There's no such thing as a stupid question, but they're the easiest to answer.


Search Search
Search for:
Tech Support Guy > > >

Is the file part of spyware or any sort of problem?


Frisbeeman's Avatar
Frisbeeman Frisbeeman is offline
Junior Member with 1 posts.
Join Date: Feb 2005
Location: Florida
Experience: Intermediate
12-Feb-2005, 07:20 PM #1
Is the file part of spyware or any sort of problem?
On my hard drive is the file C:\Windows\Prefetch\ It is an 18 KB file dated 2/9/05, which is about one month AFTER I purchased my computer.

I have Windows XP Pro on a Toshiba laptop.

My investigation into this started when my Zone Alarm Pro gave me an alert stating "Generic Host Process for Win32 Services trying to act as a server." It involved a file called svchost.exe.

I found the following at

Description of Svchost.exe in Windows XP

Each instance of Svchost process [you see in Task Manager] launches a list of services. Multiple instances of Svchost.exe can run at the same time. Four or five instances of svchost.exe is normal. If you want to see what services are run by each Svchost process:

For XP Professional, using the Tasklist command:

Click Start, Run and type cmd

Type Tasklist /svc >C:\TaskList.txt

The TaskList.txt will contain the services list (launched by each Svchost process). Windows XP Home does not have tasklist.exe. Download a copy from here

A Description of Svchost.exe in Windows XP:

WARNING: There are viruses circulating in the internet which uses the same name as svchost.exe. The legit svchost.exe will be present in the %Windir%\System32 folder.

I think my instance of svchost.exe trying to access the Internet was legitimate because twice Google search results were taking forever to come back and the instant I clicked "Allow" on the Zone Alarm Alert my search results came back. I typically have 7 copies of svchost.exe listed as a process in Windows Task Manager.

However, when I searched my hard drive for "svchost*.*" I discovered the file. Searching "" in Google produced surprisingly few results. Most of them were in foreign languages. When I restricted the searched the English it greatly reduced the results. One Google result was from a post on this forum dated 18-Apr-2004, 06:57 AM, but it was merely one of the files the person who made the post found on their hard drive.

The Google results on “” gave no clear answer if it is spyware. Searching Microsoft's Knowledge Base, Symantec’s web site and Zone Alarm’s web site produced no results. I would think that if it were spyware there would be a lot more discussion about it on the Internet.

Does anyone know if this is something malicious?

Thank you.
MFDnNC's Avatar
Member with 49,014 posts.
Join Date: Sep 2004
12-Feb-2005, 08:04 PM #2
Forget what is in prefetch, and if it botheres you empty prefetch and let it rebuild.

Svchost is a normal process running out of system32

If you are concerned

AdAware SE 1.05
SpyBot S&D 1.3

DL them (they are free), install them, check each for their
definition updates
and then run AdAware and Spybot, fixing anything
they say.

In SpywareBlaster - Always enable all protection after updates
SpyBot - After an update run immunize

Do these and reboot before the next step.

Then get HiJack This, put
it in a permanent folder (C:\HJT) , run it , DO NOT fix anything, post the
log here.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Thread Tools

You Are Using: Server ID
Trusted Website Back to the Top ↑