SVCHOST.exe Question

Ok, since this is a topic related to svchost, so thought of jumping in instead of creating a new thread.
Just curious to know, how many svchost.exe is there supposed to be in the Windows Task Manager, in the Processes column. ??? I got 6 svchost.exe running.
2 under the User name of NETWORK SERVICE, 2 under SYSTEM and 1 under LOCAL SERVICE.
Is this normal ??? Pls help

 

From now on please create a new thread for your problem instead of posting in someone else's. I have created a new thread for you this time so post in here from now on.

Yes, its normal for those to run under the User names below.

If the file svchost.exe is running from C:\WINDOWS\System\32 then its legit. If its modified in ANY way or running from ANY other location it is not legit. SVCHOST.exe is a system process belonging to the Microsoft Windows Operating System which handles processes executed from DLLs.

Hope this answers your question!

LOCAL SERVICE
NETWORK SERVICE
SYSTEM

 

Re: Svchost not in system 32 folder

Wow ,a really fast reply !!! U guys sure works round-the-clock.
Sorry 'bout posting someone else's thread. Im new around here, so dont know much abt the rules. Pls give me some time to get adjusted.
Thanx !!!

 

Re: Svchost not in system 32 folder

Your Welcome!

Did I answer your question good enough or do you want more details?

 

Sure did !!!
Ok, since ur awake, can ya tell me what is the file index.dat and ntuser.dat ??
The former one is located in the cookies folder, which i cant seem to get rid of. While the 2nd one is in my Username folder, i havent tried to remove it since i dont know what it is.
Tried to scan them both, but Norton AV says the file is in use by other program or something. Any idea what it can be ???

 

The file ntuser.dat is a file which includes your Windows Registry. This file should NOT be modified in ANY way.

The Index.dat are files hidden on your computer that contain all of the Web sites that you have ever visited. Every URL, and every Web page is listed there. Not only that but all of the email that has been sent or received through Outlook or Outlook Express is also being logged. The file names and locations depend on what version of Internet Explorer you have. If you are running IE version 4.0 or above, the file name is "index.dat". Microsoft has not supplied an adequate explanation as to what these files are for or why they have been hidden so well.

According to Microsoft, these files are used to cache visited Web sites to help speed up the loading of Web pages in Internet Explorer. Obviously this cannot be the case because when you clear the Temporary Internet Files the "index.dat" files remain behind and continue to grow. If you delete or clear the Temporary Internet Files, there is absolutely no need to index the URL cache because those files no longer exist.

In Windows 2000 and Windows XP there are several "index.dat" files in these locations:

\Documents and Settings\<Username>\Cookies\index.dat

\Documents and Settings\<Username>\Local Settings\History\History.IE\index.dat

\Documents and Settings\<Username>\Local Settings\History\History.IE5\MSHist012001123120020101\index.dat

\Documents and Settings\<Username>\Local Settings\History\History.IE5\MSHist012002010720020114\index.dat

\Documents and Settings\<Username>\Local Internet Files\Content.IE5\index.dat


Index.dat files can be very hard to find. If you are in Windows, even with "Show hidden files and folders" enabled, index.dat files are not visible and cannot be found if you do a search for index.dat files. The reason that these files are so invisible is that they are not just hidden, they have been designated as "system" files. System files and folders are treated differently in DOS and Windows and are effectively cloaked from casual searches.

For cleaning these files out you can download CCleaner and run the first two scans only.

Doing this will clean out these files along with other temp files and unnecessary files.

For a free download of CCleaner, click the link provided below.
CCleaner

 

I'd like more information on this one . . . .

 

LOL!

 

Let a pfc like myself get in a chuckle on that one as well, Phillie Phan. Actually BJ, I found the 'expanded response' useful to validate what I already know about some of these .exe system processes and .dat files. Thanks.

 

Dude, i tried Ccleaner, but index.dat still wont seem to go.
Any more ideas. Pls let me know !!!

 

There are not supposed to go, they are meant to stay where they are. They should not and cant be deleted. They are there for a reason, when you run CCleaner it flushes the log inside of the file. It doesnt actually remove the file, they cant be removed. Its part of the Operating System.