Administration Adware Spyware Apache Bluetooth DOS Commands Edge General Internet Connection Internet Explorer Media Center Media Player Mozilla Firefox MS Access Performance PHP Programming Security Silverlight Tips Tools Tutorials Windows 10 Windows 7 Windows 8 Windows Phone Windows Server 2008 Windows Server 2012 Windows Server 2016 Windows Vista Windows XP

"McSvHost.exe" Process on Windows 7

Q

What is the "McSvHost.exe" process on windows 7? Is the "McSvHost.exe" process a virus? Can I terminate the "McSvHost.exe" process?

✍: FYIcenter.com

A

"McSvHost.exe" process represents "McAfee Service Host" program. "McSvHost.exe" process is the McAfee service host that are shared by multiple McAfee antivirus services.

"McSvHost.exe" process is normally running under the parent process "services" as shown in the process tree below: 

Boot
   wininit
      services
         McSvHost

On the Processes tab of "Task Manager", "McSvHost.exe" process may be listed as: 

Image Name                 Memory   Description
--------------------   ----------   -----------
McSvHost.exe             16,372 K   McAfee Service Host

Additional information about "McSvHost.exe" process: 

Command line:
   "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc

Programe file information:
   Name: McSvHost.exe
   Location: C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
   Description: McAfee Service Host
   Version: 5,0,9012,0
   Size: 599864 bytes
   Last modified: 4/23/2016 3:31:46 PM
   Company Name: McAfee, Inc.
   
Some data files used:
C:\Windows\System32\en-US\crypt32.dll.mui
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\SystemCertificates\My
C:\Windows\System32\en-US\setupapi.dll.mui
C:\Windows\System32\en-US\KernelBase.dll.mui
C:\Program Files\Common Files\McAfee\platform\mcsvchost
C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757
C:\Windows\System32\FirewallAPI.dll
C:\Windows\System32\stdole2.tlb
C:\ProgramData\McAfee\msk\settingsdb.dat
C:\ProgramData\McAfee\msk\MSKWMDB.dat

Some registry keys used:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKLM\SYSTEM\ControlSet001\Control\Nls\Sorting\Versions
HKLM\SYSTEM\ControlSet001\Control\SESSION MANAGER
HKLM\SYSTEM\ControlSet001\services\crypt32
HKLM\SOFTWARE\Microsoft\Cryptography\OID\EncodingType 0\CertDllCreateCertificateChainEngine\Config
HKU\.DEFAULT\Software\Microsoft\SystemCertificates\My
HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT
HKU\.DEFAULT\Software\Microsoft\SystemCertificates\CA
HKLM\SOFTWARE\Microsoft\SystemCertificates\CA
HKLM\SOFTWARE\Microsoft\EnterpriseCertificates\CA

Some DLL libraries used:
C:\windows\SYSTEM32\ntdll.dll
C:\windows\system32\kernel32.dll
C:\windows\system32\KERNELBASE.dll
C:\windows\system32\CRYPT32.dll
C:\windows\system32\msvcrt.dll
C:\windows\system32\MSASN1.dll
C:\windows\system32\WINTRUST.dll
C:\windows\system32\RPCRT4.dll
C:\windows\system32\PSAPI.DLL
C:\windows\system32\USER32.dll

"McSvHost.exe" process is not a virus. You should not terminate "McSvHost.exe" process.

 

⇒McAfee Program Processes on Windows 7

⇒⇒Windows 7 Processes Tutorials

2016-12-21, 1724👍, 0💬

Administration Adware Spyware Apache Bluetooth DOS Commands Edge General Internet Connection Internet Explorer Media Center Media Player Mozilla Firefox MS Access Performance PHP Programming Security Silverlight Tips Tools Tutorials Windows 10 Windows 7 Windows 8 Windows Phone Windows Server 2008 Windows Server 2012 Windows Server 2016 Windows Vista Windows XP