Hi guys, Im just looking for a little info here. I've got 64bit Vista Home Premium SP1 and at any one time, I seem to have between 11 and 18 svchost.exe processes running in Task Manager. Currently I have 18 running, 6 Local Service, 9 System and 3 Network Service, combined they're taking up more than 433000K (commit size according to Task Manager). Is this normal? Should there be so many running?
I've done full scans with, Spybot S&D, Ad-Aware, Norton Antivirus, AVG Anti-Spyware and Windows Defender - All clear. I also did a Hijack This scan and could'nt see anything.
Thanks for any info
Paulos

433000K is too much even for Vista. What's your total memory storage?
Can you show a list of all services and show are they running and what's their Startup Type (Disabled, Automatic, Manual)?

Hi Tom K., thanks for the reply :)
I have 4GB of ram installed and a pagefile of 2048Mb to 4096Mb. Im not exactly sure what you wanted, so I've made a list of all the services (in Task Manager) and their start up type, with notepad and attached it.

Thanks Paulos

Can you look at services path to executable and list them except services with svchost.exe in it?

Sorry Tom K. Im not sure exactly what you mean, or how to find that info??

First, click on Start Orb, select Run, and enter "msconfig" (no quotes).
Now go to Services and tick the box named "Hide all Microsoft services". Don't close the window yet.
Go to Control Panel > Administrative Tools > Services. Now find those services from msconfig window in services list. When you find one of those services, right click on it, select Properties and you'll see Path of Executable under Description. Copy all those paths and paste them here.
(Note: I'm using XP, so some things can be diffrent.)

Ok Tom K. I've got this info you wanted. I've attached a .txt file with the extra info added for the non microsoft services.
Im guessing your looking for a culprit, so I can add descriptions to any of those services you dont recognise.
HTH
Paulos

Read the quote:


One of the easiest ways to get a performance gain is by adding more RAM. disabling services wont do much of that. However not exposing certain unneeded services does make for good security practice. Read all the documentation first. If you decide to disable: Create a restore point first just in case. Only disable a few at a time, remember the ones you disable.

sites for windows services in general:

http://www.blackviper.com/ (http://www.blackviper.com/)
http://www.beemerworld.com/tips/servicesxp.htm (http://www.beemerworld.com/tips/servicesxp.htm)http://www.sans.org/top20/#s2 (http://www.sans.org/top20/#s2)


Two apps that will disable the most exploited Windows services for you:
http://www.firewallleaktester.com/wwdc.htm (http://www.firewallleaktester.com/wwdc.htm)
http://seconfig.sytes.net/ (http://seconfig.sytes.net/)
(Note that some sites lead to XP services not Vista services.)

Note that this is risky. It could do some serious problems if you don't know what are you doing.

http://www.blackviper.com/WinVista/servicecfg.htm
http://www.vistarewired.com/2007/02/18/services

thanks Tom K., I've previously been to blaclvipers site and set my services almost identically to the 'Safe' list. I'll go back and chack again to be sure I've not missed anything
Thanks pjb66