveCriticalSection, Sleep, InitOnceExecuteOnce, CreateEventW
api-ms-win-core-sysinfo-l1-1-1.dll
GetTickCount, GetSystemTimeAsFileTime
api-ms-win-core-sysinfo-l1-2-0.dll
GetTickCount, GetSystemTimeAsFileTime
api-ms-win-core-sysinfo-l1-2-1.dll
GetTickCount, GetSystemTimeAsFileTime
api-ms-win-core-threadpool-l1-1-1.dll
DeleteTimerQueueTimer, CreateTimerQueueTimer
api-ms-win-core-threadpool-legacy-l1-1-0.dll
CreateTimerQueueTimer, DeleteTimerQueueTimer
api-ms-win-eventing-classicprovider-l1-1-0.dll
GetTraceEnableLevel, UnregisterTraceGuids, GetTraceLoggerHandle, GetTraceEnableFlags, TraceMessage, RegisterTraceGuidsW
api-ms-win-obsolete-kernelbase-l1-1-0.dll
LocalFree
api-ms-win-security-base-l1-1-0.dll
GetSecurityDescriptorSacl, MakeAbsoluteSD, GetSecurityDescriptorControl, AddAce, InitializeSid, CopySid, InitializeAcl, GetTokenInformation, AllocateAndInitializeSid, FreeSid, GetSidLengthRequired, GetSecurityDescriptorGroup, GetLengthSid, GetSecurityDescriptorDacl, GetSidSubAuthority, SetSecurityDescriptorDacl, SetSecurityDescriptorGroup, SetSecurityDescriptorOwner, GetAclInformation, IsValidSid, InitializeSecurityDescriptor, GetSecurityDescriptorOwner
api-ms-win-security-base-l1-2-0.dll
FreeSid, InitializeAcl, GetLengthSid, AllocateAndInitializeSid, GetSecurityDescriptorSacl, GetSecurityDescriptorDacl, GetSecurityDescriptorGroup, GetSecurityDescriptorOwner, GetSecurityDescriptorControl, SetSecurityDescriptorOwner, IsValidSid, InitializeSecurityDescriptor, MakeAbsoluteSD, GetSidSubAuthority, InitializeSid, GetSidLengthRequired, SetSecurityDescriptorGroup, SetSecurityDescriptorDacl, AddAce, GetAclInformation, CopySid
kernel32.dll
InterlockedExchange, Sleep, InterlockedCompareExchange, GetStartupInfoW, SetUnhandledExceptionFilter, GetModuleHandleA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, GetLastError, WaitForSingleObject, ResetEvent, CloseHandle, CreateEventW, HeapFree, HeapDestroy, HeapCreate, HeapReAlloc, SetLastError, HeapAlloc, InitOnceExecuteOnce, SetProcessShutdownParameters, InterlockedIncrement, DeleteAtom, IsDebuggerPresent, AcquireSRWLockExclusive, ReleaseSRWLockExclusive, SetEvent, InterlockedDecrement, GetModuleHandleW, CreateThread, InitializeSRWLock, SetThreadPriority, GetThreadPriority, GetCurrentThread, GetExitCodeThread, DeleteTimerQueueTimer, CreateTimerQueueTimer, HeapSize, GetProcessHeap, LocalFree, OutputDebugStringA, GetTickCount64
msvcrt.dll
DllMain
ntdll.dll
RtlUnhandledExceptionFilter, EtwTraceMessage, DbgPrintEx, NtSetInformationProcess
ole32.dll
CoEnableCallCancellation, CoCancelCall, CoDisableCallCancellation, CoCreateInstance, CoInitializeSecurity, CoInitializeEx, CoUninitialize
rpcrt4.dll
RpcAsyncInitializeHandle, RpcBindingFree, RpcBindingSetAuthInfoExW, RpcStringFreeW, RpcBindingFromStringBindingW, RpcStringBindingComposeW, NdrClientCall2, NdrAsyncClientCall, RpcAsyncCompleteCall, RpcAsyncCancelCall
user32.dll
UpdateWindow, ShowWindow, DefWindowProcW, RegisterClassW, DispatchMessageW, TranslateMessage, MsgWaitForMultipleObjects, PostMessageW, GetWindowThreadProcessId, IsWindow, EnumThreadWindows, EnumWindows, PostQuitMessage, ShutdownBlockReasonDestroy, LoadStringW, ShutdownBlockReasonCreate, DestroyWindow, PeekMessageW, UnregisterClassW, CreateWindowExW

taskhost.exe

Host Process for Windows Tasks by Microsoft Corporation (Signed)

Remove taskhost.exe
Version:   6.1.7600.16385 (win7_rtm.090713-1255)
MD5:   517110bd83835338c037269e603db55d
SHA1:   61478d71931fb3e304bc341236ab0db1d6c26e09
SHA256:   499a803de14905f2ff7bca56d81cc983e16a8d9cea93ec4b84a06a366e7cb939
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is taskhost.exe?

Host Process for Windows Tasks is a generic process which acts as a host for processes that run from DLLs rather than EXEs. At startup TASKHOST checks the Services portion of the Registry to construct a list of DLL-based services that it needs to load, and then loads them.

Overview

taskhost.exe executes as a process with the local user's privileges typically within the context of its parent services.exe (Services and Controller app by Microsoft). The file is digitally signed by Microsoft Corporation. This version is designed to run on Windows 7 and is compiled as a 64 bit program.

DetailsDetails

File name:taskhost.exe
Publisher:Microsoft Corporation
Product name:Host Process for Windows Tasks
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\taskhost.exe
Original name:taskhost.exe.mui
File version:6.1.7600.16385 (win7_rtm.090713-1255)
Product version:6.1.7600.16385
Size:67.5 KB (69,120 bytes)
Certificate
Issued to:Microsoft Corporation
Authority (CA):Microsoft Corporation
Expiration date:Tuesday, July 9, 2013
Digital DNA
Entropy:6.163300
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details
Network connections
  • [UDP] listens on port 58241

    • ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00858901%
    0.028634%
    Kernel CPU:0.00382137%
    0.013761%
    User CPU:0.00476765%
    0.014873%
    Kernel CPU time:1,156,776 ms/min
    100,923,805ms/min
    CPU cycles:65,894/sec
    17,470,203/sec
    Context switches:7/sec
    284/sec
    Memory
    Private memory:7.4 MB
    21.59 MB
    Private (maximum):9.63 MB
    Private (minimum):6.13 MB
    Non-paged memory:7.4 MB
    21.59 MB
    Virtual memory:79.25 MB
    140.96 MB
    Virtual memory (peak):84.34 MB
    169.69 MB
    Working set:7.4 MB
    18.61 MB
    Working set (peak):10.04 MB
    37.95 MB
    Page faults:226,947/min
    2,039/min
    I/O
    I/O read transfer:2.16 KB/sec
    1.02 MB/min
    I/O read operations:1/sec
    343/min
    I/O write transfer:53 Bytes/sec
    274.99 KB/min
    I/O write operations:1/sec
    227/min
    I/O other transfer:81 Bytes/sec
    448.09 KB/min
    I/O other operations:6/sec
    1,671/min
    Resource allocations
    Threads:9
    12
    Handles:212
    600
    GUI GDI count:27
    103
    GUI GDI peak:33
    142
    GUI USER count:20
    49
    GUI USER peak:24
    71

    BehaviorsProcess properties

    Integrety level:Medium
    Platform:64-bit
    Command lines:
    • "taskhost.exe"
    • taskhost.exe $(arg0)
    • taskhost.exe user
    • taskhost.exe C:\Windows\System32\sc.exe start w32time task_started
    Owner:User
    Parent process:services.exe (Services and Controller app by Microsoft)

    ResourcesThreads

    Averages
     
    RacEngn.dll
    Total CPU:0.05729894%
    0.272967%
    Kernel CPU:0.00000000%
    0.107585%
    User CPU:0.05729894%
    0.165382%
    CPU cycles:1,828,109/sec
    5,741,424/sec
    Context switches:6/sec
    79/sec
    Memory:1.5 MB
    1.16 MB
    ntdll.dll
    Total CPU:0.01289671%
    Kernel CPU:0.00992473%
    User CPU:0.00297198%
    CPU cycles:115,878/sec
    Memory:1.66 MB
    taskhost.exe (main module)
    Total CPU:0.00107617%
    Kernel CPU:0.00090303%
    User CPU:0.00017314%
    CPU cycles:15,851/sec
    Memory:80 KB
    MsCtfMonitor.dll
    Total CPU:0.00086517%
    Kernel CPU:0.00058317%
    User CPU:0.00028199%
    CPU cycles:23,990/sec
    Memory:44 KB
    WINMM.dll
    Total CPU:0.00060638%
    Kernel CPU:0.00042063%
    User CPU:0.00018575%
    CPU cycles:10,321/sec
    Memory:236 KB
    MSCTF.dll
    Total CPU:0.00013182%
    Kernel CPU:0.00010756%
    User CPU:0.00002426%
    CPU cycles:6,771/sec
    Memory:1.04 MB
    SHLWAPI.dll
    Total CPU:0.00010755%
    Kernel CPU:0.00010390%
    User CPU:0.00000366%
    CPU cycles:1,490/sec
    Memory:452 KB
    PlaySndSrv.dll
    Total CPU:0.00007343%
    Kernel CPU:0.00000000%
    User CPU:0.00007343%
    CPU cycles:51/sec
    Memory:96 KB
    HotStartUserAgent.dll
    Total CPU:0.00003549%
    Kernel CPU:0.00001746%
    User CPU:0.00001803%
    CPU cycles:273/sec
    Memory:44 KB
    ole32.dll
    Total CPU:0.00002927%
    Kernel CPU:0.00000183%
    User CPU:0.00002745%
    CPU cycles:1,122/sec
    Memory:2.01 MB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Home Premium 45.50%
    Windows 7 Ultimate 19.50%
    Windows 8.1 10.00%
    Windows 7 Professional 8.00%
    Windows 8.1 Pro 6.50%
    Windows 7 Home Basic 2.50%
    Windows 8.1 Single Language 2.00%
    Windows 8 2.00%
    Windows 8 Single Language 1.50%
    Windows Seven Black Edition 0.50%
    Windows 8.1 Enterprise Evaluation 0.50%
    Windows 8.1 Pro with Media Center 0.50%
    Windows 7 Starter 0.50%
    Windows 8.1 Pro Preview 0.50%

    Distribution by countryDistribution by country

    United States installs about 48.24% of Host Process for Windows Tasks.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Dell 25.48%
    Hewlett-Packard 18.92%
    ASUS 17.76%
    Acer 13.13%
    Toshiba 8.49%
    Lenovo 5.41%
    Sony 5.41%
    GIGABYTE 1.54%
    Medion 1.54%
    Alienware 1.16%
    Samsung 0.77%
    Sahara 0.39%
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE