Hi there,

When I look at my task manager I see svchost.exe is there 8 times.

User Name = SYSTEM - 6 times
User Name = NETWORK SERVICE - 1 time
User Name = LOCAL SERVICE = 1 time

The question I have is can I remove some of them for the startup process?

Here's a patial dump of the scan from Hijackthis (I've allso attached the complete file). Note that it's loaded from C:\WINDOWS\system32\ 3 times and from C:\WINDOWS\system32\drivers\etc\ 3 times;

StartupList report, 3/27/2004, 6:55:00 AM
StartupList version: 1.52
Started from : E:\Downloads\Utilities\hijackthis\HijackThis.EXE
Detected: Windows XP SP1 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\etc\svchost.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\drivers\etc\svchost.exe
C:\WINDOWS\system32\drivers\etc\svchost.exe
c:\windows\system32\drivers\etc\SysMgmt.exe
c:\windows\system32\drivers\etc\spoolsv.exe
C:\WINDOWS\System32\VetMsgNT.exe
C:\WINDOWS\System32\Fast.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMPUT~1\ETRUST~1\ETRUST~1\VetTray.exe
C:\WINDOWS\System32\fast.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\taskswitch.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Soft4Ever\looknstop\looknstop.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\WINDOWS\System32\Grxp4exe.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\taskmgr.exe
E:\Downloads\Utilities\hijackthis\HijackThis.exe

--------------------------------------------------

That could be a virus. Checking here, it appears many viruses use the name svchost.exe to hide the fact that a virus has been installed.

I'd recommend you update your virus definitions and scan your system.

<edit>
just checked something. The Netsky virus actually uses svchost.exe as a name. Again... you definitely want to update and run your virus scanner. :-|