spoolsv exe Results


Page 1 of 2.
Results 1...20 of 30

Sponsored Links:



I know that there are tons of sites about the problem with spoolsv.exe errors, but none of the people out there seemed to have the same situation as me...

For some time now, I've been encountering some strange behavior of my system.I use the standard Win7 wi-fi connection manager. When I launch the system, the wi-fi card gets connected to the router and I can browse the Internet. However, the icon of the manager shows the signal strength bars with a blue circle (the circle that indicates loading sth everywhere else in Windows) which usually tells me that it is still connecting to the network. The circle doesn't spin, it's just stuck. Clicking on the icon doesn't bring up the available network list, so it just doesn't respond.

Also, the system cannot play sounds. Well, it surely cannot play sound from the Internet, like Grooveshark or Youtube. Music on Grooveshark doesn't even start, Youtube videos go silent. Actually I haven't tested if it cannot play sth e.g. from iTunes, but one time when I wanted to restart the computer short after startup, it showed that explorer is not responding, with the task "playing the log out tune" currently being performed, so maybe the same thing with "offline" sounds...

Then, after some time (usually it's 10-20 minutes after the I turn on the computer) a notification window is shown telling me that a program needs my action and when I accept it, the message appears about C:WindowsSystem32spoolsv.exe experiencing a runtime error and requesting the Runtime to terminate it, or sth like this - so just the standard spoolsv.exe error message. And then... voila! The wi-fi icon shows just plain signal strtength bars and responds to my actions, and I can play sounds.

The information that I use a Lexmark X4975 wi-fi printer might be of some significance. I don't remember now exactly (and don't have any way to check it) but I'm nearly sure that the situation with the printer is quite similar - before the error I can't use it, and after - I can.

What might be the cause of all this and how to fix it? I just don't want to waste 20 min every time I turn the computer on...

EDIT !!!: Just now, I had another case of the problem, probably the largest in scale: as I turned my computer on, I couldn't run certain programs (iTunes, WMP, but also Windows Desktop Gadgets, Windows Anytime Upgrade and some other services from the Control Panel). However, I was able to listen to music over the Internet...Then after - again - sth like 20 minutes of work, the error popped up, and all the apps I launched before and that didn't actually open, appeared all at once!It certainly has sth to do with the spoolsv error, but there might be some other problems involved...This is no good, people.




Fixes an issue that occurs when you connect to more than 200 network printers that are hosted on a printer server from a computer that is running Windows 7 or Windows Server 2008 R2. When this issue occurs, the Spoolsv.exe process stops responding.

More...




Though testing the new service pack, we've discovered a problem with the Service Pack 3 of Access 2003 on Windows XP Service Pack 2.

If you run the code below, it will hang with the program Spoolsv.exe running at 100% on the line with "Application.Printers":

We've also found that it doesn't create clean compiled .mde's. Has anyone else had similar problems?

Sub asas()
On Error GoTo Err_Form_Open

Dim Prt As Printer
Dim sDefault As String

sDefault = Application.Printer.DeviceName
MsgBox Application.Printers.Count
For Each Prt In Application.Printers
Next Prt

Exit_Form_Open:
Set Prt = Nothing
Exit Sub

Err_Form_Open:
MsgBox Err.Description, vbCritical + vbDefaultButton1 + vbOKOnly, "Form - Sub Form_Open"
Resume Exit_Form_Open

End Sub




When you start the PC and check tasks, spoolsv.exe is using 6-7000 kb of memory but is ever increasing. If the machine is left alone, after time, it then runs out of virtual memory and this process is using 337 mg or all available memory. I have checked the microsoft site, they do acknowledge this error, but say to call their help desk.

I have installed all current critical updates, run Norton anti-virus, connected and disconnect to our network. This machine did have the Welchia worm, which was removed using the tool for it.




This may be more detail than your require, given certain purchases are
already made, however you should review this and ensure that all your
purchases were correct.

What should one do?
First, make sure everything you buy conforms to the dominant wireless
standard known as 802.11b, or Wi-Fi (short for wireless fidelity). That way
you can mix brands, operating systems, even network a Mac to a Windows PC and
everything should still work together.
There are two new, faster versions of Wi-Fi: 802.11a and 802.11g. "A" is for
business use; "g" is for the home. Both bump networking speeds up from 11
megabits per second to 54 mbps. But unless you're moving around big video
files or sharing other graphics-rich multimedia applications, "b" will be
more than sufficient. If you still want "g," wait until the standard has been
officially ratified this summer.
The heart of your network will be a wireless access point and the Internet
Access or preferably one device that does both called a router, acting as
Wireless Access Point and cable or DSL modem and Network Switch. The
two-in-one units, available from Linksys, D-Link, Netgear and others, start
at about $100; with a few Ethernet ports and USB port too, so you can connect
to PCs using a standard Ethernet cable or USB cable.
To establish a wireless connection between a desktop PC and the wireless
router, you need a USB or Ethernet Cable.
To connect a notebook PC, you'll need a wireless PC card. If new notebooks
have Wi-Fi capabilities built in. Notebooks with Intel's new Centrino chip,
for example, are Wi-Fi-enabled.
Note that 802.11g is backwards compatible with 802.11b — meaning a laptop
with a "g" card will talk to a "b" router, albeit at the slower speed — but
802.11a is not. If your office installs an 802.11a network, get a dual-band
wireless PC card for your laptop so that it can connect both at home and at
work.
Make sure that the software that comes with your gear will walk you through
the installation. The steps will vary slightly, depending on each computer's
operating system. The older the OS, the trickier it can be; Windows XP is
designed to detect and configure a PC card to talk to an existing network.
Before you start, gather the following information:
• your broadband connection's IP address, e.g., 123.43.2.1
• subnet mask, e.g., 255.255.122.0
• default gateway e.g., 192.168.0.2
• DNS IP addresses e.g., 123.123.123.1
You can get these things from your Internet provider; your customer-service
rep will know what you're talking about (or you can find this using the
Properties tab, under Network Connections). Each is just a series of numbers
(e.g., 123.43.2.1) that you'll be prompted to plug in during setup. (If your
provider supports a protocol called DHCP, your router should retrieve these
settings automatically when you plug it in.)
You may also be asked to choose an SSID (service set identifier) I recommend
that you do not accept the default setting as anyone nearby with a wireless
device can also use your internet access. Set your SSID to a meaningful name
use your Business Name. For work-group name use ‘Wireless’ and a wireless
channel select from 1 – 11, I recommend you use a higher channel as default
settings usually select the lower end. Keep these consistent for all of your
machines.
Security
For additional security you can and should use Wired Equivalent Privacy
(WEP) algorithm: and set this at 64bit: you can then choose a combination of
10 hexadecimal characters [0-9 + A-F], again for this may I recommend you
select your mobile phone number as it is 10 characters long and not known to
all your neighbours.
Additionally you can set the Access Point to only allow access to specific
units, where you would enter their MAC address, again a series of Hex
numbers, usually found on the Wireless Card plugged into the Laptops or other
desktop PCs.

" wrote:

Can anyone offer a suggestion?

I want to use the XP Home machine in a home network w/ a laptop w/ XPH over
a wireless network. The wireless is ok - the laptop accesses the internet
over the router - can't get the desktop to configure - When I use the wizard
- I get this error:

Dialog box says:
szAppName : SPOOLSV.EXE szAppVer : 5.1.2600.0 szModName : ntdll.dll
szModVer : 5.1.2600.1217

Info box says:
C:DOCUME~1RICHAR~1LOCALS~1TempWERAF.tmp.dir00 spoolsv.exe.mdmp
C:DOCUME~1RICHAR~1LOCALS~1TempWERAF.tmp.dir00 appcompat.txt offset :
0002c32b




We have Word 97 installed on Wndows 2000, running on Novell Netware v 8.1. When some users try to print from Word, they receive an error that spoolsv.exe has generated an error. This is when you are printing to an NDPS printer, yet it isn't every printer or all users. Seems to be documents with images mostly. We ran a fix from Novell for the sv.exe, which corrected that error, but now it says the printer is timing out.. can't print to network device, cancel or retry.

Any ideas??




I have an unusual problem. There's this user who's mouse from time to time acts up and does wacky stuff. It'll jump around her screen or seem to select things when she's not using it. Her Windows XP SP3 workstation has been scanned repeatedly for virus and malware, none found. I've reinstalled the mouse drivers several times, no luck. Most of the time we can get it back under control by unplugging and then replugged in her mouse. Or rebooting. I've tried replacing her mouse (an optical mouse) and even tried a wireless mouse. No difference. I tried different USB ports. Nada.

So earlier this afternoon same call. Mouse gone wild. She rebooted but it didn't help. I went in and did the unplug/plug. No change. I switched her to a different mouse. Same effect. It was almost time for her to go home so she did. After she left I unplugged the mouse entirely to get the cursor to stop its bad behavior but the, strangely enough, the behavior continued even with the mouse unplugged! Analyzing the machine remotely I disabled the mouse drivers and reboot. The problem was still there!

That's when I saw the spoolsv.exe process was eating up 50% of the processor, even though nothing was going on and the machine had just been reboot. I disabled the print spooler and reboot. On reboot the wacky behavior was gone.

I next used msconfig to disable everything in startup, re-enabled the print spooler, and reboot. I hoped there was something in the startup effecting the spoolsv. On reboot the problem was back so I guess I can rule that out.

I tried reinstalling the mouse drivers and restarting the computer with the print spooler disabled but was still having difficulty, though not as wacky as before. Still bad enough to make the computer useable.

I'm so tired. I don't have a replacement machine for her to use tomorrow. I'll try to get up o-dark 30 and try again when I'm more awake. Suggestions on what this might be or how to go about troubleshooting it?




I'm running Windows 2000, Zone Alarm ... spoolsv.exe keeps asking for internet access. Spooling is turned off. The printer is local to one computer ... not shared on the network. So why does spoolsv need to access the internet? Any ideas? I have it blocked by Zone Alarm, and I don't see any problems with it being blocked ... But ... why?

Al




I am getting a 1053 error when I try to start the Printer Spooler error, Win 7 Ultimate. The only dependencies it has are HTTP and RPCSS which are running. I have tried:
-Deleting the files in "Printers" and "Drivers" under the spool folder in System32
-Clearing out any 3rd party printers in the registry
- Confirming proper settings for the spool service registry key
- Removed all printers under "Devices and Printers"
- Uninstalled all 3rd party printing software
- Replaced spoolsv.exe and the spool dll file with the one on the installation disc

I am out of ideas. It was working fine and printing fine until it just stopped. I had 2 HP Printers, a Brother Printer, CUTE pdf printer, Logmein virtual printer and Office onenote printer installed but they are all deleted now.




Hi, I have recently adquired a new Dell laptop with Core 2 processor and Windows 7 Home Edition (64 bits) installed from factory. I have this problem: I can not add any printer to the system, because when I try to do it the following message: "Windows can not open Add printer. The local print spooler service is not running. Restart the administrator or the system".
Trying to being smart and not to bother you guys with an already known way to solve the problem I have search a lot of forum in where I found a lot of persons with the exactly same problem. The solutions that other persons gave to the problem does NOT work in my case. I mention here the principal ones:
1) Use "Fix it" tool from Microsoft

Does not work, the tool can not restart the printer spooler service.

2) Go to the Control Panel -> Services ( or, equivalent, Execute: service.msc) and check that Spooler Service is running, if it is not: make it start and check
"automatically"

The service "Print Spooler" IS NOT IN THE LIST OF SERVICE SO IT IS COMPLETY MISSING!!

Going futher, I saw a post of other forum (Print Spooler Service is missing) in where a guy suggest to modify the registry so to fix the problem of the missing service and gives a complete list of modifications. Before doing that attemp I check that all the fields in my registry differ in some way of the modification suggested and I see that my registry seems to be fine. So I DO NOT modify my registry, because of the reason explained and because modifying registry is a risky task.

3) Some post from forums suggest to Execute: "net stop spooler" and then "net start spooler"
Does not either

4) Of course, I have checked that spoolsv.exe exists, and yes is a real file located on Windowssystem32 folder.

So, in this way I am completly lost, out of idea, blank, zero inspiration, nada, nothing to say.




So i play CA (Combat arms, a first person shooter) at around 30-50 frames per second.
sometimes with tweaks i can get to around 43-57 consistent frames per second.
I CAN PROVIDE MORE INFO IF YOU ASK.
--------------------------------------------------------------
3 Incidents:THE MAIN TOPIC OF THIS PROBLEM
On three different computer i have had One moment of insane and godly frames per second around 300-400frames per second

-First time was on my macbook(Dual core 2.6ish GHz /Nvidia, 256 dedicated RAM/ 4GB RAM/)
I installed bootcamp and after a year or so of consistent lagging around 60 frames per second i was lagging in combat arms more , so i reinstalled my Nvidia graphics driver
After i reinstalled i was able to play CA On full graphics Anti-asling x8 anisotropy x8
overall settings high, and still run at around 200+ frames per second
On CA, fallout 3 new vegas, and some others.
As soon as i restarted my laptop it was back to same old laggy 50-60 frames per second.

-On a Metal laptop I had (for like 3 months before i discovered that buzzing feeling was the comp shocking me for those months)I was playing and randomly one night it started running at insane frames per second, i dont remember too much but it was fallout 3 on low then, full graphics.

And most recent on my current AMD quad core:
I was playing laggy games around 20-30 frames per second with lots of freezes.
I reinstalled my graphics drivers and instantly my games were running full graphics and the insane 200-300 frames per second.
Now currently I am running at 30-50 frames per second with rarely any freezes.

--------------------------------------------------------------------------------
MY current laptop: CA 25-55 frames per second
Gateway - Windows 7 home premium 64 BIT
AMD Quadcore 1.5Ghz A8-3500m
4GB RAM DDR3, I did have 6GB but i gave 2GB to my Brother, it only caused me to be at current lower -10 frames per second.
640GB HardDrive space
AMD 6620G, 512 dedicated ram.
1366 x 768 and my VGA Display 1360 x 768.

Macbook/bootcamp:CA 30-80 frames per second
Windows 7 Ultimate 64Bit
dual core 2.6ish GHz
256 dedicated RAM
6GB RAM
250HD space
Gamebooster report has more info

Programs & settings I use
-------------------------------------------------------------------------
- I sometimes use Gamebooster which gives me +5-10fps
- I also have been trying recently the
windows media player booster program with no signs of fps gain.
- I have fully updated windows 7
- I just now reinstalled my graphics driver with no improvement.
- I reinstalled CA alot and do gain too around consistent 50-65 frames per second frames per second for like 3 days.
-I used overdrive for month and it hurt my comp
It did not boost me and it caused my games to jitter and screech, it also caused my laptop to have other erratic problems
(I even set it to run at just over 100% CPU and had same effects)
I run on the lowest graphics on CA and AMD AMD is set to no v-sync, no antiasling, no anisotropy no triple buffer, and such with 30-50 frames still.
- I have tried in lower resolution screens with only small 10 frames per second.
- I have defragged.

Ideas
-------------------------------------------------------------------------
-On the macbook and this AMD quad core i had been playing for over 10 hours
one person told me it takes times for the comp to heat up and then it will run faster
(Problem is I play around 14 hours per day, and it does get faster but only up to around +10 frames and MUCH faster loading speeds)
If this is true, then how could i implement this and keep my comp in correct temperature.
(I have a fan and when i rarely have used it I think it slows my comp down)

-MY CPUs on this quad core never go above 25%
my GPU according to system monitor Gets maxed out during current CA gameplay
Maybe i can somehow get my comp to use my CPUs instead of my GPU?

-I heard the having 3D vision installed on the Nvidia computers sometimes lags people up so i made sure to disable featues like that when i reinstalled, but im not sure if i disabled anything, maybe you know of some feature i should disable.

I think it was prob some feature/setting not being installed with my drivers.
or some setting put in by windows the the AMD/Nvidia driver messed with.
(maybe reinstalling cleared a cache that lags me)

Why it cant be some things.
----------------------------------------------------------------
-I was not running game booster or any program like that.
-I was not running on low graphics i was running on max, after i saw that i was running so fast on low graphics, in attempt to sea how much it could handle.
I had no overdrive.
-I did no hardware changes at all within at least 1-2 months of the 3 incidents.
(probably longer like 1 year)
-I have reinstalled my windows 7 comp and instantly installed CA and then played it with only consistent 50-60 frames.
-Its not CA because i have tried reinstalling and then not installing CA and still ran slow on fallout 3, and even Runescape.
-I have played on no page file, and on 7GB page file
-I have tried turning off themes, running gamebooster, defragging. and it is pretty smooth but still a measly 43-60 frames per second.
-I was playing On 1280 X 800 res during incident.
I defragment.
-------------------------------------------------------------------------------
Current game speeds
AMD
Skyrim 30-40frames per second
-------------------------------------------------------------------------------
None of the weak fixes are what im after im after those moments of pure..........insanity...
Where i had 300-400 frames per second.
but maybe a weak fix will be all i need to tide it over.

I got 10 headshots in a row easily on CA where 10 headshots in a row is as rare as winning lottery.

I dont want to post this and watch it get ignored like most forums.

I know its possible because it happened to me three times, and on this AMD laptop.

I dont think this is a gaming topic because its about graphics, not a specific game.

It also effected the rest of my system at least a little, that i could load games and such faster.

This is unrelated to this problem but im thinking about buying a 8GB RAM stick for my laptop i just want to know how much would that help. My teacher said that upgrading the ram will speed up my computer ALOT. (RAM is Cheap and yet expensive, I need a cheap 8GB high quality stick, newegg.com said $45 and at Freys instore it was like $25ish, but its like 100miles away now)

I have my CISCO IT essentials so i can easily handle windows tasks and i already have used MANY different tweaks of Regitry, and other system tweaks.

---------------------------------------------------------------------------------

----------G----A---M----E---B----O---O---S---T--E----R--------------------

-----------------------R----E----P----O---R---T----------------------------------

Game Booster Diagnose Report v1.0
Version: 3.5.0.1526
Date: 2012/06/26 08:08:20

----------------------------------
01 - Operating System
----------------------------------

0101 - Operating System : Windows 7 Home Premium 64-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_gdr.120503-2030)
0102 - Language : English (Regional Setting: English)
0103 - BIOS : InsydeH2O Version CCB.03.61.13V1.04
0104 - Processor : AMD A8-3500M APU with Radeon(tm) HD Graphics (4 CPUs), ~1.5GHz
0105 - Memory : 4096MB RAM
0106 - Available OS Memory : 3562MB RAM
0107 - Page File : 1603MB used, 5520MB available
0108 - Windows Dir : C:Windows
0109 - DirectX Version : DirectX 11
0110 - DX Setup Parameters : Not found
0111 - User DPI Setting : 96 DPI (100 percent)
0112 - System DPI Setting : 96 DPI (100 percent)
0113 - DWM DPI Scaling : Disabled
0114 - DxDiag Version : 6.01.7601.17514

----------------------------------
02 - Processor
----------------------------------

0201 - Caption : AMD A8-3500M APU with Radeon(tm) HD Graphics x4 ~1500MHz
0202 - Current Clock Speed : 1500MHz
0203 - L1 Cache : 512.00 KB
0204 - L2 Cache : 4.00 MB

----------------------------------
03 - Video Adapter
----------------------------------

0301 - Card Name : AMD Radeon HD 6620G
0302 - Manufacturer : Advanced Micro Devices, Inc.
0303 - Chip Type : ATI display adapter (0x9641)
0304 - DAC Type : Internal DAC(400MHz)
0305 - Device Key : EnumPCIVEN_1002&DEV_9641&SUBSYS_05991025&REV_00
0306 - Display Memory : 2022 MB
0307 - AdapterRAM : 512.00 MB
0308 - Current Mode : 1360 x 768 (32 bit) (60Hz)
0309 - Monitor Name : Generic PnP Monitor
0310 - Driver Name : aticfx64.dll,aticfx64.dll,aticfx64.dll,aticfx32,aticfx32,aticfx32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64.dll
0311 - Driver Version : 8.17.0010.1124
0312 - Driver Language : English
0313 - DDI Version : 11
0314 - Driver Model : WDDM 1.1
0315 - Driver Beta : False
0316 - Driver Debug : False
0317 - Driver Date : 4/5/2012 19:20:04
0318 - Driver Size : 1067520
0319 - VDD : n/a
0320 - Mini VDD : n/a
0321 - Mini VDD Date : n/a
0322 - Mini VDD Size : 0
0323 - Device Identifier : {D7B71EE2-D501-11CF-F177-9325BEC2C535}
0324 - Vendor ID : 0x1002
0325 - Device ID : 0x9641
0326 - SubSys ID : 0x05991025
0327 - Revision ID : 0x0000
0328 - Driver Strong Name : oem25.inf:ATI.Mfg.NTamd64.6.1:ati2mtag_Sumo_Mobile:8.961.0.0civen_1002&dev_9641
0329 - Rank Of Driver : 00E62001
0330 - Video Accel : ModeMPEG2_A ModeMPEG2_C
0331 - Deinterlace Caps : {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{3C5323C1-6FB7-44F5-9081-056BF2EE449D}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{552C0DAD-CCBC-420B-83C8-74943CF9F1A6}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
0332 - D3D9 Overlay : Not Supported
0333 - DXVA-HD : Not Supported
0334 - DDraw Status : Enabled
0335 - D3D Status : Enabled
0336 - AGP Status : Enabled
0337 - Notes : No problems found.

0338 - OpenGL : 6.1.7600.16385 (win7_rtm.090713-1255)

----------------------------------
04 - Memory
----------------------------------

0401 - Total Memory : 3.48 GB
0402 - Free Memory : 2.21 GB
0403 - Total Pagefile : 6.96 GB
0404 - Free Pagefile : 5.39 GB

0405 - Bank Label : BANK0
0406 - Speed : 1066 MHz
0407 - Total Width : 64 Bits
0408 - Capacity : 2.00 GB

0405 - Bank Label : BANK0
0406 - Speed : 1066 MHz
0407 - Total Width : 64 Bits
0408 - Capacity : 2.00 GB

----------------------------------
05 - Network
----------------------------------

0501 - Description : Broadcom NetLink (TM) Gigabit Ethernet
0502 - Driver Date : 5-10-2011
0503 - Driver Version : 14.8.0.5

----------------------------------
06 - Motherboard
----------------------------------

0601 - Model : SJV50-SB
0602 - Manufacturer : Gateway

----------------------------------
07 - Sound Device
----------------------------------

0701 - Description : Speakers (Realtek High Definition Audio)
0702 - Default Sound Playback : True
0703 - Default Voice Playback : True
0704 - Hardware ID : HDAUDIOFUNC_01&VEN_10EC&DEV_0269&SUBSYS_10250599&REV_1001
0705 - Manufacturer ID : 1
0706 - Product ID : 100
0707 - Type : WDM
0708 - Driver Name : RTKVHD64.sys
0709 - Driver Version : 6.00.0001.6602
0710 - Driver attributes : Final Retail
0711 - Date and Size : 3/27/2012 17:03:36
0713 - Driver Provider : Realtek Semiconductor Corp.
0714 - Min/Max Sample Rate : 5374206, 5374206
0715 - Static/Strm HW Mix Bufs : 5374206, 5374206
0716 - Static/Strm HW 3D Bufs : 5374206, 5374206
0717 - HW Memory : 5374214
0718 - Voice Management : False
0719 - EAX(tm) 2.0 Listen/Src : False, False
0720 - I3DL2(tm) Listen/Src : False, False
0721 - Notes : No problems found.

----------------------------------
08 - Hard Disk
----------------------------------

0801 - Model : TOSHIBA MK6459GSXP ATA Device
0802 - Media Type : Fixed hard disk media
0803 - Size : 596.17 GB
0804 - Interface Type : Serial ATA
0805 - Driver Date : 6-21-2006
0806 - Driver Version : 6.1.7600.16385

0807 - Caption : C:
0808 - Capacity : 578.07 GB
0809 - Free Space : 256.63 GB
0810 - Drive Type : 3-Fixed
0811 - File System : NTFS

----------------------------------
09 - Process
----------------------------------

0901 - 000 Idle 0 0 0
0901 - 004 System 0 0 0
0901 - 114 smss.exe 0 0 0 normal
0901 - 1e4 csrss.exe 0 0 0 normal
0901 - 22c wininit.exe 0 0 0 high
0901 - 270 services.exe 0 0 0 normal
0901 - 280 lsass.exe 0 0 0 normal
0901 - 288 lsm.exe 0 0 0 normal
0901 - 320 svchost.exe 0 0 0 normal
0901 - 370 svchost.exe 0 0 0 normal
0901 - 3f4 svchost.exe 0 0 0 normal
0901 - 1b8 svchost.exe 0 0 0 normal
0901 - 1e8 svchost.exe 0 0 0 normal
0901 - 418 svchost.exe 0 0 0 normal
0901 - 4d4 svchost.exe 0 0 0 normal
0901 - 5d4 svchost.exe 0 0 0 normal
0901 - 648 dsiwmis.exe 0 0 0 normal C:Program Files (x86)Launch Manager
0901 - 684 ePowerSvc.exe 0 0 0 normal
0901 - 6a4 svchost.exe 0 0 0 normal
0901 - 878 svchost.exe 0 0 0 normal
0901 - ab4 svchost.exe 0 0 0 normal
0901 - c44 dllhost.exe 0 0 0 normal
0901 - d4c svchost.exe 0 0 0 normal
0901 - ec4 spoolsv.exe 0 0 0 normal
0901 - f14 csrss.exe 2 170 78 normal
0901 - c88 winlogon.exe 2 6 0 high
0901 - f74 LMutilps32.exe 2 14 4 normal C:Program Files (x86)Launch Manager
0901 - a5c taskhost.exe 2 21 15 normal
0901 - 658 dwm.exe 2 19 2 high
0901 - 8e4 explorer.exe 2 341 239 normal
0901 - dbc RAVCpl64.exe 2 54 19 normal
0901 - d04 PresentationFontCache.exe 0 0 0 normal
0901 - 9b4 taskhost.exe 2 14 4 normal
0901 - e98 atiesrxx.exe 0 0 0 normal
0901 - 9dc atieclxx.exe 2 9 7 normal
0901 - c04 Fuel.Service.exe 0 0 0 normal
0901 - 824 MOM.exe 2 10 9 normal
0901 - 840 CCC.exe 2 73 61 normal
0901 - 568 firefox.exe 2 66 58 normal C:Program Files (x86)Mozilla Firefox
0901 - 3d4 plugin-container.exe 2 33 38 normal C:Program Files (x86)Mozilla Firefox
0901 - 9e8 GameBooster.exe 2 1597 95 normal C:Program Files (x86)IObitGame Booster 3
0901 - 9a4 gbtray.exe 2 54 43 normal C:Program Files (x86)IObitGame Booster 3
0901 - e60 FPSClient.exe 2 35 27 normal C:Program Files (x86)IObitGame Booster 3
0901 - 11c WmiPrvSE.exe 0 0 0 normal
0901 - e40 WmiPrvSE.exe 0 0 0 normal
0901 - d00 audiodg.exe 0 0 0

----------------------------------
10 - Service
----------------------------------

1001 - Application Experience - [C:Windowssystem32svchost.exe -k netsvcs]
1001 - AMD External Events Utility - [C:Windowssystem32atiesrxx.exe]
1001 - Windows Audio Endpoint Builder - [C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted]
1001 - Windows Audio - [C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted]
1001 - Base Filtering Engine - [C:Windowssystem32svchost.exe -k LocalServiceNoNetwork]
1001 - Background Intelligent Transfer Service - [C:WindowsSystem32svchost.exe -k netsvcs]
1001 - Computer Browser - [C:WindowsSystem32svchost.exe -k netsvcs]
1001 - Cryptographic Services - [C:Windowssystem32svchost.exe -k NetworkService]
1001 - DHCP Client - [C:Windowssystem32svchost.exe -k LocalServiceNetworkRestricted]
1001 - DNS Client - [C:Windowssystem32svchost.exe -k NetworkService]
1001 - Dritek WMI Service - [C:Program Files (x86)Launch Managerdsiwmis.exe]
1001 - Extensible Authentication Protocol - [C:WindowsSystem32svchost.exe -k netsvcs]
1001 - ePower Service - [C:Program FilesGatewayGateway Power ManagementePowerSvc.exe]
1001 - Windows Event Log - [C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted]
1001 - COM+ Event System - [C:Windowssystem32svchost.exe -k LocalService]
1001 - Function Discovery Provider Host - [C:Windowssystem32svchost.exe -k LocalService]
1001 - Function Discovery Resource Publication - [C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation]
1001 - Windows Font Cache Service - [C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation]
1001 - Windows Presentation Foundation Font Cache 3.0.0.0 - [C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe]
1001 - Human Interface Device Access - [C:Windowssystem32svchost.exe -k LocalSystemNetworkRestricted]
1001 - HomeGroup Listener - [C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted]
1001 - HomeGroup Provider - [C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted]
1001 - IKE and AuthIP IPsec Keying Modules - [C:Windowssystem32svchost.exe -k netsvcs]
1001 - IP Helper - [C:WindowsSystem32svchost.exe -k NetSvcs]
1001 - CNG Key Isolation - [C:Windowssystem32lsass.exe]
1001 - Server - [C:Windowssystem32svchost.exe -k netsvcs]
1001 - Workstation - [C:WindowsSystem32svchost.exe -k NetworkService]
1001 - TCP/IP NetBIOS Helper - [C:Windowssystem32svchost.exe -k LocalServiceNetworkRestricted]
1001 - Windows Firewall - [C:Windowssystem32svchost.exe -k LocalServiceNoNetwork]
1001 - Network Connections - [C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted]
1001 - Network List Service - [C:WindowsSystem32svchost.exe -k LocalService]
1001 - Network Location Awareness - [C:WindowsSystem32svchost.exe -k NetworkService]
1001 - Network Store Interface Service - [C:Windowssystem32svchost.exe -k LocalService]
1001 - Peer Networking Identity Manager - [C:WindowsSystem32svchost.exe -k LocalServicePeerNet]
1001 - Peer Networking Grouping - [C:WindowsSystem32svchost.exe -k LocalServicePeerNet]
1001 - Program Compatibility Assistant Service - [C:Windowssystem32svchost.exe -k LocalSystemNetworkRestricted]
1001 - Plug and Play - [C:Windowssystem32svchost.exe -k DcomLaunch]
1001 - Peer Name Resolution Protocol - [C:WindowsSystem32svchost.exe -k LocalServicePeerNet]
1001 - IPsec Policy Agent - [C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted]
1001 - Power - [C:Windowssystem32svchost.exe -k DcomLaunch]
1001 - User Profile Service - [C:Windowssystem32svchost.exe -k netsvcs]
1001 - Security Accounts Manager - [C:Windowssystem32lsass.exe]
1001 - System Event Notification Service - [C:Windowssystem32svchost.exe -k netsvcs]
1001 - Shell Hardware Detection - [C:WindowsSystem32svchost.exe -k netsvcs]
1001 - Print Spooler - [C:WindowsSystem32spoolsv.exe]
1001 - SSDP Discovery - [C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation]
1001 - Superfetch - [C:Windowssystem32svchost.exe -k LocalSystemNetworkRestricted]
1001 - Themes - [C:WindowsSystem32svchost.exe -k netsvcs]
1001 - Distributed Link Tracking Client - [C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted]
1001 - Desktop Window Manager Session Manager - [C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted]
1001 - Windows Defender - [C:WindowsSystem32svchost.exe -k secsvcs]
1001 - Windows Management Instrumentation - [C:Windowssystem32svchost.exe -k netsvcs]
1001 - WLAN AutoConfig - [C:Windowssystem32svchost.exe -k LocalSystemNetworkRestricted]
1001 - Security Center - [C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted]
1001 - Windows Update - [C:Windowssystem32svchost.exe -k netsvcs]
1001 - Windows Driver Foundation - User-mode Driver Framework - [C:Windowssystem32svchost.exe -k LocalSystemNetworkRestricted]
1001 - AMD FUEL Service - [C:Program FilesATI TechnologiesATI.ACEFuelFuel.Service.exe /launchService]

----------------------------------
11 - Windows Express
----------------------------------

1101 - System Score : 5.9
1102 - Memory Score : 5.9
1103 - CPU Score : 6.6
1104 - Graphics Score : 5.9
1105 - Gaming Score : 6.5
1106 - Disk Score : 5.9

----------------------------------
12 - Event Log
----------------------------------

1201 - Time : 6/26/2012 8:48:55 PM
1202 - Source : WinMgmt
1203 - Description : Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

1201 - Time : 6/26/2012 8:30:04 PM
1202 - Source : Application Hang
1203 - Description : The program explorer.exe version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: fd4
Start Time: 01cd53064db9af16
Termination Time: 0
Application Path: C:Windowsexplorer.exe
Report Id: 9b95fa7e-bf8a-11e1-876f-b870f4b31d76

1201 - Time : 6/26/2012 12:53:55 AM
1202 - Source : Application Error
1203 - Description : Faulting application name: WLXPhotoGallery.exe, version: 15.4.3555.308, time stamp: 0x4f596a69
Faulting module name: atidxx32.dll, version: 8.17.10.342, time stamp: 0x4dddd162
Exception code: 0xc0000005
Fault offset: 0x0000e2a4
Faulting process id: 0x8e0
Faulting application start time: 0x01cd52f315cd647f
Faulting application path: C:Program Files (x86)Windows LivePhoto GalleryWLXPhotoGallery.exe
Faulting module path: C:Windowssystem32atidxx32.dll
Report Id: 592a60dc-bee6-11e1-876f-b870f4b31d76

1201 - Time : 6/25/2012 9:31:57 PM
1202 - Source : Application Error
1203 - Description : Faulting application name: Engine.exe, version: 0.0.0.0, time stamp: 0x4fd800ca
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc00000fd
Fault offset: 0x73bee2d4
Faulting process id: 0xf08
Faulting application start time: 0x01cd52d449c626a7
Faulting application path: C:NexonCombat ArmsEngine.exe
Faulting module path: unknown
Report Id: 225568f9-beca-11e1-876f-b870f4b31d76

1201 - Time : 6/25/2012 12:44:43 PM
1202 - Source : WinMgmt
1203 - Description : Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

1201 - Time : 6/26/2012 10:44:08 PM
1202 - Source : Service Control Manager
1203 - Description : The AMD External Events Utility service terminated unexpectedly. It has done this 1 time(s).

1201 - Time : 6/26/2012 8:47:39 PM
1202 - Source : Service Control Manager
1203 - Description : The Cyberlink RichVideo64 Service(CRVS) service terminated unexpectedly. It has done this 1 time(s).

1201 - Time : 6/26/2012 8:47:36 PM
1202 - Source : Service Control Manager
1203 - Description : The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).

1201 - Time : 6/26/2012 8:35:21 PM
1202 - Source : Service Control Manager
1203 - Description : The Volume Shadow Copy service terminated unexpectedly. It has done this 1 time(s).

1201 - Time : 6/26/2012 8:35:12 PM
1202 - Source : Service Control Manager
1203 - Description : The Windows Defender service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

----------------------------------
End of file - 23098 Bytes




After installing XP SP2, I see that there is a program with no name(using
netstat) with pid 0 accessing the some IP addresses with port 80 and port
2080. Both ports are web services.
Here's the output of netstat -o:
Proto Local Address Foreign Address State PID
TCP merlin-pc:1505 64.191.126.160:2080 ESTABLISHED 1720
TCP merlin-pc:1487 65.216.112.32:http TIME_WAIT 0

NOTE: I used msconfig to troubleshoot and find out which program it was but
it did not help. Task Manager did not help either because the process has no
name because the process could be in-kernel. It looks like it's System Idle
Process but I am not sure about it because there is no way for me unless I
underdand and know where to look at the kernel. Can I do memory dump and
find out? Debug? I have been trying to fix this for about a week now. I
downloaded some tools but did not help because the tools could not name the
process. I am after finding out the name of the process and stopping it. I
guess the next solution could be replacing svchost.
I don't think the tasklist output helps but Here's the output of tasklist
/v:
Image Name PID Session Name Session# Mem Usage
Status User Name CPU
Time Window Title
========================= ====== ================ ======== ============
=============== ==================================================
============ ================================================== =========
System Idle Process 0 Console 0 16 K
Running NT AUTHORITYSYSTEM
2:42:39 N/A
System 4 Console 0 32 K
Running NT AUTHORITYSYSTEM
0:00:11 N/A
SMSS.EXE 552 Console 0 40 K
Running NT AUTHORITYSYSTEM
0:00:00 N/A
CSRSS.EXE 628 Console 0 1,372 K
Running NT AUTHORITYSYSTEM
0:00:30 N/A
WINLOGON.EXE 652 Console 0 368 K
Running NT AUTHORITYSYSTEM
0:00:01 N/A
SERVICES.EXE 696 Console 0 1,032 K
Running NT AUTHORITYSYSTEM
0:00:07 N/A
LSASS.EXE 708 Console 0 1,396 K
Running NT AUTHORITYSYSTEM
0:00:02 N/A
SVCHOST.EXE 860 Console 0 1,360 K
Running NT AUTHORITYSYSTEM
0:00:00 N/A
SVCHOST.EXE 948 Console 0 1,244 K
Running NT AUTHORITYNETWORK SERVICE
0:00:00 N/A
SVCHOST.EXE 1032 Console 0 5,632 K
Running NT AUTHORITYSYSTEM
0:00:13 N/A
SVCHOST.EXE 1104 Console 0 200 K
Running NT AUTHORITYNETWORK SERVICE
0:00:00 N/A
SVCHOST.EXE 1204 Console 0 72 K
Running NT AUTHORITYLOCAL SERVICE
0:00:00 N/A
SPOOLSV.EXE 1416 Console 0 92 K
Running NT AUTHORITYSYSTEM
0:00:00 N/A
EXPLORER.EXE 1576 Console 0 4,128 K
Running MERLIN-PCMerlin
0:01:23 N/A
svchost.exe 1720 Console 0 220 K
Running MERLIN-PCMerlin
0:00:00 N/A
zlclient.exe 1748 Console 0 1,220 K
Running MERLIN-PCMerlin
0:00:02 ZoneAlarm Pro
CTFMON.EXE 1776 Console 0 1,072 K
Running MERLIN-PCMerlin
0:00:03 N/A
AVGSERV.EXE 1888 Console 0 212 K
Running NT AUTHORITYSYSTEM
0:00:00 N/A
mdm.exe 1928 Console 0 344 K
Running NT AUTHORITYSYSTEM
0:00:00 N/A
WLANCFG4.EXE 1948 Console 0 1,160 K
Running MERLIN-PCMerlin
0:00:05 NETGEAR MA111 USB Adapter Utility
SNMP.EXE 2016 Console 0 552 K
Running NT AUTHORITYSYSTEM
0:00:00 N/A
vsmon.exe 144 Console 0 2,340 K
Running NT AUTHORITYSYSTEM
0:00:17 N/A
cmd.exe 528 Console 0 20 K
Running MERLIN-PCMerlin
0:00:00 C:WINDOWSsystem32cmd.exe - netstat -na 5
alg.exe 1480 Console 0 84 K
Running NT AUTHORITYLOCAL SERVICE
0:00:00 N/A
netstat.exe 1612 Console 0 588 K
Running MERLIN-PCMerlin
0:00:01 N/A
cmd.exe 1864 Console 0 776 K
Running MERLIN-PCMerlin
0:00:00 C:WINDOWSsystem32cmd.exe - tasklist /v
iexplore.exe 1172 Console 0 1,544 K
Running MERLIN-PCMerlin
0:04:28 Windows XP Newsgroups - Microsoft Internet Explorer
AVGCC32.EXE 1528 Console 0 68 K
Running MERLIN-PCMerlin
0:00:00 N/A
putty.exe 2528 Console 0 452 K
Running MERLIN-PCMerlin
0:00:04 shred@redhat8:~
mbsa.exe 188 Console 0 256 K
Running MERLIN-PCMerlin
0:00:08 Microsoft Baseline Security Analyzer
AcroRd32.exe 2736 Console 0 21,424 K
Running MERLIN-PCMerlin
0:00:05 DDE Server Window
cmd.exe 1556 Console 0 32 K
Running MERLIN-PCMerlin
0:00:00 C:WINDOWSsystem32cmd.exe
cmd.exe 520 Console 0 16 K
Running MERLIN-PCMerlin
0:00:00 C:WINDOWSsystem32cmd.exe
notepad.exe 2576 Console 0 64 K
Running MERLIN-PCMerlin
0:00:00 Untitled - Notepad
OUTLOOK.EXE 3168 Console 0 164 K
Running MERLIN-PCMerlin
0:00:06 Inbox - Microsoft Outlook
AgentSvr.exe 1240 Console 0 212 K
Running MERLIN-PCMerlin
0:00:00 Menu Parent Window
MSOHELP.EXE 2236 Console 0 220 K
Running MERLIN-PCMerlin
0:00:01 Microsoft Outlook Help
msimn.exe 2256 Console 0 2,248 K
Running MERLIN-PCMerlin
0:00:15 a process with pid 0 accessing Internet without me initiati
tasklist.exe 2132 Console 0 4,812 K
Running MERLIN-PCMerlin
0:00:00 OleMainThreadWndName
wmiprvse.exe 3772 Console 0 5,412 K
Running NT AUTHORITYNETWORK SERVICE
0:00:00 N/A

Thank you.
--Leon




I have experience the same Spoolsv.exe MO on one of my workstations. Everyone
said it must me a virus or malware. I checked and checked, and re-checked and
the system appeared to be clean. I did find an artical that it appeared to
have resolved my problem.
DO AT YOUR OWN RISK: I am not an expert. Check with someone who is is more
about this. However, this appeared to have resolved my issue with the
Spoolsv.exe running at 99%

To resolve this problem, STOP the PrintSpooler in the Services. Turn Off the
printer. Go to C:WindowsSystem32spoolPrinters. Delete all files in the
folder (Expamle: 00020.SHD and 00020.SPL).

"Richard Martin" wrote:

One of my PCs running Windows XP Home Edition began to
experience slow system response about 3 weeks ago. When
I review Task Manager I notice that a file named
spoolsv.exe is taking about 98% of the CPU resources.
What can I do to correct this?




Hi!

My system is running incredibly slow any suggestions would be
appreciated. I have Intel Celeron 800 MHz processor on Intel 815
chipset with 256 MB SDRAM running WinXP with 256Kbps Cable Internet
(Realtek RTL8139D PCI Ethernet Adapter). I have latest virus
defination files of Norton Antivirus and this is the only one major
application running in the background. It boots slow. On shutdown and
logging off profiles, it takes a very long time than normal. I have
also run CHKDSK and Defrag.

There are two instances of SVCHOST.EXE in the SYSTEM section. I don't
know why is it duplicated. There are other processes that I do not
have any clue. Can some of the processes be disabled safely without
affecting the system functionality? and how? or is there any other
suggestion to increase the overall performance of the PC?

I am listing all the processess running in the background below. I
would be happy to provide any other information that you may require.
Please help.

Maxi

System processes running in Task Manager
========================================
SAVScan.exe SYSTEM
NAVAPSVC.EXE SYSTEM
MDM.EXE SYSTEM
SPOOLSV.EXE SYSTEM
ccEvtMgr.exe SYSTEM
ccSetMgr.exe SYSTEM
WUAUCLT.EXE SYSTEM
SVCHOST.EXE SYSTEM
SVCHOST.EXE SYSTEM
LSASS.EXE SYSTEM
SERVICES.EXE SYSTEM
WINLOGON.EXE SYSTEM
CSRSS.EXE SYSTEM
SYMLCSVC.EXE SYSTEM
SMSS.EXE SYSTEM
NPROTECT.EXE SYSTEM
System SYSTEM
System Idle Process SYSTEM
SVCHOST NETWORK SERVICE
Ad-watch.exe Maxi
EXPLORER.EXE Maxi
taskmgr.exe Maxi
CTFMON.EXE Maxi
ccApp.exe Maxi
ALG.EXE LOCAL SERVICE
SVCHOST LOCAL SERVICE

Item checked in MSconfig
========================
NvCpl
nwiz
ccApp
AVDCHK
ctfmon
Ad-watch




i have tried everything from adaware,hijack this , browser hijack blaster ,
cws shredder ,antivirus software and even did the step by step guide from one
of the experts(sorry i cant remember youre name)but nothing has fixed my
problem . adaware finds everything i think but it still goes back to the sane
page which is msn search page but with an address
res://ycrm.dll/index.html#35759 and many other addresses of the same content
but with a different res://****.html#35759, i am not sure but i think that
this address is also linked to my problem www.v61.com. here is a log from my
adaware. NOTICE NUMBER TWO!!!
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :13 September 2004 19:53:37
Created with Ad-aware Personal, free for private use.
Using reference-file :01R340 06.09.2004
__________________________________________________ ____

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

13-09-2004 19:53:37 - Scan started. (Custom mode)

Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [smss.exe]
FilePath : SystemRootSystem32
ThreadCreationTime : 13-09-2004 17:51:25
BasePriority : Normal

#:2 [winlogon.exe]
FilePath : ??C:WINDOWSsystem32
ThreadCreationTime : 13-09-2004 17:51:28
BasePriority : High

#:3 [services.exe]
FilePath : C:WINDOWSsystem32
ThreadCreationTime : 13-09-2004 17:51:28
BasePriority : Normal
FileSize : 105 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft
Created on : 19/09/2002 19:26:40
Last accessed : 13/09/2004 18:53:37
Last modified : 04/08/2004 07:56:55

#:4 [lsass.exe]
FilePath : C:WINDOWSsystem32
ThreadCreationTime : 13-09-2004 17:51:28
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 19/09/2002 19:26:22
Last accessed : 13/09/2004 18:53:37
Last modified : 04/08/2004 07:56:50

#:5 [svchost.exe]
FilePath : C:WINDOWSsystem32
ThreadCreationTime : 13-09-2004 17:51:28
BasePriority : Normal
FileSize : 14 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 19/09/2002 19:26:44
Last accessed : 13/09/2004 17:55:41
Last modified : 04/08/2004 07:56:57

#:6 [svchost.exe]
FilePath : C:WINDOWSSystem32
ThreadCreationTime : 13-09-2004 17:51:29
BasePriority : Normal
FileSize : 14 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 19/09/2002 19:26:44
Last accessed : 13/09/2004 17:55:41
Last modified : 04/08/2004 07:56:57

#:7 [spoolsv.exe]
FilePath : C:WINDOWSsystem32
ThreadCreationTime : 13-09-2004 17:51:31
BasePriority : Normal
FileSize : 56 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 19/09/2002 19:26:43
Last accessed : 13/09/2004 18:53:37
Last modified : 04/08/2004 07:56:57

#:8 [ccevtmgr.exe]
FilePath : C:Program FilesCommon FilesSymantec Shared
ThreadCreationTime : 13-09-2004 17:51:31
BasePriority : Normal
FileSize : 309 KB
FileVersion : 1.03.4
ProductVersion : 1.03.4
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All
rights reserved.
CompanyName : Symantec Corporation
FileDescription : Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Event Manager
Created on : 13/11/2002 16:44:02
Last accessed : 13/09/2004 18:53:06
Last modified : 13/11/2002 16:44:02

#:9 [navapsvc.exe]
FilePath : C:Program FilesNorton AntiVirus
ThreadCreationTime : 13-09-2004 17:51:31
BasePriority : Normal
FileSize : 113 KB
FileVersion : 9.05.1015
ProductVersion : 9.05.1015
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All
rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 14/11/2002 19:41:26
Last accessed : 13/09/2004 18:53:07
Last modified : 14/11/2002 19:41:26

#:10 [nisum.exe]
FilePath : C:Program FilesNorton Internet Security
ThreadCreationTime : 13-09-2004 17:51:31
BasePriority : Normal
FileSize : 137 KB
FileVersion : 6.02.1015
ProductVersion : 6.02.1015
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All
rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton Internet Security NISUM
InternalName : NISUM
OriginalFilename : NISUM.exe
ProductName : Norton Internet Security
Created on : 14/11/2002 19:31:24
Last accessed : 13/09/2004 18:53:37
Last modified : 14/11/2002 19:31:24

#:11 [nkkua]
FilePath : C:WINDOWSwiaservc.log:
ThreadCreationTime : 13-09-2004 17:51:32
BasePriority : Normal

#:12 [svchost.exe]
FilePath : C:WINDOWSSystem32
ThreadCreationTime : 13-09-2004 17:51:35
BasePriority : Normal
FileSize : 14 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 19/09/2002 19:26:44
Last accessed : 13/09/2004 17:55:41
Last modified : 04/08/2004 07:56:57

#:13 [ccpxysvc.exe]
FilePath : C:Program FilesNorton Internet Security
ThreadCreationTime : 13-09-2004 17:51:35
BasePriority : Normal
FileSize : 33 KB
FileVersion : 6.02.1015
ProductVersion : 6.02.1015
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All
rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton Internet Security Proxy Service
InternalName : ccPxySvc
OriginalFilename : ccPxySvc.exe
ProductName : Norton Internet Security
Created on : 14/11/2002 19:30:06
Last accessed : 13/09/2004 18:53:37
Last modified : 14/11/2002 19:30:06

#:14 [explorer.exe]
FilePath : C:WINDOWS
ThreadCreationTime : 13-09-2004 18:52:31
BasePriority : Normal
FileSize : 1008 KB
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft
Created on : 06/08/2004 04:52:07
Last accessed : 13/09/2004 18:52:34
Last modified : 04/08/2004 07:56:49

#:15 [realsched.exe]
FilePath : C:Program FilesCommon FilesRealUpdate_OB
ThreadCreationTime : 13-09-2004 18:52:36
BasePriority : Normal
FileSize : 148 KB
FileVersion : 0.1.0.1622
ProductVersion : 0.1.0.1622
Copyright : Copyright
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
OriginalFilename : realsched.exe
ProductName : RealOne Player (32-bit)
Created on : 05/08/2003 16:07:27
Last accessed : 13/09/2004 18:52:36
Last modified : 05/08/2003 16:07:27

#:16 [soundman.exe]
FilePath : C:WINDOWS
ThreadCreationTime : 13-09-2004 18:52:36
BasePriority : Normal
FileSize : 53 KB
FileVersion : 5.1.00
ProductVersion : 5.1.00
Copyright : Copyright (c) 2001-2003 Realtek Semiconductor Corp.
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
OriginalFilename : ALSMTray.exe
ProductName : Realtek Sound Manager
Created on : 21/08/2004 11:28:08
Last accessed : 13/09/2004 18:52:36
Last modified : 21/08/2004 11:28:08

#:17 [sdkss.exe]
FilePath : C:WINDOWSsystem32
ThreadCreationTime : 13-09-2004 18:52:36
BasePriority : Normal
FileSize : 27 KB
Created on : 11/08/2004 03:30:06
Last accessed : 13/09/2004 18:52:36
Last modified : 11/08/2004 03:30:06

#:18 [traycontrol.exe]
FilePath : C:Program FilesPackard Bell EverSafe
ThreadCreationTime : 13-09-2004 18:52:37
BasePriority : Normal
FileSize : 744 KB
FileVersion : 4.0
ProductVersion : 4.0
Copyright : Copyright
CompanyName : NovaStor Corporation
FileDescription : Tray Control
InternalName : TRAYCONTROL
OriginalFilename : TrayControl.exe
ProductName : NovaNet-WEB
Created on : 02/01/2004 23:39:37
Last accessed : 13/09/2004 18:52:37
Last modified : 31/07/2002 15:00:36

#:19 [em_exec.exe]
FilePath : C:PROGRA~1MOUSEW~1SYSTEM
ThreadCreationTime : 13-09-2004 18:52:37
BasePriority : Normal
FileSize : 34 KB
FileVersion : 9.43.75
ProductVersion : 9.43
Copyright : Copyright
CompanyName : Logitech Inc.
FileDescription : Control Center
InternalName : EM_EXEC
OriginalFilename : EM_EXEC.CPP
ProductName : MouseWare
Created on : 05/08/2003 15:58:13
Last accessed : 13/09/2004 18:52:37
Last modified : 28/01/2002 08:43:00

#:20 [ccapp.exe]
FilePath : C:Program FilesCommon FilesSymantec Shared
ThreadCreationTime : 13-09-2004 18:52:38
BasePriority : Normal
FileSize : 53 KB
FileVersion : 1.03.15
ProductVersion : 1.03.15
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All
rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client CC App
InternalName : ccApp
OriginalFilename : ccApp.exe
ProductName : Common Client
Created on : 14/11/2002 19:29:06
Last accessed : 13/09/2004 18:53:08
Last modified : 14/11/2002 19:29:06

#:21 [atiptaxx.exe]
FilePath : C:ATI TechnologiesATI Control Panel
ThreadCreationTime : 13-09-2004 18:52:38
BasePriority : Normal
FileSize : 328 KB
FileVersion : 6.14.10.5019
ProductVersion : 6.14.10.5019
Copyright : Copyright (C) 1998-2002 ATI Technologies Inc.
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
OriginalFilename : Atiptaxx.exe
ProductName : ATI Desktop Component
Created on : 05/08/2003 15:58:53
Last accessed : 13/09/2004 18:52:38
Last modified : 19/06/2003 12:31:00

#:22 [aboard.exe]
FilePath : C:appsABoard
ThreadCreationTime : 13-09-2004 18:52:38
BasePriority : Normal
FileSize : 24 KB
FileVersion : 1, 2, 0, 0
ProductVersion : 1, 2, 0, 0
Copyright : Copyright (C) 2003
CompanyName : NEC Computers International
FileDescription : Activboard Application
InternalName : Activboard
OriginalFilename : ABoard.exe
ProductName : Activboard Application
Created on : 05/08/2003 16:06:05
Last accessed : 13/09/2004 18:52:39
Last modified : 02/05/2003 10:31:50

#:23 [spykiller.exe]
FilePath : C:Program FilesSpyKiller
ThreadCreationTime : 13-09-2004 18:52:41
BasePriority : Normal
FileSize : 261 KB
FileVersion : 1.00
ProductVersion : 1.00
CompanyName : www.spykiller.com
FileDescription : SpyWare/AdWare Remover
InternalName : SpyKiller
OriginalFilename : SpyKiller.exe
ProductName : SpyKiller 2004
Created on : 01/07/2003 06:04:18
Last accessed : 13/09/2004 18:52:41
Last modified : 10/06/2004 06:01:52

#:24 [msmsgs.exe]
FilePath : C:Program FilesMessenger
ThreadCreationTime : 13-09-2004 18:52:41
BasePriority : Normal
FileSize : 1628 KB
FileVersion : 4.7.3000
ProductVersion : Version 4.7.3000
Copyright : Copyright (c) Microsoft Corporation 2004
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
OriginalFilename : msmsgs.exe
ProductName : Messenger
Created on : 14/04/2003 19:05:20
Last accessed : 13/09/2004 17:55:38
Last modified : 04/08/2004 07:56:53

#:25 [quickdcf.exe]
FilePath : C:Program FilesFinePixViewer
ThreadCreationTime : 13-09-2004 18:52:42
BasePriority : Normal
FileSize : 196 KB
FileVersion : 4, 0, 0, 0
ProductVersion : 4, 0, 0, 0
Copyright : Copyright 2000-2003 FUJI PHOTO FILM CO.,LTD.
CompanyName : FUJI PHOTO FILM CO., LTD.
FileDescription : Exif Launcher
InternalName : QuickDCF
OriginalFilename : QuickDCF.exe
ProductName : FinePixViewer
Created on : 19/05/2004 22:53:05
Last accessed : 13/09/2004 18:52:42
Last modified : 20/12/2002 15:18:40

#:26 [hpohmr08.exe]
FilePath : C:Program FilesHewlett-PackardDigital Imagingbin
ThreadCreationTime : 13-09-2004 18:52:42
BasePriority : Normal
FileSize : 144 KB
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Device Objects
InternalName : HPOHMR08
OriginalFilename : HPOHMR08.EXE
ProductName : hp digital imaging - hp all-in-one series
Created on : 06/04/2003 01:17:18
Last accessed : 13/09/2004 18:53:37
Last modified : 06/04/2003 01:17:18

#:27 [hpotdd01.exe]
FilePath : C:Program FilesHewlett-PackardDigital Imagingbin
ThreadCreationTime : 13-09-2004 18:52:42
BasePriority : Normal
FileSize : 28 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright
CompanyName : Hewlett-Packard
FileDescription : hpotdd01
InternalName : hpotdd01
OriginalFilename : hpotdd01.exe
ProductName : Hewlett-Packard hpotdd01
Created on : 06/04/2003 01:06:58
Last accessed : 13/09/2004 18:52:42
Last modified : 06/04/2003 01:06:58

#:28 [aosd.exe]
FilePath : C:appsABoard
ThreadCreationTime : 13-09-2004 18:52:43
BasePriority : ?
FileSize : 68 KB
FileVersion : 1, 2, 0, 0
ProductVersion : 1, 2, 0, 0
Copyright : Copyright (C) 2003
CompanyName : NEC Computers International
FileDescription : ActivOSD Application
InternalName : ActivOSD
OriginalFilename : ActivOSD.exe
ProductName : ActivOSD Application
Created on : 05/08/2003 16:06:05
Last accessed : 13/09/2004 18:52:43
Last modified : 02/05/2003 10:31:38

#:29 [calcheck.exe]
FilePath : C:APPSUlead SystemsUlead Photo Express 4.0 SE
ThreadCreationTime : 13-09-2004 18:52:43
BasePriority : Normal
FileSize : 68 KB
FileVersion : 4, 0, 0, 0
ProductVersion : 4, 0, 0, 0
Copyright : Copyright (C) 1992-1999.Ulead Systems, Inc.
CompanyName : Ulead Systems, Inc.
FileDescription : Photo Express -- Calendar Checker
InternalName : CalCheck
OriginalFilename : CalCheck.EXE
ProductName : Calendar Checker Application
Created on : 02/01/2004 22:41:28
Last accessed : 13/09/2004 18:53:37
Last modified : 16/04/2002 16:11:28

#:30 [hpoevm08.exe]
FilePath : C:Program FilesHewlett-PackardDigital Imagingbin
ThreadCreationTime : 13-09-2004 18:52:51
BasePriority : Normal
FileSize : 280 KB
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Event Manager
InternalName : HPOEVM08
OriginalFilename : HPOEVM08.EXE
ProductName : hp digital imaging - hp all-in-one series
Created on : 06/04/2003 00:45:10
Last accessed : 13/09/2004 18:53:02
Last modified : 06/04/2003 00:45:10

#:31 [hposts08.exe]
FilePath : C:Program FilesHewlett-PackardDigital ImagingBin
ThreadCreationTime : 13-09-2004 18:52:56
BasePriority : Normal
FileSize : 304 KB
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet Status
InternalName : HPOSTS08
OriginalFilename : HPOSTS08.EXE
ProductName : hp digital imaging - hp all-in-one series
Created on : 06/04/2003 00:55:04
Last accessed : 13/09/2004 18:53:37
Last modified : 06/04/2003 00:55:04

#:32 [ad-aware.exe]
FilePath : C:PROGRA~1LavasoftAD-AWA~1
ThreadCreationTime : 13-09-2004 18:53:31
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 29/07/2004 20:44:08
Last accessed : 13/09/2004 18:22:03
Last modified : 12/07/2003 20:00:20

Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0

Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯

Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0

Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯

Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0

Deep scanning and examining files (C
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯

CoolWebSearch Object recognized!
Type : File
Data : a0003236.dll
Object : C:System Volume
Information_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}RP17
FileSize : 55 KB
Created on : 07/09/2004 22:17:40
Last accessed : 13/09/2004 18:43:29
Last modified : 07/09/2004 22:17:40

CoolWebSearch Object recognized!
Type : File
Data : a0003237.dll
Object : C:System Volume
Information_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}RP17
FileSize : 55 KB
Created on : 23/08/2004 18:47:20
Last accessed : 13/09/2004 18:43:29
Last modified : 23/08/2004 18:47:20

CoolWebSearch Object recognized!
Type : File
Data : a0003238.dll
Object : C:System Volume
Information_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}RP17
FileSize : 55 KB
Created on : 28/08/2004 18:05:09
Last accessed : 13/09/2004 18:43:29
Last modified : 28/08/2004 18:05:09

CoolWebSearch Object recognized!
Type : File
Data : a0003239.dll
Object : C:System Volume
Information_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}RP17
FileSize : 55 KB
Created on : 31/08/2004 02:37:36
Last accessed : 13/09/2004 18:43:29
Last modified : 31/08/2004 02:37:36

CoolWebSearch Object recognized!
Type : File
Data : a0003244.dll
Object : C:System Volume
Information_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}RP17
FileSize : 55 KB
Created on : 11/08/2004 05:53:47
Last accessed : 13/09/2004 18:43:30
Last modified : 11/08/2004 05:53:47

CoolWebSearch Object recognized!
Type : File
Data : a0003245.dll
Object : C:System Volume
Information_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}RP17
FileSize : 55 KB
Created on : 03/08/2004 19:18:56
Last accessed : 13/09/2004 18:43:30
Last modified : 03/08/2004 19:18:56

CoolWebSearch Object recognized!
Type : File
Data : a0003247.dll
Object : C:System Volume
Information_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}RP17
FileSize : 55 KB
Created on : 14/08/2004 08:38:06
Last accessed : 13/09/2004 18:43:30
Last modified : 14/08/2004 08:38:06

CoolWebSearch Object recognized!
Type : File
Data : a0003248.dll
Object : C:System Volume
Information_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}RP17
FileSize : 55 KB
Created on : 09/08/2004 21:04:51
Last accessed : 13/09/2004 18:43:30
Last modified : 09/08/2004 21:04:51

CoolWebSearch Object recognized!
Type : File
Data : a0003249.dll
Object : C:System Volume
Information_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}RP17
FileSize : 55 KB
Created on : 04/08/2004 05:13:46
Last accessed : 13/09/2004 18:43:30
Last modified : 04/08/2004 05:13:46

CoolWebSearch Object recognized!
Type : File
Data : a0003250.dll
Object : C:System Volume
Information_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}RP17
FileSize : 55 KB
Created on : 26/08/2004 03:08:03
Last accessed : 13/09/2004 18:43:30
Last modified : 26/08/2004 03:08:03

CoolWebSearch Object recognized!
Type : File
Data : a0003251.dll
Object : C:System Volume
Information_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}RP17
FileSize : 55 KB
Created on : 31/08/2004 12:31:24
Last accessed : 13/09/2004 18:43:30
Last modified : 31/08/2004 12:31:24

CoolWebSearch Object recognized!
Type : File
Data : a0003252.dll
Object : C:System Volume
Information_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}RP17
FileSize : 55 KB
Created on : 17/08/2004 17:53:11
Last accessed : 13/09/2004 18:43:30
Last modified : 17/08/2004 17:53:11

CoolWebSearch Object recognized!
Type : File
Data : a0003253.dll
Object : C:System Volume
Information_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}RP17
FileSize : 55 KB
Created on : 06/08/2004 00:44:07
Last accessed : 13/09/2004 18:43:30
Last modified : 06/08/2004 00:44:07

CoolWebSearch Object recognized!
Type : File
Data : a0003254.dll
Object : C:System Volume
Information_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}RP17
FileSize : 55 KB
Created on : 10/09/2004 16:50:23
Last accessed : 13/09/2004 18:43:30
Last modified : 10/09/2004 16:50:23

CoolWebSearch Object recognized!
Type : File
Data : a0003261.dll
Object : C:System Volume
Information_restore{98E46F0A-9DA1-4258-92C4-7CCAE5D21E6E}RP17
FileSize : 55 KB
Created on : 04/09/2004 03:20:31
Last accessed : 13/09/2004 18:43:30
Last modified : 04/09/2004 03:20:31

Disk scan result for C:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 41

Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯

CoolWebSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object :
SOFTWAREMicrosoftWindowsCurrentVersionUninstal lHSA

CoolWebSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object :
SOFTWAREMicrosoftWindowsCurrentVersionUninstal lSE

CoolWebSearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object :
SOFTWAREMicrosoftWindowsCurrentVersionUninstal lSW

Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 3
Objects found so far: 44

20:05:17 Scan complete

Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:11:40:281
Objects scanned :182283
Objects identified :44
Objects ignored :0
New objects :44
THANK YOU FOR YOUR HELP




Hi

I'm having what seems to be a familair problem with Task Manager,
Regedit etc.

I've updated my AVG definitions, scanned in safe mode and normal, run
a couple of the suggested online scanners, run Spybot and Spyware
Doctor. And (!) I've tried Doug's various utilities (Security Console
and XP_taskmgrenab included) and I Task Manager is still greyed out. I
can however run everything when I boot in Safe Mode.

So I've used Doug's Program Tracker and I'm hoping someone can help me
decipher what the heck is going on.

Many thanks in advance and please don't tell me to run a virus
check!!!!

-- Registry --
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurr entVersionRunOnce

No Items Found

-- Registry --
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurr entVersionRun

IgfxTray C:WINDOWSSystem32igfxtray.exe
HotKeysCmds C:WINDOWSSystem32hkcmd.exe
Apoint C:Program FilesApointApoint.exe
Dell QuickSet C:Program
FilesDellQuickSetquickset.exe
bascstray BascsTray.exe
DVDSentry C:WINDOWSSystem32DSentry.exe
AVG_CC C:PROGRA~1GrisoftAVG6avgcc32.exe
/STARTUP
vptray C:Program FilesNavNTvptray.exe
QuickTime Task "C:Program FilesQuickTimeqttask.exe"
-atboottime
Openwares LiveUpdate C:Program
FilesLiveUpdateLiveUpdate.exe
RoxioEngineUtility "C:Program FilesCommon FilesRoxio
SharedSystemEngUtil.exe"
RoxioAudioCentral "C:Program FilesRoxioEasy CD Creator
6AudioCentralRxMon.exe"
GSICONEXE gsicon.exe
DSLAGENTEXE dslagent.exe USB
MMTray C:Program FilesMUSICMATCHMUSICMATCH
Jukeboxmm_tray.exe
mmtask C:Program FilesMUSICMATCHMUSICMATCH
Jukeboxmmtask.exe
SmcService C:PROGRA~1SygateSPFsmc.exe -startgui

-- Registry --
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurre ntVersionRunOnce

No Items Found

-- Registry --
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurre ntVersionRun

H/PC Connection Agent "C:Program FilesMicrosoft
ActiveSyncWCESCOMM.EXE"
Creative Detector C:Program
FilesCreativeMediaSourceDetectorCTDetect.exe /R
SpySweeper "C:Program FilesWebrootSpy
SweeperSpySweeper.exe" /0
ctfmon.exe C:WINDOWSsystem32ctfmon.exe

-- Registry --
HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCur rentVersionRunOnce

No Items Found

-- Start Menu - Current User --
DESKTOP.INI

-- Start Menu - All Users --
Acrobat Assistant.lnk
BTTray.lnk
Dataviz Messenger.lnk
DESKTOP.INI
Microsoft Office OneNote 2003 Quick Launch.lnk
Phone Connection Monitor.lnk
Service Manager.lnk

-- Disabled Items --
No Items Found

-- Registry - Shell Value - HKLMSOFTWAREMicrosoftWindows
NTCurrentVersionWinlogon --
Explorer.exe

-- Running Processes --
System Idle Process
System
smss.exe SystemRootSystem32smss.exe
csrss.exe C:WINDOWSsystem32csrss.exe
ObjectDirectory=Windows SharedSection=1024,3072,512 Windows=On
SubSystemType=Windows ServerDll=basesrv,1
ServerDll=winsrv:UserServerDllInitialization,3
ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off
MaxRequestThreads=16
winlogon.exe winlogon.exe
services.exe C:WINDOWSsystem32services.exe
lsass.exe C:WINDOWSsystem32lsass.exe
svchost.exe C:WINDOWSsystem32svchost -k DcomLaunch
svchost.exe C:WINDOWSsystem32svchost -k rpcss
svchost.exe C:WINDOWSSystem32svchost.exe -k netsvcs
Smc.exe "C:Program FilesSygateSPFsmc.exe"
svchost.exe C:WINDOWSSystem32svchost.exe -k NetworkService
svchost.exe C:WINDOWSSystem32svchost.exe -k LocalService
spoolsv.exe C:WINDOWSsystem32spoolsv.exe
scardsvr.exe C:WINDOWSSystem32SCardSvr.exe
avgserv.exe C:PROGRA~1GrisoftAVG6avgserv.exe
BAsfIpM.exe C:WINDOWSSystem32basfipm.exe
btwdins.exe "C:Program FilesDellBluetooth
Softwarebinbtwdins.exe"
cisvc.exe C:WINDOWSsystem32cisvc.exe
CTSVCCDA.EXE C:WINDOWSSystem32CTsvcCDA.EXE
defwatch.exe "C:Program FilesNavNTdefwatch.exe"
inetinfo.exe C:WINDOWSSystem32inetsrvinetinfo.exe
sqlservr.exe C:PROGRA~1MICROS~4MSSQLbinnsqlservr.exe
rtvscan.exe "C:Program FilesNavNTrtvscan.exe"
svchost.exe C:WINDOWSSystem32svchost.exe -k imgsvc
wdfmgr.exe C:WINDOWSsystem32wdfmgr.exe
WLTRYSVC.EXE C:WINDOWSSystem32WLTRYSVC.EXE
C:WINDOWSSystem32bcmwltry.exe
MsPMSPSv.exe C:WINDOWSSystem32MsPMSPSv.exe
BCMWLTRY.EXE C:WINDOWSSystem32bcmwltry.exe
alg.exe C:WINDOWSSystem32alg.exe
explorer.exe C:WINDOWSExplorer.EXE
REGSVR.EXE C:WINDOWSREGSVR.EXE
hkcmd.exe "C:WINDOWSSystem32hkcmd.exe"
Apoint.exe "C:Program FilesApointApoint.exe"
quickset.exe "C:Program FilesDellQuickSetquickset.exe"
DSentry.exe "C:WINDOWSSystem32DSentry.exe"
avgcc32.exe "C:PROGRA~1GrisoftAVG6avgcc32.exe" /STARTUP
ApntEx.exe "Apntex.exe"
vptray.exe "C:Program FilesNavNTvptray.exe"
RxMon.exe "C:Program FilesRoxioEasy CD Creator
6AudioCentralRxMon.exe"
gsicon.exe "C:WINDOWSsystem32gsicon.exe"
dslagent.exe "C:WINDOWSsystem32dslagent.exe" USB
mm_tray.exe "C:Program FilesMUSICMATCHMUSICMATCH
Jukeboxmm_tray.exe"
mmtask.exe "C:Program FilesMUSICMATCHMUSICMATCH
Jukeboxmmtask.exe"
wcescomm.exe "C:Program FilesMicrosoft
ActiveSyncWCESCOMM.EXE"
CTDetect.exe "C:Program
FilesCreativeMediaSourceDetectorCTDetect.exe" /R
SpySweeper.exe "C:Program FilesWebrootSpy
SweeperSpySweeper.exe" /0
ctfmon.exe "C:WINDOWSsystem32ctfmon.exe"
Playlist.exe "C:Program FilesRoxioEasy CD Creator
6AudioCentralPlaylist.exe" -Embedding
acrotray.exe "C:Program FilesAdobeAcrobat
6.0Distillracrotray.exe"
BTTray.exe "C:Program FilesDellBluetooth
SoftwareBTTray.exe"
DvzMsgr.exe "C:WINDOWSDvzCommonDvzMsgr.exe"
audevicemgr.exe "C:Program FilesSony
EricssonMobileaudevicemgr.exe"
sqlmangr.exe "C:Program FilesMicrosoft SQL
Server80ToolsBinnsqlmangr.exe" /n
MROUTE~2.EXE c:PROGRA~1INTUWA~1SharedMROUTE~1MROUTE~2.EXE
-Embedding
BTStackServer.exe C:PROGRA~1DellBLUETO~1BTSTAC~1.EXE -Embedding
CONNMN~1.EXE C:PROGRA~1SONYER~1MobileCONNEC~1CONNMN~1.EXE
-Embedding
OUTLOOK.EXE "C:Program FilesMicrosoft
OfficeOFFICE11OUTLOOK.EXE" /recycle
SYNCIN~1.EXE C:PROGRA~1SONYER~1MobileSYNCIN~1.EXE
-Embedding
CIDAEMON.EXE "cidaemon.exe" DownLevelDaemon "c:system volume
informationcatalog.wci" 196672l 1616l
CIDAEMON.EXE "cidaemon.exe" DownLevelDaemon "c:documents and
settingsall usersapplication datamicrosoftvisiocatalog.wci"
196672l 1616l
CIDAEMON.EXE "cidaemon.exe" DownLevelDaemon
"c:inetpubcatalog.wci" 196672l 1616l
wuauclt.exe "C:WINDOWSsystem32wuauclt.exe"
iexplore.exe "C:Program FilesInternet Exploreriexplore.exe"
WINZIP32.EXE "C:PROGRA~1WINZIPwinzip32.exe" "C:Documents
and Settingsjamie.UK0DesktopStartupTracker3.zip"
StartupTracker3.exe "c:TEMPStartupTracker3.exe"
wmiprvse.exe C:WINDOWSSystem32wbemwmiprvse.exe

-- Running Services --

Name: ALG
Description: Provides support for 3rd party protocol plug-ins for
Internet Connection Sharing and the Windows Firewall.
Startup Mode: Manual
Run from: C:WINDOWSSystem32alg.exe

Name: AudioSrv
Description: Manages audio devices for Windows-based programs. If this
service is stopped, audio devices and effects will not function
properly. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: AvgServ
Description:
Startup Mode: Auto
Run from: C:PROGRA~1GrisoftAVG6avgserv.exe

Name: BAsfIpM
Description: IP monitoring service for Broadcom ASF applications.
Startup Mode: Auto
Run from: C:WINDOWSSystem32basfipm.exe

Name: BITS
Description: Transfers files in the background using idle network
bandwidth. If the service is stopped, features such as Windows Update,
and MSN Explorer will be unable to automatically download programs and
other information. If this service is disabled, any services that
explicitly depend on it may fail to transfer files if they do not have
a fail safe mechanism to transfer files directly through IE in case
BITS has been disabled.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: Browser
Description: Maintains an updated list of computers on the network and
supplies this list to computers designated as browsers. If this
service is stopped, this list will not be updated or maintained. If
this service is disabled, any services that explicitly depend on it
will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: btwdins
Description:
Startup Mode: Auto
Run from: C:Program FilesDellBluetooth Softwarebinbtwdins.exe

Name: CiSvc
Description: Indexes contents and properties of files on local and
remote computers; provides rapid access to files through flexible
querying language.
Startup Mode: Auto
Run from: C:WINDOWSsystem32cisvc.exe

Name: Creative Service for CDROM Access
Description:
Startup Mode: Auto
Run from: C:WINDOWSSystem32CTsvcCDA.EXE

Name: CryptSvc
Description: Provides three management services: Catalog Database
Service, which confirms the signatures of Windows files; Protected
Root Service, which adds and removes Trusted Root Certification
Authority certificates from this computer; and Key Service, which
helps enroll this computer for certificates. If this service is
stopped, these management services will not function properly. If this
service is disabled, any services that explicitly depend on it will
fail to start.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: DcomLaunch
Description: Provides launch functionality for DCOM services.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost -k DcomLaunch

Name: DefWatch
Description:
Startup Mode: Auto
Run from: C:Program FilesNavNTdefwatch.exe

Name: Dhcp
Description: Manages network configuration by registering and updating
IP addresses and DNS names.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: dmserver
Description: Detects and monitors new hard disk drives and sends disk
volume information to Logical Disk Manager Administrative Service for
configuration. If this service is stopped, dynamic disk status and
configuration information may become out of date. If this service is
disabled, any services that explicitly depend on it will fail to
start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: Dnscache
Description: Resolves and caches Domain Name System (DNS) names for
this computer. If this service is stopped, this computer will not be
able to resolve DNS names and locate Active Directory domain
controllers. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k NetworkService

Name: ERSvc
Description: Allows error reporting for services and applictions
running in non-standard environments.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: Eventlog
Description: Enables event log messages issued by Windows-based
programs and components to be viewed in Event Viewer. This service
cannot be stopped.
Startup Mode: Auto
Run from: C:WINDOWSsystem32services.exe

Name: EventSystem
Description: Supports System Event Notification Service (SENS), which
provides automatic distribution of events to subscribing Component
Object Model (COM) components. If the service is stopped, SENS will
close and will not be able to provide logon and logoff notifications.
If this service is disabled, any services that explicitly depend on it
will fail to start.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: helpsvc
Description: Enables Help and Support Center to run on this computer.
If this service is stopped, Help and Support Center will be
unavailable. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: HidServ
Description: Enables generic input access to Human Interface Devices
(HID), which activates and maintains the use of predefined hot buttons
on keyboards, remote controls, and other multimedia devices. If this
service is stopped, hot buttons controlled by this service will no
longer function. If this service is disabled, any services that
explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: IISADMIN
Description: Allows administration of Web and FTP services through the
Internet Information Services snap-in
Startup Mode: Auto
Run from: C:WINDOWSSystem32inetsrvinetinfo.exe

Name: Irmon
Description: Supports infrared devices installed on the computer and
detects other devices that are in range.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: lanmanserver
Description: Supports file, print, and named-pipe sharing over the
network for this computer. If this service is stopped, these functions
will be unavailable. If this service is disabled, any services that
explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: LanmanWorkstation
Description: Creates and maintains client network connections to
remote servers. If this service is stopped, these connections will be
unavailable. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: LmHosts
Description: Enables support for NetBIOS over TCP/IP (NetBT) service
and NetBIOS name resolution.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k LocalService

Name: MSSQLSERVER
Description:
Startup Mode: Auto
Run from: C:PROGRA~1MICROS~4MSSQLbinnsqlservr.exe

Name: Netlogon
Description: Supports pass-through authentication of account logon
events for computers in a domain.
Startup Mode: Auto
Run from: C:WINDOWSSystem32lsass.exe

Name: Netman
Description: Manages objects in the Network and Dial-Up Connections
folder, in which you can view both local area network and remote
connections.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: Nla
Description: Collects and stores network configuration and location
information, and notifies applications when this information changes.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: Norton AntiVirus Server
Description:
Startup Mode: Auto
Run from: C:Program FilesNavNTrtvscan.exe

Name: PlugPlay
Description: Enables a computer to recognize and adapt to hardware
changes with little or no user input. Stopping or disabling this
service will result in system instability.
Startup Mode: Auto
Run from: C:WINDOWSsystem32services.exe

Name: ProtectedStorage
Description: Provides protected storage for sensitive data, such as
private keys, to prevent access by unauthorized services, processes,
or users.
Startup Mode: Auto
Run from: C:WINDOWSsystem32lsass.exe

Name: RasMan
Description: Creates a network connection.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: RemoteRegistry
Description: Enables remote users to modify registry settings on this
computer. If this service is stopped, the registry can be modified
only by users on this computer. If this service is disabled, any
services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k LocalService

Name: RpcSs
Description: Provides the endpoint mapper and other miscellaneous RPC
services.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost -k rpcss

Name: SamSs
Description: Stores security information for local user accounts.
Startup Mode: Auto
Run from: C:WINDOWSsystem32lsass.exe

Name: SCardSvr
Description: Manages access to smart cards read by this computer. If
this service is stopped, this computer will be unable to read smart
cards. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32SCardSvr.exe

Name: Schedule
Description: Enables a user to configure and schedule automated tasks
on this computer. If this service is stopped, these tasks will not be
run at their scheduled times. If this service is disabled, any
services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: seclogon
Description: Enables starting processes under alternate credentials.
If this service is stopped, this type of logon access will be
unavailable. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: SENS
Description: Tracks system events such as Windows logon, network, and
power events. Notifies COM+ Event System subscribers of these events.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: SharedAccess
Description: Provides network address translation, addressing, name
resolution and/or intrusion prevention services for a home or small
office network.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: ShellHWDetection
Description:
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: SmcService
Description:
Startup Mode: Auto
Run from: C:Program FilesSygateSPFsmc.exe

Name: SMTPSVC
Description: Transports electronic mail across the network
Startup Mode: Auto
Run from: C:WINDOWSSystem32inetsrvinetinfo.exe

Name: Spooler
Description: Loads files to memory for later printing.
Startup Mode: Auto
Run from: C:WINDOWSsystem32spoolsv.exe

Name: SSDPSRV
Description: Enables discovery of UPnP devices on your home network.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k LocalService

Name: stisvc
Description: Provides image acquisition services for scanners and
cameras.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k imgsvc

Name: TapiSrv
Description: Provides Telephony API (TAPI) support for programs that
control telephony devices and IP based voice connections on the local
computer and, through the LAN, on servers that are also running the
service.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: TermService
Description: Allows multiple users to be connected interactively to a
machine as well as the display of desktops and applications to remote
computers. The underpinning of Remote Desktop (including RD for
Administrators), Fast User Switching, Remote Assistance, and Terminal
Server.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost -k DComLaunch

Name: Themes
Description: Provides user experience theme management.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: TrkWks
Description: Maintains links between NTFS files within a computer or
across computers in a network domain.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: UMWdf
Description: Enables Windows user mode drivers.
Startup Mode: Auto
Run from: C:WINDOWSsystem32wdfmgr.exe

Name: w32time
Description: Maintains date and time synchronization on all clients
and servers in the network. If this service is stopped, date and time
synchronization will be unavailable. If this service is disabled, any
services that explicitly depend on it will fail to start.

Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: W3SVC
Description: Provides Web connectivity and administration through the
Internet Information Services snap-in
Startup Mode: Auto
Run from: C:WINDOWSSystem32inetsrvinetinfo.exe

Name: WebClient
Description: Enables Windows-based programs to create, access, and
modify Internet-based files. If this service is stopped, these
functions will not be available. If this service is disabled, any
services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k LocalService

Name: winmgmt
Description: Provides a common interface and object model to access
management information about operating system, devices, applications
and services. If this service is stopped, most Windows-based software
will not function properly. If this service is disabled, any services
that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: WLTRYSVC
Description:
Startup Mode: Auto
Run from: C:WINDOWSSystem32WLTRYSVC.EXE
C:WINDOWSSystem32bcmwltry.exe

Name: WMDM PMSP Service
Description:
Startup Mode: Auto
Run from: C:WINDOWSSystem32MsPMSPSv.exe

Name: wuauserv
Description: Enables the download and installation of critical Windows
updates. If the service is disabled, the operating system can be
manually updated at the Windows Update Web site.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: WZCSVC
Description: Provides automatic configuration for the 802.11 adapters
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs




Hi

I'm having what seems to be a familair problem with Task Manager,
Regedit etc.

I've updated my AVG definitions, scanned in safe mode and normal, run
a couple of the suggested online scanners, run Spybot and Spyware
Doctor. And (!) I've tried Doug's various utilities (Security Console
and XP_taskmgrenab included) and I Task Manager is still greyed out. I
can however run everything when I boot in Safe Mode.

So I've used Doug's Program Tracker and I'm hoping someone can help me
decipher what the heck is going on.

Many thanks in advance and please don't tell me to run a virus
check!!!!

-- Registry --
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurr entVersionRunOnce

No Items Found

-- Registry --
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurr entVersionRun

IgfxTray C:WINDOWSSystem32igfxtray.exe
HotKeysCmds C:WINDOWSSystem32hkcmd.exe
Apoint C:Program FilesApointApoint.exe
Dell QuickSet C:Program
FilesDellQuickSetquickset.exe
bascstray BascsTray.exe
DVDSentry C:WINDOWSSystem32DSentry.exe
AVG_CC C:PROGRA~1GrisoftAVG6avgcc32.exe
/STARTUP
vptray C:Program FilesNavNTvptray.exe
QuickTime Task "C:Program FilesQuickTimeqttask.exe"
-atboottime
Openwares LiveUpdate C:Program
FilesLiveUpdateLiveUpdate.exe
RoxioEngineUtility "C:Program FilesCommon FilesRoxio
SharedSystemEngUtil.exe"
RoxioAudioCentral "C:Program FilesRoxioEasy CD Creator
6AudioCentralRxMon.exe"
GSICONEXE gsicon.exe
DSLAGENTEXE dslagent.exe USB
MMTray C:Program FilesMUSICMATCHMUSICMATCH
Jukeboxmm_tray.exe
mmtask C:Program FilesMUSICMATCHMUSICMATCH
Jukeboxmmtask.exe
SmcService C:PROGRA~1SygateSPFsmc.exe -startgui

-- Registry --
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurre ntVersionRunOnce

No Items Found

-- Registry --
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurre ntVersionRun

H/PC Connection Agent "C:Program FilesMicrosoft
ActiveSyncWCESCOMM.EXE"
Creative Detector C:Program
FilesCreativeMediaSourceDetectorCTDetect.exe /R
SpySweeper "C:Program FilesWebrootSpy
SweeperSpySweeper.exe" /0
ctfmon.exe C:WINDOWSsystem32ctfmon.exe

-- Registry --
HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCur rentVersionRunOnce

No Items Found

-- Start Menu - Current User --
DESKTOP.INI

-- Start Menu - All Users --
Acrobat Assistant.lnk
BTTray.lnk
Dataviz Messenger.lnk
DESKTOP.INI
Microsoft Office OneNote 2003 Quick Launch.lnk
Phone Connection Monitor.lnk
Service Manager.lnk

-- Disabled Items --
No Items Found

-- Registry - Shell Value - HKLMSOFTWAREMicrosoftWindows
NTCurrentVersionWinlogon --
Explorer.exe

-- Running Processes --
System Idle Process
System
smss.exe SystemRootSystem32smss.exe
csrss.exe C:WINDOWSsystem32csrss.exe
ObjectDirectory=Windows SharedSection=1024,3072,512 Windows=On
SubSystemType=Windows ServerDll=basesrv,1
ServerDll=winsrv:UserServerDllInitialization,3
ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off
MaxRequestThreads=16
winlogon.exe winlogon.exe
services.exe C:WINDOWSsystem32services.exe
lsass.exe C:WINDOWSsystem32lsass.exe
svchost.exe C:WINDOWSsystem32svchost -k DcomLaunch
svchost.exe C:WINDOWSsystem32svchost -k rpcss
svchost.exe C:WINDOWSSystem32svchost.exe -k netsvcs
Smc.exe "C:Program FilesSygateSPFsmc.exe"
svchost.exe C:WINDOWSSystem32svchost.exe -k NetworkService
svchost.exe C:WINDOWSSystem32svchost.exe -k LocalService
spoolsv.exe C:WINDOWSsystem32spoolsv.exe
scardsvr.exe C:WINDOWSSystem32SCardSvr.exe
avgserv.exe C:PROGRA~1GrisoftAVG6avgserv.exe
BAsfIpM.exe C:WINDOWSSystem32basfipm.exe
btwdins.exe "C:Program FilesDellBluetooth
Softwarebinbtwdins.exe"
cisvc.exe C:WINDOWSsystem32cisvc.exe
CTSVCCDA.EXE C:WINDOWSSystem32CTsvcCDA.EXE
defwatch.exe "C:Program FilesNavNTdefwatch.exe"
inetinfo.exe C:WINDOWSSystem32inetsrvinetinfo.exe
sqlservr.exe C:PROGRA~1MICROS~4MSSQLbinnsqlservr.exe
rtvscan.exe "C:Program FilesNavNTrtvscan.exe"
svchost.exe C:WINDOWSSystem32svchost.exe -k imgsvc
wdfmgr.exe C:WINDOWSsystem32wdfmgr.exe
WLTRYSVC.EXE C:WINDOWSSystem32WLTRYSVC.EXE
C:WINDOWSSystem32bcmwltry.exe
MsPMSPSv.exe C:WINDOWSSystem32MsPMSPSv.exe
BCMWLTRY.EXE C:WINDOWSSystem32bcmwltry.exe
alg.exe C:WINDOWSSystem32alg.exe
explorer.exe C:WINDOWSExplorer.EXE
REGSVR.EXE C:WINDOWSREGSVR.EXE
hkcmd.exe "C:WINDOWSSystem32hkcmd.exe"
Apoint.exe "C:Program FilesApointApoint.exe"
quickset.exe "C:Program FilesDellQuickSetquickset.exe"
DSentry.exe "C:WINDOWSSystem32DSentry.exe"
avgcc32.exe "C:PROGRA~1GrisoftAVG6avgcc32.exe" /STARTUP
ApntEx.exe "Apntex.exe"
vptray.exe "C:Program FilesNavNTvptray.exe"
RxMon.exe "C:Program FilesRoxioEasy CD Creator
6AudioCentralRxMon.exe"
gsicon.exe "C:WINDOWSsystem32gsicon.exe"
dslagent.exe "C:WINDOWSsystem32dslagent.exe" USB
mm_tray.exe "C:Program FilesMUSICMATCHMUSICMATCH
Jukeboxmm_tray.exe"
mmtask.exe "C:Program FilesMUSICMATCHMUSICMATCH
Jukeboxmmtask.exe"
wcescomm.exe "C:Program FilesMicrosoft
ActiveSyncWCESCOMM.EXE"
CTDetect.exe "C:Program
FilesCreativeMediaSourceDetectorCTDetect.exe" /R
SpySweeper.exe "C:Program FilesWebrootSpy
SweeperSpySweeper.exe" /0
ctfmon.exe "C:WINDOWSsystem32ctfmon.exe"
Playlist.exe "C:Program FilesRoxioEasy CD Creator
6AudioCentralPlaylist.exe" -Embedding
acrotray.exe "C:Program FilesAdobeAcrobat
6.0Distillracrotray.exe"
BTTray.exe "C:Program FilesDellBluetooth
SoftwareBTTray.exe"
DvzMsgr.exe "C:WINDOWSDvzCommonDvzMsgr.exe"
audevicemgr.exe "C:Program FilesSony
EricssonMobileaudevicemgr.exe"
sqlmangr.exe "C:Program FilesMicrosoft SQL
Server80ToolsBinnsqlmangr.exe" /n
MROUTE~2.EXE c:PROGRA~1INTUWA~1SharedMROUTE~1MROUTE~2.EXE
-Embedding
BTStackServer.exe C:PROGRA~1DellBLUETO~1BTSTAC~1.EXE -Embedding
CONNMN~1.EXE C:PROGRA~1SONYER~1MobileCONNEC~1CONNMN~1.EXE
-Embedding
OUTLOOK.EXE "C:Program FilesMicrosoft
OfficeOFFICE11OUTLOOK.EXE" /recycle
SYNCIN~1.EXE C:PROGRA~1SONYER~1MobileSYNCIN~1.EXE
-Embedding
CIDAEMON.EXE "cidaemon.exe" DownLevelDaemon "c:system volume
informationcatalog.wci" 196672l 1616l
CIDAEMON.EXE "cidaemon.exe" DownLevelDaemon "c:documents and
settingsall usersapplication datamicrosoftvisiocatalog.wci"
196672l 1616l
CIDAEMON.EXE "cidaemon.exe" DownLevelDaemon
"c:inetpubcatalog.wci" 196672l 1616l
wuauclt.exe "C:WINDOWSsystem32wuauclt.exe"
iexplore.exe "C:Program FilesInternet Exploreriexplore.exe"
WINZIP32.EXE "C:PROGRA~1WINZIPwinzip32.exe" "C:Documents
and Settingsjamie.UK0DesktopStartupTracker3.zip"
StartupTracker3.exe "c:TEMPStartupTracker3.exe"
wmiprvse.exe C:WINDOWSSystem32wbemwmiprvse.exe

-- Running Services --

Name: ALG
Description: Provides support for 3rd party protocol plug-ins for
Internet Connection Sharing and the Windows Firewall.
Startup Mode: Manual
Run from: C:WINDOWSSystem32alg.exe

Name: AudioSrv
Description: Manages audio devices for Windows-based programs. If this
service is stopped, audio devices and effects will not function
properly. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: AvgServ
Description:
Startup Mode: Auto
Run from: C:PROGRA~1GrisoftAVG6avgserv.exe

Name: BAsfIpM
Description: IP monitoring service for Broadcom ASF applications.
Startup Mode: Auto
Run from: C:WINDOWSSystem32basfipm.exe

Name: BITS
Description: Transfers files in the background using idle network
bandwidth. If the service is stopped, features such as Windows Update,
and MSN Explorer will be unable to automatically download programs and
other information. If this service is disabled, any services that
explicitly depend on it may fail to transfer files if they do not have
a fail safe mechanism to transfer files directly through IE in case
BITS has been disabled.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: Browser
Description: Maintains an updated list of computers on the network and
supplies this list to computers designated as browsers. If this
service is stopped, this list will not be updated or maintained. If
this service is disabled, any services that explicitly depend on it
will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: btwdins
Description:
Startup Mode: Auto
Run from: C:Program FilesDellBluetooth Softwarebinbtwdins.exe

Name: CiSvc
Description: Indexes contents and properties of files on local and
remote computers; provides rapid access to files through flexible
querying language.
Startup Mode: Auto
Run from: C:WINDOWSsystem32cisvc.exe

Name: Creative Service for CDROM Access
Description:
Startup Mode: Auto
Run from: C:WINDOWSSystem32CTsvcCDA.EXE

Name: CryptSvc
Description: Provides three management services: Catalog Database
Service, which confirms the signatures of Windows files; Protected
Root Service, which adds and removes Trusted Root Certification
Authority certificates from this computer; and Key Service, which
helps enroll this computer for certificates. If this service is
stopped, these management services will not function properly. If this
service is disabled, any services that explicitly depend on it will
fail to start.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: DcomLaunch
Description: Provides launch functionality for DCOM services.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost -k DcomLaunch

Name: DefWatch
Description:
Startup Mode: Auto
Run from: C:Program FilesNavNTdefwatch.exe

Name: Dhcp
Description: Manages network configuration by registering and updating
IP addresses and DNS names.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: dmserver
Description: Detects and monitors new hard disk drives and sends disk
volume information to Logical Disk Manager Administrative Service for
configuration. If this service is stopped, dynamic disk status and
configuration information may become out of date. If this service is
disabled, any services that explicitly depend on it will fail to
start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: Dnscache
Description: Resolves and caches Domain Name System (DNS) names for
this computer. If this service is stopped, this computer will not be
able to resolve DNS names and locate Active Directory domain
controllers. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k NetworkService

Name: ERSvc
Description: Allows error reporting for services and applictions
running in non-standard environments.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: Eventlog
Description: Enables event log messages issued by Windows-based
programs and components to be viewed in Event Viewer. This service
cannot be stopped.
Startup Mode: Auto
Run from: C:WINDOWSsystem32services.exe

Name: EventSystem
Description: Supports System Event Notification Service (SENS), which
provides automatic distribution of events to subscribing Component
Object Model (COM) components. If the service is stopped, SENS will
close and will not be able to provide logon and logoff notifications.
If this service is disabled, any services that explicitly depend on it
will fail to start.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: helpsvc
Description: Enables Help and Support Center to run on this computer.
If this service is stopped, Help and Support Center will be
unavailable. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: HidServ
Description: Enables generic input access to Human Interface Devices
(HID), which activates and maintains the use of predefined hot buttons
on keyboards, remote controls, and other multimedia devices. If this
service is stopped, hot buttons controlled by this service will no
longer function. If this service is disabled, any services that
explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: IISADMIN
Description: Allows administration of Web and FTP services through the
Internet Information Services snap-in
Startup Mode: Auto
Run from: C:WINDOWSSystem32inetsrvinetinfo.exe

Name: Irmon
Description: Supports infrared devices installed on the computer and
detects other devices that are in range.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: lanmanserver
Description: Supports file, print, and named-pipe sharing over the
network for this computer. If this service is stopped, these functions
will be unavailable. If this service is disabled, any services that
explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: LanmanWorkstation
Description: Creates and maintains client network connections to
remote servers. If this service is stopped, these connections will be
unavailable. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: LmHosts
Description: Enables support for NetBIOS over TCP/IP (NetBT) service
and NetBIOS name resolution.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k LocalService

Name: MSSQLSERVER
Description:
Startup Mode: Auto
Run from: C:PROGRA~1MICROS~4MSSQLbinnsqlservr.exe

Name: Netlogon
Description: Supports pass-through authentication of account logon
events for computers in a domain.
Startup Mode: Auto
Run from: C:WINDOWSSystem32lsass.exe

Name: Netman
Description: Manages objects in the Network and Dial-Up Connections
folder, in which you can view both local area network and remote
connections.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: Nla
Description: Collects and stores network configuration and location
information, and notifies applications when this information changes.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: Norton AntiVirus Server
Description:
Startup Mode: Auto
Run from: C:Program FilesNavNTrtvscan.exe

Name: PlugPlay
Description: Enables a computer to recognize and adapt to hardware
changes with little or no user input. Stopping or disabling this
service will result in system instability.
Startup Mode: Auto
Run from: C:WINDOWSsystem32services.exe

Name: ProtectedStorage
Description: Provides protected storage for sensitive data, such as
private keys, to prevent access by unauthorized services, processes,
or users.
Startup Mode: Auto
Run from: C:WINDOWSsystem32lsass.exe

Name: RasMan
Description: Creates a network connection.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: RemoteRegistry
Description: Enables remote users to modify registry settings on this
computer. If this service is stopped, the registry can be modified
only by users on this computer. If this service is disabled, any
services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k LocalService

Name: RpcSs
Description: Provides the endpoint mapper and other miscellaneous RPC
services.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost -k rpcss

Name: SamSs
Description: Stores security information for local user accounts.
Startup Mode: Auto
Run from: C:WINDOWSsystem32lsass.exe

Name: SCardSvr
Description: Manages access to smart cards read by this computer. If
this service is stopped, this computer will be unable to read smart
cards. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32SCardSvr.exe

Name: Schedule
Description: Enables a user to configure and schedule automated tasks
on this computer. If this service is stopped, these tasks will not be
run at their scheduled times. If this service is disabled, any
services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: seclogon
Description: Enables starting processes under alternate credentials.
If this service is stopped, this type of logon access will be
unavailable. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: SENS
Description: Tracks system events such as Windows logon, network, and
power events. Notifies COM+ Event System subscribers of these events.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: SharedAccess
Description: Provides network address translation, addressing, name
resolution and/or intrusion prevention services for a home or small
office network.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: ShellHWDetection
Description:
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: SmcService
Description:
Startup Mode: Auto
Run from: C:Program FilesSygateSPFsmc.exe

Name: SMTPSVC
Description: Transports electronic mail across the network
Startup Mode: Auto
Run from: C:WINDOWSSystem32inetsrvinetinfo.exe

Name: Spooler
Description: Loads files to memory for later printing.
Startup Mode: Auto
Run from: C:WINDOWSsystem32spoolsv.exe

Name: SSDPSRV
Description: Enables discovery of UPnP devices on your home network.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k LocalService

Name: stisvc
Description: Provides image acquisition services for scanners and
cameras.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k imgsvc

Name: TapiSrv
Description: Provides Telephony API (TAPI) support for programs that
control telephony devices and IP based voice connections on the local
computer and, through the LAN, on servers that are also running the
service.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: TermService
Description: Allows multiple users to be connected interactively to a
machine as well as the display of desktops and applications to remote
computers. The underpinning of Remote Desktop (including RD for
Administrators), Fast User Switching, Remote Assistance, and Terminal
Server.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost -k DComLaunch

Name: Themes
Description: Provides user experience theme management.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: TrkWks
Description: Maintains links between NTFS files within a computer or
across computers in a network domain.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: UMWdf
Description: Enables Windows user mode drivers.
Startup Mode: Auto
Run from: C:WINDOWSsystem32wdfmgr.exe

Name: w32time
Description: Maintains date and time synchronization on all clients
and servers in the network. If this service is stopped, date and time
synchronization will be unavailable. If this service is disabled, any
services that explicitly depend on it will fail to start.

Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: W3SVC
Description: Provides Web connectivity and administration through the
Internet Information Services snap-in
Startup Mode: Auto
Run from: C:WINDOWSSystem32inetsrvinetinfo.exe

Name: WebClient
Description: Enables Windows-based programs to create, access, and
modify Internet-based files. If this service is stopped, these
functions will not be available. If this service is disabled, any
services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k LocalService

Name: winmgmt
Description: Provides a common interface and object model to access
management information about operating system, devices, applications
and services. If this service is stopped, most Windows-based software
will not function properly. If this service is disabled, any services
that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: WLTRYSVC
Description:
Startup Mode: Auto
Run from: C:WINDOWSSystem32WLTRYSVC.EXE
C:WINDOWSSystem32bcmwltry.exe

Name: WMDM PMSP Service
Description:
Startup Mode: Auto
Run from: C:WINDOWSSystem32MsPMSPSv.exe

Name: wuauserv
Description: Enables the download and installation of critical Windows
updates. If the service is disabled, the operating system can be
manually updated at the Windows Update Web site.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: WZCSVC
Description: Provides automatic configuration for the 802.11 adapters
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs




Hi

I'm having what seems to be a familair problem with Task Manager,
Regedit etc.

I've updated my AVG definitions, scanned in safe mode and normal, run
a couple of the suggested online scanners, run Spybot and Spyware
Doctor. And (!) I've tried Doug's various utilities (Security Console
and XP_taskmgrenab included) and I Task Manager is still greyed out. I
can however run everything when I boot in Safe Mode.

So I've used Doug's Program Tracker and I'm hoping someone can help me
decipher what the heck is going on.

Many thanks in advance and please don't tell me to run a virus
check!!!!

-- Registry --
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurr entVersionRunOnce

No Items Found

-- Registry --
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurr entVersionRun

IgfxTray C:WINDOWSSystem32igfxtray.exe
HotKeysCmds C:WINDOWSSystem32hkcmd.exe
Apoint C:Program FilesApointApoint.exe
Dell QuickSet C:Program
FilesDellQuickSetquickset.exe
bascstray BascsTray.exe
DVDSentry C:WINDOWSSystem32DSentry.exe
AVG_CC C:PROGRA~1GrisoftAVG6avgcc32.exe
/STARTUP
vptray C:Program FilesNavNTvptray.exe
QuickTime Task "C:Program FilesQuickTimeqttask.exe"
-atboottime
Openwares LiveUpdate C:Program
FilesLiveUpdateLiveUpdate.exe
RoxioEngineUtility "C:Program FilesCommon FilesRoxio
SharedSystemEngUtil.exe"
RoxioAudioCentral "C:Program FilesRoxioEasy CD Creator
6AudioCentralRxMon.exe"
GSICONEXE gsicon.exe
DSLAGENTEXE dslagent.exe USB
MMTray C:Program FilesMUSICMATCHMUSICMATCH
Jukeboxmm_tray.exe
mmtask C:Program FilesMUSICMATCHMUSICMATCH
Jukeboxmmtask.exe
SmcService C:PROGRA~1SygateSPFsmc.exe -startgui

-- Registry --
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurre ntVersionRunOnce

No Items Found

-- Registry --
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurre ntVersionRun

H/PC Connection Agent "C:Program FilesMicrosoft
ActiveSyncWCESCOMM.EXE"
Creative Detector C:Program
FilesCreativeMediaSourceDetectorCTDetect.exe /R
SpySweeper "C:Program FilesWebrootSpy
SweeperSpySweeper.exe" /0
ctfmon.exe C:WINDOWSsystem32ctfmon.exe

-- Registry --
HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCur rentVersionRunOnce

No Items Found

-- Start Menu - Current User --
DESKTOP.INI

-- Start Menu - All Users --
Acrobat Assistant.lnk
BTTray.lnk
Dataviz Messenger.lnk
DESKTOP.INI
Microsoft Office OneNote 2003 Quick Launch.lnk
Phone Connection Monitor.lnk
Service Manager.lnk

-- Disabled Items --
No Items Found

-- Registry - Shell Value - HKLMSOFTWAREMicrosoftWindows
NTCurrentVersionWinlogon --
Explorer.exe

-- Running Processes --
System Idle Process
System
smss.exe SystemRootSystem32smss.exe
csrss.exe C:WINDOWSsystem32csrss.exe
ObjectDirectory=Windows SharedSection=1024,3072,512 Windows=On
SubSystemType=Windows ServerDll=basesrv,1
ServerDll=winsrv:UserServerDllInitialization,3
ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off
MaxRequestThreads=16
winlogon.exe winlogon.exe
services.exe C:WINDOWSsystem32services.exe
lsass.exe C:WINDOWSsystem32lsass.exe
svchost.exe C:WINDOWSsystem32svchost -k DcomLaunch
svchost.exe C:WINDOWSsystem32svchost -k rpcss
svchost.exe C:WINDOWSSystem32svchost.exe -k netsvcs
Smc.exe "C:Program FilesSygateSPFsmc.exe"
svchost.exe C:WINDOWSSystem32svchost.exe -k NetworkService
svchost.exe C:WINDOWSSystem32svchost.exe -k LocalService
spoolsv.exe C:WINDOWSsystem32spoolsv.exe
scardsvr.exe C:WINDOWSSystem32SCardSvr.exe
avgserv.exe C:PROGRA~1GrisoftAVG6avgserv.exe
BAsfIpM.exe C:WINDOWSSystem32basfipm.exe
btwdins.exe "C:Program FilesDellBluetooth
Softwarebinbtwdins.exe"
cisvc.exe C:WINDOWSsystem32cisvc.exe
CTSVCCDA.EXE C:WINDOWSSystem32CTsvcCDA.EXE
defwatch.exe "C:Program FilesNavNTdefwatch.exe"
inetinfo.exe C:WINDOWSSystem32inetsrvinetinfo.exe
sqlservr.exe C:PROGRA~1MICROS~4MSSQLbinnsqlservr.exe
rtvscan.exe "C:Program FilesNavNTrtvscan.exe"
svchost.exe C:WINDOWSSystem32svchost.exe -k imgsvc
wdfmgr.exe C:WINDOWSsystem32wdfmgr.exe
WLTRYSVC.EXE C:WINDOWSSystem32WLTRYSVC.EXE
C:WINDOWSSystem32bcmwltry.exe
MsPMSPSv.exe C:WINDOWSSystem32MsPMSPSv.exe
BCMWLTRY.EXE C:WINDOWSSystem32bcmwltry.exe
alg.exe C:WINDOWSSystem32alg.exe
explorer.exe C:WINDOWSExplorer.EXE
REGSVR.EXE C:WINDOWSREGSVR.EXE
hkcmd.exe "C:WINDOWSSystem32hkcmd.exe"
Apoint.exe "C:Program FilesApointApoint.exe"
quickset.exe "C:Program FilesDellQuickSetquickset.exe"
DSentry.exe "C:WINDOWSSystem32DSentry.exe"
avgcc32.exe "C:PROGRA~1GrisoftAVG6avgcc32.exe" /STARTUP
ApntEx.exe "Apntex.exe"
vptray.exe "C:Program FilesNavNTvptray.exe"
RxMon.exe "C:Program FilesRoxioEasy CD Creator
6AudioCentralRxMon.exe"
gsicon.exe "C:WINDOWSsystem32gsicon.exe"
dslagent.exe "C:WINDOWSsystem32dslagent.exe" USB
mm_tray.exe "C:Program FilesMUSICMATCHMUSICMATCH
Jukeboxmm_tray.exe"
mmtask.exe "C:Program FilesMUSICMATCHMUSICMATCH
Jukeboxmmtask.exe"
wcescomm.exe "C:Program FilesMicrosoft
ActiveSyncWCESCOMM.EXE"
CTDetect.exe "C:Program
FilesCreativeMediaSourceDetectorCTDetect.exe" /R
SpySweeper.exe "C:Program FilesWebrootSpy
SweeperSpySweeper.exe" /0
ctfmon.exe "C:WINDOWSsystem32ctfmon.exe"
Playlist.exe "C:Program FilesRoxioEasy CD Creator
6AudioCentralPlaylist.exe" -Embedding
acrotray.exe "C:Program FilesAdobeAcrobat
6.0Distillracrotray.exe"
BTTray.exe "C:Program FilesDellBluetooth
SoftwareBTTray.exe"
DvzMsgr.exe "C:WINDOWSDvzCommonDvzMsgr.exe"
audevicemgr.exe "C:Program FilesSony
EricssonMobileaudevicemgr.exe"
sqlmangr.exe "C:Program FilesMicrosoft SQL
Server80ToolsBinnsqlmangr.exe" /n
MROUTE~2.EXE c:PROGRA~1INTUWA~1SharedMROUTE~1MROUTE~2.EXE
-Embedding
BTStackServer.exe C:PROGRA~1DellBLUETO~1BTSTAC~1.EXE -Embedding
CONNMN~1.EXE C:PROGRA~1SONYER~1MobileCONNEC~1CONNMN~1.EXE
-Embedding
OUTLOOK.EXE "C:Program FilesMicrosoft
OfficeOFFICE11OUTLOOK.EXE" /recycle
SYNCIN~1.EXE C:PROGRA~1SONYER~1MobileSYNCIN~1.EXE
-Embedding
CIDAEMON.EXE "cidaemon.exe" DownLevelDaemon "c:system volume
informationcatalog.wci" 196672l 1616l
CIDAEMON.EXE "cidaemon.exe" DownLevelDaemon "c:documents and
settingsall usersapplication datamicrosoftvisiocatalog.wci"
196672l 1616l
CIDAEMON.EXE "cidaemon.exe" DownLevelDaemon
"c:inetpubcatalog.wci" 196672l 1616l
wuauclt.exe "C:WINDOWSsystem32wuauclt.exe"
iexplore.exe "C:Program FilesInternet Exploreriexplore.exe"
WINZIP32.EXE "C:PROGRA~1WINZIPwinzip32.exe" "C:Documents
and Settingsjamie.UK0DesktopStartupTracker3.zip"
StartupTracker3.exe "c:TEMPStartupTracker3.exe"
wmiprvse.exe C:WINDOWSSystem32wbemwmiprvse.exe

-- Running Services --

Name: ALG
Description: Provides support for 3rd party protocol plug-ins for
Internet Connection Sharing and the Windows Firewall.
Startup Mode: Manual
Run from: C:WINDOWSSystem32alg.exe

Name: AudioSrv
Description: Manages audio devices for Windows-based programs. If this
service is stopped, audio devices and effects will not function
properly. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: AvgServ
Description:
Startup Mode: Auto
Run from: C:PROGRA~1GrisoftAVG6avgserv.exe

Name: BAsfIpM
Description: IP monitoring service for Broadcom ASF applications.
Startup Mode: Auto
Run from: C:WINDOWSSystem32basfipm.exe

Name: BITS
Description: Transfers files in the background using idle network
bandwidth. If the service is stopped, features such as Windows Update,
and MSN Explorer will be unable to automatically download programs and
other information. If this service is disabled, any services that
explicitly depend on it may fail to transfer files if they do not have
a fail safe mechanism to transfer files directly through IE in case
BITS has been disabled.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: Browser
Description: Maintains an updated list of computers on the network and
supplies this list to computers designated as browsers. If this
service is stopped, this list will not be updated or maintained. If
this service is disabled, any services that explicitly depend on it
will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: btwdins
Description:
Startup Mode: Auto
Run from: C:Program FilesDellBluetooth Softwarebinbtwdins.exe

Name: CiSvc
Description: Indexes contents and properties of files on local and
remote computers; provides rapid access to files through flexible
querying language.
Startup Mode: Auto
Run from: C:WINDOWSsystem32cisvc.exe

Name: Creative Service for CDROM Access
Description:
Startup Mode: Auto
Run from: C:WINDOWSSystem32CTsvcCDA.EXE

Name: CryptSvc
Description: Provides three management services: Catalog Database
Service, which confirms the signatures of Windows files; Protected
Root Service, which adds and removes Trusted Root Certification
Authority certificates from this computer; and Key Service, which
helps enroll this computer for certificates. If this service is
stopped, these management services will not function properly. If this
service is disabled, any services that explicitly depend on it will
fail to start.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: DcomLaunch
Description: Provides launch functionality for DCOM services.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost -k DcomLaunch

Name: DefWatch
Description:
Startup Mode: Auto
Run from: C:Program FilesNavNTdefwatch.exe

Name: Dhcp
Description: Manages network configuration by registering and updating
IP addresses and DNS names.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: dmserver
Description: Detects and monitors new hard disk drives and sends disk
volume information to Logical Disk Manager Administrative Service for
configuration. If this service is stopped, dynamic disk status and
configuration information may become out of date. If this service is
disabled, any services that explicitly depend on it will fail to
start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: Dnscache
Description: Resolves and caches Domain Name System (DNS) names for
this computer. If this service is stopped, this computer will not be
able to resolve DNS names and locate Active Directory domain
controllers. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k NetworkService

Name: ERSvc
Description: Allows error reporting for services and applictions
running in non-standard environments.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: Eventlog
Description: Enables event log messages issued by Windows-based
programs and components to be viewed in Event Viewer. This service
cannot be stopped.
Startup Mode: Auto
Run from: C:WINDOWSsystem32services.exe

Name: EventSystem
Description: Supports System Event Notification Service (SENS), which
provides automatic distribution of events to subscribing Component
Object Model (COM) components. If the service is stopped, SENS will
close and will not be able to provide logon and logoff notifications.
If this service is disabled, any services that explicitly depend on it
will fail to start.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: helpsvc
Description: Enables Help and Support Center to run on this computer.
If this service is stopped, Help and Support Center will be
unavailable. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: HidServ
Description: Enables generic input access to Human Interface Devices
(HID), which activates and maintains the use of predefined hot buttons
on keyboards, remote controls, and other multimedia devices. If this
service is stopped, hot buttons controlled by this service will no
longer function. If this service is disabled, any services that
explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: IISADMIN
Description: Allows administration of Web and FTP services through the
Internet Information Services snap-in
Startup Mode: Auto
Run from: C:WINDOWSSystem32inetsrvinetinfo.exe

Name: Irmon
Description: Supports infrared devices installed on the computer and
detects other devices that are in range.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: lanmanserver
Description: Supports file, print, and named-pipe sharing over the
network for this computer. If this service is stopped, these functions
will be unavailable. If this service is disabled, any services that
explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: LanmanWorkstation
Description: Creates and maintains client network connections to
remote servers. If this service is stopped, these connections will be
unavailable. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: LmHosts
Description: Enables support for NetBIOS over TCP/IP (NetBT) service
and NetBIOS name resolution.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k LocalService

Name: MSSQLSERVER
Description:
Startup Mode: Auto
Run from: C:PROGRA~1MICROS~4MSSQLbinnsqlservr.exe

Name: Netlogon
Description: Supports pass-through authentication of account logon
events for computers in a domain.
Startup Mode: Auto
Run from: C:WINDOWSSystem32lsass.exe

Name: Netman
Description: Manages objects in the Network and Dial-Up Connections
folder, in which you can view both local area network and remote
connections.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: Nla
Description: Collects and stores network configuration and location
information, and notifies applications when this information changes.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: Norton AntiVirus Server
Description:
Startup Mode: Auto
Run from: C:Program FilesNavNTrtvscan.exe

Name: PlugPlay
Description: Enables a computer to recognize and adapt to hardware
changes with little or no user input. Stopping or disabling this
service will result in system instability.
Startup Mode: Auto
Run from: C:WINDOWSsystem32services.exe

Name: ProtectedStorage
Description: Provides protected storage for sensitive data, such as
private keys, to prevent access by unauthorized services, processes,
or users.
Startup Mode: Auto
Run from: C:WINDOWSsystem32lsass.exe

Name: RasMan
Description: Creates a network connection.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: RemoteRegistry
Description: Enables remote users to modify registry settings on this
computer. If this service is stopped, the registry can be modified
only by users on this computer. If this service is disabled, any
services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k LocalService

Name: RpcSs
Description: Provides the endpoint mapper and other miscellaneous RPC
services.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost -k rpcss

Name: SamSs
Description: Stores security information for local user accounts.
Startup Mode: Auto
Run from: C:WINDOWSsystem32lsass.exe

Name: SCardSvr
Description: Manages access to smart cards read by this computer. If
this service is stopped, this computer will be unable to read smart
cards. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32SCardSvr.exe

Name: Schedule
Description: Enables a user to configure and schedule automated tasks
on this computer. If this service is stopped, these tasks will not be
run at their scheduled times. If this service is disabled, any
services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: seclogon
Description: Enables starting processes under alternate credentials.
If this service is stopped, this type of logon access will be
unavailable. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: SENS
Description: Tracks system events such as Windows logon, network, and
power events. Notifies COM+ Event System subscribers of these events.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: SharedAccess
Description: Provides network address translation, addressing, name
resolution and/or intrusion prevention services for a home or small
office network.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: ShellHWDetection
Description:
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: SmcService
Description:
Startup Mode: Auto
Run from: C:Program FilesSygateSPFsmc.exe

Name: SMTPSVC
Description: Transports electronic mail across the network
Startup Mode: Auto
Run from: C:WINDOWSSystem32inetsrvinetinfo.exe

Name: Spooler
Description: Loads files to memory for later printing.
Startup Mode: Auto
Run from: C:WINDOWSsystem32spoolsv.exe

Name: SSDPSRV
Description: Enables discovery of UPnP devices on your home network.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k LocalService

Name: stisvc
Description: Provides image acquisition services for scanners and
cameras.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k imgsvc

Name: TapiSrv
Description: Provides Telephony API (TAPI) support for programs that
control telephony devices and IP based voice connections on the local
computer and, through the LAN, on servers that are also running the
service.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: TermService
Description: Allows multiple users to be connected interactively to a
machine as well as the display of desktops and applications to remote
computers. The underpinning of Remote Desktop (including RD for
Administrators), Fast User Switching, Remote Assistance, and Terminal
Server.
Startup Mode: Manual
Run from: C:WINDOWSSystem32svchost -k DComLaunch

Name: Themes
Description: Provides user experience theme management.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs

Name: TrkWks
Description: Maintains links between NTFS files within a computer or
across computers in a network domain.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: UMWdf
Description: Enables Windows user mode drivers.
Startup Mode: Auto
Run from: C:WINDOWSsystem32wdfmgr.exe

Name: w32time
Description: Maintains date and time synchronization on all clients
and servers in the network. If this service is stopped, date and time
synchronization will be unavailable. If this service is disabled, any
services that explicitly depend on it will fail to start.

Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: W3SVC
Description: Provides Web connectivity and administration through the
Internet Information Services snap-in
Startup Mode: Auto
Run from: C:WINDOWSSystem32inetsrvinetinfo.exe

Name: WebClient
Description: Enables Windows-based programs to create, access, and
modify Internet-based files. If this service is stopped, these
functions will not be available. If this service is disabled, any
services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k LocalService

Name: winmgmt
Description: Provides a common interface and object model to access
management information about operating system, devices, applications
and services. If this service is stopped, most Windows-based software
will not function properly. If this service is disabled, any services
that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: WLTRYSVC
Description:
Startup Mode: Auto
Run from: C:WINDOWSSystem32WLTRYSVC.EXE
C:WINDOWSSystem32bcmwltry.exe

Name: WMDM PMSP Service
Description:
Startup Mode: Auto
Run from: C:WINDOWSSystem32MsPMSPSv.exe

Name: wuauserv
Description: Enables the download and installation of critical Windows
updates. If the service is disabled, the operating system can be
manually updated at the Windows Update Web site.
Startup Mode: Auto
Run from: C:WINDOWSsystem32svchost.exe -k netsvcs

Name: WZCSVC
Description: Provides automatic configuration for the 802.11 adapters
Startup Mode: Auto
Run from: C:WINDOWSSystem32svchost.exe -k netsvcs


Page 1 of 2.
Results 1...20 of 30