Jump to content
Sign in to follow this  
kmschui

Svchost.exe 100%

Recommended Posts

~~~ Service Information report ~~~

 

Microsoft Windows XP Home Edition

Service Pack 3

5.1.2600

 

10/18/2010 1:25:03 AM

 

 

~~~Running Processes~~~

 

System Idle Process

PID: 0

Path:

Parent PID: 0

 

System

PID: 4

Path:

Parent PID: 0

 

smss.exe

PID: 464

Path: C:\WINDOWS\System32\smss.exe

Parent PID: 4

 

csrss.exe

PID: 520

Path: C:\WINDOWS\system32\csrss.exe

Parent PID: 464

 

winlogon.exe

PID: 548

Path: C:\WINDOWS\system32\winlogon.exe

Parent PID: 464

 

services.exe

PID: 592

Path: C:\WINDOWS\system32\services.exe

Parent PID: 548

 

lsass.exe

PID: 604

Path: C:\WINDOWS\system32\lsass.exe

Parent PID: 548

 

ati2evxx.exe

PID: 768

Path: C:\WINDOWS\system32\Ati2evxx.exe

Parent PID: 592

 

svchost.exe

PID: 788

Path: C:\WINDOWS\system32\svchost.exe

Parent PID: 592

 

svchost.exe

PID: 880

Path: C:\WINDOWS\system32\svchost.exe

Parent PID: 592

 

MsMpEng.exe

PID: 948

Path: C:\Program Files\Windows Defender\MsMpEng.exe

Parent PID: 592

 

svchost.exe

PID: 988

Path: C:\WINDOWS\System32\svchost.exe

Parent PID: 592

 

svchost.exe

PID: 1024

Path: C:\WINDOWS\system32\svchost.exe

Parent PID: 592

 

ati2evxx.exe

PID: 1088

Path: C:\WINDOWS\system32\Ati2evxx.exe

Parent PID: 548

 

iexplore.exe

PID: 1156

Path: C:\Program Files\Internet Explorer\IEXPLORE.EXE

Parent PID: 548

 

svchost.exe

PID: 1260

Path: C:\WINDOWS\system32\svchost.exe

Parent PID: 592

 

svchost.exe

PID: 1312

Path: C:\WINDOWS\system32\svchost.exe

Parent PID: 592

 

WLTRYSVC.EXE

PID: 1384

Path: C:\WINDOWS\System32\WLTRYSVC.EXE

Parent PID: 592

 

BCMWLTRY.EXE

PID: 1396

Path: C:\WINDOWS\System32\bcmwltry.exe

Parent PID: 1384

 

spoolsv.exe

PID: 1456

Path: C:\WINDOWS\system32\spoolsv.exe

Parent PID: 592

 

sched.exe

PID: 1516

Path: C:\Program Files\Avira\AntiVir Desktop\sched.exe

Parent PID: 592

 

svchost.exe

PID: 1588

Path: C:\WINDOWS\system32\svchost.exe

Parent PID: 592

 

explorer.exe

PID: 1884

Path: C:\WINDOWS\Explorer.EXE

Parent PID: 1856

 

SynTPEnh.exe

PID: 1992

Path: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

Parent PID: 1884

 

RTHDCPL.exe

PID: 2000

Path: C:\WINDOWS\RTHDCPL.EXE

Parent PID: 1884

 

MSASCui.exe

PID: 2044

Path: C:\Program Files\Windows Defender\MSASCui.exe

Parent PID: 1884

 

avgnt.exe

PID: 160

Path: C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

Parent PID: 1884

 

ePower_DMC.exe

PID: 172

Path: C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

Parent PID: 1884

 

ctfmon.exe

PID: 188

Path: C:\WINDOWS\system32\ctfmon.exe

Parent PID: 1884

 

CLI.exe

PID: 156

Path: C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE

Parent PID: 2036

 

MemCheck.exe

PID: 608

Path: C:\Acer\Empowering Technology\ePerformance\MemCheck.exe

Parent PID: 592

 

avguard.exe

PID: 796

Path: C:\Program Files\Avira\AntiVir Desktop\avguard.exe

Parent PID: 592

 

jqs.exe

PID: 1148

Path: C:\Program Files\Java\jre6\bin\jqs.exe

Parent PID: 592

 

svchost.exe

PID: 1424

Path: C:\WINDOWS\system32\svchost.exe

Parent PID: 592

 

avshadow.exe

PID: 1828

Path: C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

Parent PID: 796

 

CALMAIN.exe

PID: 2204

Path: C:\Program Files\Canon\CAL\CALMAIN.exe

Parent PID: 592

 

RtkBtMnt.exe

PID: 2316

Path: C:\DOCUME~1\Kumar\LOCALS~1\Temp\RtkBtMnt.exe

Parent PID: 2000

 

taskmgr.exe

PID: 2344

Path: C:\WINDOWS\system32\taskmgr.exe

Parent PID: 548

 

wmiprvse.exe

PID: 2628

Path: C:\WINDOWS\system32\wbem\wmiprvse.exe

Parent PID: 788

 

wmiprvse.exe

PID: 2828

Path: C:\WINDOWS\system32\wbem\wmiprvse.exe

Parent PID: 788

 

unsecapp.exe

PID: 3004

Path: C:\WINDOWS\system32\wbem\unsecapp.exe

Parent PID: 788

 

CLI.exe

PID: 3528

Path: C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

Parent PID: 156

 

CLI.exe

PID: 3536

Path: C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

Parent PID: 156

 

chrome.exe

PID: 1288

Path: C:\Documents and Settings\Kumar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

Parent PID: 1884

 

chrome.exe

PID: 2972

Path: C:\Documents and Settings\Kumar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

Parent PID: 1288

 

chrome.exe

PID: 2056

Path: C:\Documents and Settings\Kumar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

Parent PID: 1288

 

chrome.exe

PID: 3096

Path: C:\Documents and Settings\Kumar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

Parent PID: 1288

 

chrome.exe

PID: 3460

Path: C:\Documents and Settings\Kumar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

Parent PID: 1288

 

chrome.exe

PID: 3448

Path: C:\Documents and Settings\Kumar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

Parent PID: 1288

 

chrome.exe

PID: 3712

Path: C:\Documents and Settings\Kumar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

Parent PID: 1288

 

chrome.exe

PID: 2652

Path: C:\Documents and Settings\Kumar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

Parent PID: 1288

 

chrome.exe

PID: 3724

Path: C:\Documents and Settings\Kumar\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

Parent PID: 1288

 

driver_service_info.exe

PID: 2624

Path: C:\Documents and Settings\Kumar\My Documents\Downloads\driver_service_info.exe

Parent PID: 1288

 

cmd.exe

PID: 3804

Path: C:\WINDOWS\system32\cmd.exe

Parent PID: 2624

 

cscript.exe

PID: 1960

Path: C:\WINDOWS\system32\cscript.exe

Parent PID: 3804

 

findstr.exe

PID: 2116

Path: C:\WINDOWS\system32\findstr.exe

Parent PID: 3804

 

 

~~~Running Services by PID~~~

 

PID: 608

Memory Check Service

PID: 1516

Avira AntiVir Scheduler

PID: 796

Avira AntiVir Guard

PID: 768

Ati HotKey Poller

PID: 988

Windows Audio

Background Intelligent Transfer Service

Cryptographic Services

DHCP Client

COM+ Event System

Fast User Switching Compatibility

Help and Support

Server

Workstation

Network Connections

Network Location Awareness (NLA)

Remote Access Connection Manager

Task Scheduler

Secondary Logon

System Event Notification

Shell Hardware Detection

System Restore Service

Telephony

Themes

Distributed Link Tracking Client

Windows Time

Windows Management Instrumentation

Automatic Updates

Wireless Zero Configuration

PID: 2204

Canon Camera Access Library 8

PID: 788

DCOM Server Process Launcher

Terminal Services

PID: 1260

DNS Client

PID: 592

Event Log

Plug and Play

PID: 1148

Java Quick Starter

PID: 1312

TCP/IP NetBIOS Helper

SSDP Discovery Service

PID: 604

IPSEC Services

Protected Storage

Security Accounts Manager

PID: 880

Remote Procedure Call (RPC)

PID: 1456

Print Spooler

PID: 1424

Windows Image Acquisition (WIA)

PID: 1588

WebClient

PID: 948

Windows Defender

PID: 1384

Broadcom Wireless LAN Tray Service

PID: 1024

Windows Driver Foundation - User-mode Driver Framework

 

 

~~~Running Services Configuration~~~

 

PID: 608

Service: AcerMemUsageCheckService

Displayed: Memory Check Service

Image: C:\Acer\Empowering Technology\ePerformance\MemCheck.exe

Start Mode: Auto

 

PID: 1516

Service: AntiVirSchedulerService

Displayed: Avira AntiVir Scheduler

Image: "C:\Program Files\Avira\AntiVir Desktop\sched.exe"

Start Mode: Auto

 

PID: 796

Service: AntiVirService

Displayed: Avira AntiVir Guard

Image: "C:\Program Files\Avira\AntiVir Desktop\avguard.exe"

Start Mode: Auto

 

PID: 768

Service: Ati HotKey Poller

Displayed: Ati HotKey Poller

Image: C:\WINDOWS\system32\Ati2evxx.exe

Start Mode: Auto

 

PID: 988

Service: AudioSrv

Displayed: Windows Audio

Image: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Auto

 

PID: 988

Service: BITS

Displayed: Background Intelligent Transfer Service

Image: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Auto

 

PID: 2204

Service: CCALib8

Displayed: Canon Camera Access Library 8

Image: C:\Program Files\Canon\CAL\CALMAIN.exe

Start Mode: Auto

 

PID: 988

Service: CryptSvc

Displayed: Cryptographic Services

Image: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Auto

 

PID: 788

Service: DcomLaunch

Displayed: DCOM Server Process Launcher

Image: C:\WINDOWS\system32\svchost -k DcomLaunch

Start Mode: Auto

 

PID: 988

Service: Dhcp

Displayed: DHCP Client

Image: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Auto

 

PID: 1260

Service: Dnscache

Displayed: DNS Client

Image: C:\WINDOWS\system32\svchost.exe -k NetworkService

Start Mode: Auto

 

PID: 592

Service: Eventlog

Displayed: Event Log

Image: C:\WINDOWS\system32\services.exe

Start Mode: Auto

 

PID: 988

Service: EventSystem

Displayed: COM+ Event System

Image: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Manual

 

PID: 988

Service: FastUserSwitchingCompatibility

Displayed: Fast User Switching Compatibility

Image: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Manual

 

PID: 988

Service: helpsvc

Displayed: Help and Support

Image: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Auto

 

PID: 1148

Service: JavaQuickStarterService

Displayed: Java Quick Starter

Image: "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"

Start Mode: Auto

 

PID: 988

Service: lanmanserver

Displayed: Server

Image: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Auto

 

PID: 988

Service: lanmanworkstation

Displayed: Workstation

Image: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Auto

 

PID: 1312

Service: LmHosts

Displayed: TCP/IP NetBIOS Helper

Image: C:\WINDOWS\system32\svchost.exe -k LocalService

Start Mode: Auto

 

PID: 988

Service: Netman

Displayed: Network Connections

Image: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Manual

 

PID: 988

Service: Nla

Displayed: Network Location Awareness (NLA)

Image: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Manual

 

PID: 592

Service: PlugPlay

Displayed: Plug and Play

Image: C:\WINDOWS\system32\services.exe

Start Mode: Auto

 

PID: 604

Service: PolicyAgent

Displayed: IPSEC Services

Image: C:\WINDOWS\system32\lsass.exe

Start Mode: Auto

 

PID: 604

Service: ProtectedStorage

Displayed: Protected Storage

Image: C:\WINDOWS\system32\lsass.exe

Start Mode: Auto

 

PID: 988

Service: RasMan

Displayed: Remote Access Connection Manager

Image: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Manual

 

PID: 880

Service: RpcSs

Displayed: Remote Procedure Call (RPC)

Image: C:\WINDOWS\system32\svchost -k rpcss

Start Mode: Auto

 

PID: 604

Service: SamSs

Displayed: Security Accounts Manager

Image: C:\WINDOWS\system32\lsass.exe

Start Mode: Auto

 

PID: 988

Service: Schedule

Displayed: Task Scheduler

Image: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Auto

 

PID: 988

Service: seclogon

Displayed: Secondary Logon

Image: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Auto

 

PID: 988

Service: SENS

Displayed: System Event Notification

Image: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Auto

 

PID: 988

Service: ShellHWDetection

Displayed: Shell Hardware Detection

Image: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Auto

 

PID: 1456

Service: Spooler

Displayed: Print Spooler

Image: C:\WINDOWS\system32\spoolsv.exe

Start Mode: Auto

 

PID: 988

Service: srservice

Displayed: System Restore Service

Image: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Auto

 

PID: 1312

Service: SSDPSRV

Displayed: SSDP Discovery Service

Image: C:\WINDOWS\system32\svchost.exe -k LocalService

Start Mode: Manual

 

PID: 1424

Service: stisvc

Displayed: Windows Image Acquisition (WIA)

Image: C:\WINDOWS\system32\svchost.exe -k imgsvc

Start Mode: Auto

 

PID: 988

Service: TapiSrv

Displayed: Telephony

Image: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Manual

 

PID: 788

Service: TermService

Displayed: Terminal Services

Image: C:\WINDOWS\System32\svchost -k DComLaunch

Start Mode: Manual

 

PID: 988

Service: Themes

Displayed: Themes

Image: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Auto

 

PID: 988

Service: TrkWks

Displayed: Distributed Link Tracking Client

Image: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Auto

 

PID: 988

Service: W32Time

Displayed: Windows Time

Image: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Auto

 

PID: 1588

Service: WebClient

Displayed: WebClient

Image: C:\WINDOWS\system32\svchost.exe -k LocalService

Start Mode: Auto

 

PID: 948

Service: WinDefend

Displayed: Windows Defender

Image: "C:\Program Files\Windows Defender\MsMpEng.exe"

Start Mode: Auto

 

PID: 988

Service: winmgmt

Displayed: Windows Management Instrumentation

Image: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Auto

 

PID: 1384

Service: wltrysvc

Displayed: Broadcom Wireless LAN Tray Service

Image: C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe

Start Mode: Auto

 

PID: 988

Service: wuauserv

Displayed: Automatic Updates

Image: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Auto

 

PID: 1024

Service: WudfSvc

Displayed: Windows Driver Foundation - User-mode Driver Framework

Image: C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

Start Mode: Auto

 

PID: 988

Service: WZCSVC

Displayed: Wireless Zero Configuration

Image: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Auto

 

 

~~~Inactive Services Configuration~~~

 

Service: Alerter

Displayed: Alerter

Path: C:\WINDOWS\system32\svchost.exe -k LocalService

Start Mode: Disabled

 

Service: ALG

Displayed: Application Layer Gateway Service

Path: C:\WINDOWS\System32\alg.exe

Start Mode: Manual

 

Service: AppMgmt

Displayed: Application Management

Path: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Manual

 

Service: aspnet_state

Displayed: ASP.NET State Service

Path: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

Start Mode: Manual

 

Service: Browser

Displayed: Computer Browser

Path: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Auto

 

Service: CiSvc

Displayed: Indexing Service

Path: C:\WINDOWS\system32\cisvc.exe

Start Mode: Manual

 

Service: ClipSrv

Displayed: ClipBook

Path: C:\WINDOWS\system32\clipsrv.exe

Start Mode: Disabled

 

Service: clr_optimization_v2.0.50727_32

Displayed: .NET Runtime Optimization Service v2.0.50727_X86

Path: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

Start Mode: Manual

 

Service: COMSysApp

Displayed: COM+ System Application

Path: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

Start Mode: Manual

 

Service: dmadmin

Displayed: Logical Disk Manager Administrative Service

Path: C:\WINDOWS\System32\dmadmin.exe /com

Start Mode: Manual

 

Service: dmserver

Displayed: Logical Disk Manager

Path: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Manual

 

Service: Dot3svc

Displayed: Wired AutoConfig

Path: C:\WINDOWS\System32\svchost.exe -k dot3svc

Start Mode: Manual

 

Service: EapHost

Displayed: Extensible Authentication Protocol Service

Path: C:\WINDOWS\System32\svchost.exe -k eapsvcs

Start Mode: Manual

 

Service: ERSvc

Displayed: Error Reporting Service

Path: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Disabled

 

Service: FontCache3.0.0.0

Displayed: Windows Presentation Foundation Font Cache 3.0.0.0

Path: C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

Start Mode: Manual

 

Service: gusvc

Displayed: Google Updater Service

Path: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"

Start Mode: Manual

 

Service: HidServ

Displayed: Human Interface Device Access

Path: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Disabled

 

Service: hkmsvc

Displayed: Health Key and Certificate Management Service

Path: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Manual

 

Service: HTTPFilter

Displayed: HTTP SSL

Path: C:\WINDOWS\System32\svchost.exe -k HTTPFilter

Start Mode: Manual

 

Service: idsvc

Displayed: Windows CardSpace

Path: "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"

Start Mode: Manual

 

Service: ImapiService

Displayed: IMAPI CD-Burning COM Service

Path: C:\WINDOWS\system32\imapi.exe

Start Mode: Manual

 

Service: Messenger

Displayed: Messenger

Path: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Disabled

 

Service: Microsoft Office Groove Audit Service

Displayed: Microsoft Office Groove Audit Service

Path: "C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe"

Start Mode: Manual

 

Service: mnmsrvc

Displayed: NetMeeting Remote Desktop Sharing

Path: C:\WINDOWS\system32\mnmsrvc.exe

Start Mode: Disabled

 

Service: MSDTC

Displayed: Distributed Transaction Coordinator

Path: C:\WINDOWS\system32\msdtc.exe

Start Mode: Manual

 

Service: MSIServer

Displayed: Windows Installer

Path: C:\WINDOWS\system32\msiexec.exe /V

Start Mode: Manual

 

Service: napagent

Displayed: Network Access Protection Agent

Path: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Manual

 

Service: NetDDE

Displayed: Network DDE

Path: C:\WINDOWS\system32\netdde.exe

Start Mode: Disabled

 

Service: NetDDEdsdm

Displayed: Network DDE DSDM

Path: C:\WINDOWS\system32\netdde.exe

Start Mode: Disabled

 

Service: Netlogon

Displayed: Net Logon

Path: C:\WINDOWS\system32\lsass.exe

Start Mode: Manual

 

Service: NetTcpPortSharing

Displayed: Net.Tcp Port Sharing Service

Path: "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"

Start Mode: Disabled

 

Service: NtLmSsp

Displayed: NT LM Security Support Provider

Path: C:\WINDOWS\system32\lsass.exe

Start Mode: Disabled

 

Service: NtmsSvc

Displayed: Removable Storage

Path: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Manual

 

Service: odserv

Displayed: Microsoft Office Diagnostics Service

Path: "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"

Start Mode: Manual

 

Service: ose

Displayed: Office Source Engine

Path: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"

Start Mode: Manual

 

Service: RasAuto

Displayed: Remote Access Auto Connection Manager

Path: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Manual

 

Service: RDSessMgr

Displayed: Remote Desktop Help Session Manager

Path: C:\WINDOWS\system32\sessmgr.exe

Start Mode: Manual

 

Service: RemoteAccess

Displayed: Routing and Remote Access

Path: C:\WINDOWS\system32\svchost.exe -k netsvcs

Start Mode: Disabled

 

Service: RpcLocator

Displayed: Remote Procedure Call (RPC) Locator

Path: C:\WINDOWS\system32\locator.exe

Start Mode: Manual

 

Service: RSVP

Displayed: QoS RSVP

Path: C:\WINDOWS\system32\rsvp.exe

Start Mode: Manual

 

Service: SCardSvr

Displayed: Smart Card

Path: C:\WINDOWS\System32\SCardSvr.exe

Start Mode: Manual

 

Service: ServiceLayer

Displayed: ServiceLayer

Path: "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"

Start Mode: Manual

 

Service: SwPrv

Displayed: MS Software Shadow Copy Provider

Path: C:\WINDOWS\system32\dllhost.exe /Processid:{EF230E67-A0A3-411B-B781-2BC5E5E86C61}

Start Mode: Manual

 

Service: SysmonLog

Displayed: Performance Logs and Alerts

Path: C:\WINDOWS\system32\smlogsvc.exe

Start Mode: Disabled

 

Service: upnphost

Displayed: Universal Plug and Play Device Host

Path: C:\WINDOWS\system32\svchost.exe -k LocalService

Start Mode: Manual

 

Service: UPS

Displayed: Uninterruptible Power Supply

Path: C:\WINDOWS\System32\ups.exe

Start Mode: Manual

 

Service: VSS

Displayed: Volume Shadow Copy

Path: C:\WINDOWS\System32\vssvc.exe

Start Mode: Manual

 

Service: WmdmPmSN

Displayed: Portable Media Serial Number Service

Path: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Disabled

 

Service: WmiApSrv

Displayed: WMI Performance Adapter

Path: C:\WINDOWS\system32\wbem\wmiapsrv.exe

Start Mode: Manual

 

Service: WMPNetworkSvc

Displayed: Windows Media Player Network Sharing Service

Path: "C:\Program Files\Windows Media Player\WMPNetwk.exe"

Start Mode: Manual

 

Service: xmlprov

Displayed: Network Provisioning Service

Path: C:\WINDOWS\System32\svchost.exe -k netsvcs

Start Mode: Manual

 

 

~~~ svchost Export ~~~

 

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost

HTTPFilter REG_MULTI_SZ

HTTPFilter

LocalService REG_MULTI_SZ

Alerter

WebClient

LmHosts

RemoteRegistry

upnphost

SSDPSRV

NetworkService REG_MULTI_SZ

DnsCache

netsvcs REG_MULTI_SZ

6to4

AppMgmt

AudioSrv

Browser

CryptSvc

DMServer

DHCP

ERSvc

EventSystem

FastUserSwitchingCompatibility

HidServ

Ias

Iprip

Irmon

LanmanServer

LanmanWorkstation

Messenger

Netman

Nla

Ntmssvc

NWCWorkstation

Nwsapagent

Rasauto

Rasman

Remoteaccess

Schedule

Seclogon

SENS

Sharedaccess

SRService

Tapisrv

Themes

TrkWks

W32Time

WZCSVC

Wmi

WmdmPmSp

winmgmt

wscsvc

xmlprov

BITS

wuauserv

ShellHWDetection

helpsvc

WmdmPmSN

napagent

hkmsvc

DcomLaunch REG_MULTI_SZ

DcomLaunch

TermService

rpcss REG_MULTI_SZ

RpcSs

imgsvc REG_MULTI_SZ

StiSvc

termsvcs REG_MULTI_SZ

TermService

WudfServiceGroup REG_MULTI_SZ

WUDFSvc

eapsvcs REG_MULTI_SZ

eaphost

dot3svc REG_MULTI_SZ

dot3svc

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\DComLaunch

CoInitializeSecurityParam REG_DWORD 0x1

DefaultRpcStackSize REG_DWORD 0x8

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\dot3svc

AuthenticationCapabilities REG_DWORD 0x3020

CoInitializeSecurityParam REG_DWORD 0x1

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\eapsvcs

AuthenticationCapabilities REG_DWORD 0x3020

CoInitializeSecurityParam REG_DWORD 0x1

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\HTTPFilter

CoInitializeSecurityParam REG_DWORD 0x1

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalService

CoInitializeSecurityParam REG_DWORD 0x1

AuthenticationCapabilities REG_DWORD 0x2000

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\netsvcs

CoInitializeSecurityParam REG_DWORD 0x1

AuthenticationCapabilities REG_DWORD 0x3020

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\PCHealth

CoInitializeSecurityParam REG_DWORD 0x2

AuthenticationCapabilities REG_DWORD 0x40

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs

CoInitializeSecurityParam REG_DWORD 0x1

DefaultRpcStackSize REG_DWORD 0x8

 

~~~End of Report~~~

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

Click here to Read Amazon Reviews!



×