ok. I did more thorough testing but am just posting services log and basic info here (captured with 100% cpu problem and intrusion prevention enabled):
Name: System Information
Description: Show System Information
===========================
BuildNumber: 2600
Caption: Microsoft Windows XP Professional
CodeSet: 1252
CreationClassName: Win32_OperatingSystem
CSCreationClassName: Win32_ComputerSystem
CSDVersion: Service Pack 3, v.3264
CSName: ******
FreePhysicalMemory: 193596
FreeSpaceInPagingFiles: 2099740
FreeVirtualMemory: 2055364
InstallDate: 20050507112405.000000-240
Name: Microsoft Windows XP
Professional|C:\WINNT|\Device\Harddisk0\Partition1
NumberOfProcesses: 73
ServicePackMajorVersion: 3
ServicePackMinorVersion: 0
Version: 5.1.2600
---- Finished Job: cscript //Nologo "C:\Program
Files\Common Files\eEye Digital Security\Diagnostic
Tool\bin\db_sysinfo.wsf" at
12/23/2007:11:47:343 ----
---- Running Job: cscript //Nologo "C:\Program
Files\Common Files\eEye Digital Security\Diagnostic
Tool\bin\db_services.wsf" at
12/23/2007:11:47:343 ----
Name: Services
Description: Show Current Services
===========================
Service: 3ComDMIService
Display Name:
3Com DMI Agent
Description:
Path Name:
C:\WINNT\System32\3Com_DMI\3CDMINIC.EXE
Start Mode:
Manual
State: Stopped
Service: Adobe LM Service
Display Name:
Adobe LM Service
Description:
AdobeLM Service
Path Name:
"C:\Program Files\Common Files\Adobe Systems
Shared\Service\Adobelmsvc.exe"
Start Mode:
Manual
State: Stopped
Service: Alerter
Display Name:
Alerter
Description:
Notifies selected users and computers of administrative alerts. If the service
is stopped, programs that use administrative alerts will not receive them. If
this service is disabled, any services that explicitly depend on it will fail
to start.
Path Name:
C:\WINNT\System32\svchost.exe -k LocalService
Start Mode:
Disabled
State: Stopped
Service: ALG
Display Name:
Application Layer Gateway Service
Description:
Provides support for 3rd party protocol plug-ins for Internet Connection
Sharing and the Windows Firewall.
Path Name:
C:\WINNT\System32\alg.exe
Start Mode: Manual
State: Running
Service: APC UPS Service
Display Name: APC
UPS Service
Description:
Path Name:
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
Start Mode:
Disabled
State: Stopped
Service: Apple Mobile Device
Display Name:
Apple Mobile Device
Description:
Provides the interface to Apple mobile devices.
Path Name:
"C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe"
Start Mode: Auto
State: Running
Service: AppMgmt
Display Name:
Application Management
Description:
Provides software installation services such as Assign, Publish, and Remove.
Path Name:
C:\WINNT\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: aspnet_state
Display Name:
ASP.NET State Service
Description:
Provides support for out-of-process session states for ASP.NET. If this service
is stopped, out-of-process requests will not be processed. If this service is
disabled, any services that explicitly depend on it will fail to start.
Path Name:
C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
Start Mode:
Manual
State: Stopped
Service: Ati HotKey Poller
Display Name: Ati
HotKey Poller
Description:
Path Name:
C:\WINNT\system32\Ati2evxx.exe
Start Mode:
Manual
State: Stopped
Service: ATI Smart
Display Name: ATI
Smart
Description:
Path Name:
C:\WINNT\system32\ati2sgag.exe
Start Mode: Auto
State: Stopped
Service: AudioSrv
Display Name:
Windows Audio
Description:
Manages audio devices for Windows-based programs. If this service is stopped,
audio devices and effects will not function properly. If this service is
disabled, any services that explicitly depend on it will fail to start.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: BITS
Display Name:
Background Intelligent Transfer Service
Description:
Transfers files in the background using idle network bandwidth. If the service
is stopped, features such as Windows Update, and MSN Explorer will be unable to
automatically download programs and other information. If this service is
disabled, any services that explicitly depend on it may fail to transfer files
if they do not have a fail safe mechanism to transfer files directly through IE
in case BITS has been disabled.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode:
Manual
State: Stopped
Service: blinksvc
Display Name:
eEye Blink Engine
Description:
Provides services for eEye Blink desktop protection
Path Name:
"C:\Program Files\eEye Digital Security\Blink\blinksvc.exe"
Start Mode: Auto
State: Running
Service: Browser
Display Name:
Computer Browser
Description:
Maintains an updated list of computers on the network and supplies this list to
computers designated as browsers. If this service is stopped, this list will
not be updated or maintained. If this service is disabled, any services that
explicitly depend on it will fail to start.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode:
Disabled
State: Stopped
Service: CAISafe
Display Name: CA
ISafe
Description:
Path Name:
C:\WINNT\system32\ZoneLabs\isafe.exe
Start Mode:
Manual
State: Stopped
Service: cisvc
Display Name:
Indexing Service
Description:
Indexes contents and properties of files on local and remote computers;
provides rapid access to files through flexible querying language.
Path Name:
C:\WINNT\system32\cisvc.exe
Start Mode: Manual
State: Stopped
Service: ClipSrv
Display Name:
ClipBook
Description:
Enables ClipBook Viewer to store information and share it with remote
computers. If the service is stopped, ClipBook Viewer will not be able to share
information with remote computers. If this service is disabled, any services
that explicitly depend on it will fail to start.
Path Name:
C:\WINNT\system32\clipsrv.exe
Start Mode:
Disabled
State: Stopped
Service: clr_optimization_v2.0.50727_32
Display Name:
.NET Runtime Optimization Service v2.0.50727_X86
Description: Microsoft .NET Framework NGEN
Path Name:
C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Start Mode:
Manual
State: Stopped
Service: COMSysApp
Display Name:
COM+ System Application
Description:
Manages the configuration and tracking of Component Object Model (COM)+-based
components. If the service is stopped, most COM+-based components will not
function properly. If this service is disabled, any services that explicitly
depend on it will fail to start.
Path Name:
C:\WINNT\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Start Mode: Auto
State: Running
Service: CryptSvc
Display Name:
Cryptographic Services
Description:
Provides three management services: Catalog Database Service, which confirms
the signatures of Windows files; Protected Root Service, which adds and removes
Trusted Root Certification Authority certificates from this computer; and Key
Service, which helps enroll this computer for certificates. If this service is
stopped, these management services will not function properly. If this service
is disabled, any services that explicitly depend on it will fail to start.
Path Name:
C:\WINNT\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: DcomLaunch
Display Name:
DCOM Server Process Launcher
Description:
Provides launch functionality for DCOM services.
Path Name:
C:\WINNT\system32\svchost -k DcomLaunch
Start Mode: Auto
State: Running
Service: Dhcp
Display Name:
DHCP Client
Description:
Manages network configuration by registering and updating IP addresses and DNS
names.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: Diskeeper
Display Name:
Diskeeper
Description:
Controls the Diskeeper Service
Path Name:
"C:\Program Files\Executive Software\DiskeeperServer\DKService.exe"
Start Mode: Auto
State: Running
Service: dmadmin
Display Name:
Logical Disk Manager Administrative Service
Description:
Configures hard disk drives and volumes. The service only runs for
configuration processes and then stops.
Path Name:
C:\WINNT\System32\dmadmin.exe /com
Start Mode:
Manual
State: Stopped
Service: dmserver
Display Name:
Logical Disk Manager
Description:
Detects and monitors new hard disk drives and sends disk volume information to
Logical Disk Manager Administrative Service for configuration. If this service
is stopped, dynamic disk status and configuration information may become out of
date. If this service is disabled, any services that explicitly depend on it
will fail to start.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: Dnscache
Display Name: DNS
Client
Description:
Resolves and caches Domain Name System (DNS) names for this computer. If this
service is stopped, this computer will not be able to resolve DNS names and
locate Active Directory domain controllers. If this service is disabled, any
services that explicitly depend on it will fail to start.
Path Name:
C:\WINNT\System32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running
Service: Dot3svc
Display Name:
Wired AutoConfig
Description: This
service performs IEEE 802.1X authentication on Ethernet interfaces
Path Name:
C:\WINNT\System32\svchost.exe -k dot3svc
Start Mode:
Manual
State: Stopped
Service: EapHost
Display Name:
Extensible Authentication Protocol Service
Description:
Provides windows clients Extensible Authentication Protocol Service
Path Name:
C:\WINNT\System32\svchost.exe -k eapsvcs
Start Mode:
Manual
State: Stopped
Service: eeyeevnt
Display Name:
eEye Application Bus
Description:
Path Name:
"C:\Program Files\Common Files\eEye Digital Security\Application
Bus\eeyeevnt.exe"
Start Mode: Auto
State: Running
Service: ERSvc
Display Name:
Error Reporting Service
Description:
Allows error reporting for services and applictions running in non-standard
environments.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode:
Disabled
State: Stopped
Service: Eventlog
Display Name:
Event Log
Description:
Enables event log messages issued by Windows-based programs and components to
be viewed in Event Viewer. This service cannot be stopped.
Path Name:
C:\WINNT\system32\services.exe
Start Mode: Auto
State: Running
Service: EventSystem
Display Name:
COM+ Event System
Description:
Supports System Event Notification Service (SENS), which provides automatic
distribution of events to subscribing Component Object Model (COM) components.
If the service is stopped, SENS will close and will not be able to provide
logon and logoff notifications. If this service is disabled, any services that
explicitly depend on it will fail to start.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode:
Manual
State: Running
Service: FastUserSwitchingCompatibility
Display Name:
Fast User Switching Compatibility
Description:
Provides management for applications that require assistance in a multiple user
environment.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: Fax
Display Name: Fax
Description:
Enables you to send and receive faxes, utilizing fax resources available on
this computer or on the network.
Path Name:
C:\WINNT\system32\fxssvc.exe
Start Mode:
Manual
State: Stopped
Service: Fix-It Task Manager
Display Name:
Fix-It Task Manager
Description:
Path Name:
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe -Service
Start Mode:
Manual
State: Stopped
Service: FolderSize
Display Name:
Folder Size
Description:
Caches the sizes of all folders viewed in Explorer. The service monitors folders
for changes and updates the cache in the background.
Path Name:
"C:\Program Files\FolderSize\FolderSizeSvc.exe"
Start Mode: Auto
State: Running
Service: GhostStartService
Display Name:
GhostStartService
Description:
Background service to allow Norton Ghost to perform priviledged operations
Path Name:
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
Start Mode:
Manual
State: Stopped
Service: GoogleDesktopManager
Display Name:
GoogleDesktopManager
Description:
Path Name:
"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe"
Start Mode:
Manual
State: Stopped
Service: helpsvc
Display Name:
Help and Support
Description:
Enables Help and Support Center to run on this computer. If this service is stopped,
Help and Support Center will be unavailable. If this service is disabled, any
services that explicitly depend on it will fail to start.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: HidServ
Display Name: HID
Input Service
Description:
Enables generic input access to Human Interface Devices (HID), which activates
and maintains the use of predefined hot buttons on keyboards, remote controls,
and other multimedia devices. If this service is stopped, hot buttons
controlled by this service will no longer function. If this service is
disabled, any services that explicitly depend on it will fail to start.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: hkmsvc
Display Name:
Health Key and Certificate Management Service
Description:
Manages health certificates and keys (used by NAP)
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode:
Manual
State: Stopped
Service: HTTPFilter
Display Name:
HTTP SSL
Description: This
service implements the secure hypertext transfer protocol (HTTPS) for the HTTP
service, using the Secure Socket Layer
(SSL). If this service is disabled, any
services that explicitly depend on it will fail to start.
Path Name:
C:\WINNT\System32\svchost.exe -k HTTPFilter
Start Mode:
Manual
State: Running
Service: IDriverT
Display Name:
InstallDriver Table Manager
Description:
Provides support for the Running Object Table for InstallShield Drivers
Path Name:
"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel
32\IDriverT.exe"
Start Mode:
Manual
State: Stopped
Service: Imapi Helper
Display Name:
Imapi Helper
Description:
Path Name:
"C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe"
Start Mode:
Manual
State: Stopped
Service: ImapiService
Display Name:
IMAPI CD-Burning COM Service
Description:
Manages CD recording using Image Mastering Applications Programming Interface
(IMAPI). If this service is stopped, this computer will be unable to record
CDs. If this service is disabled, any services that explicitly depend on it
will fail to start.
Path Name:
C:\WINNT\System32\imapi.exe
Start Mode: Auto
State: Running
Service: iPod Service
Display Name:
iPod Service
Description: iPod
hardware management services
Path Name:
"C:\Program Files\iPod\bin\iPodService.exe"
Start Mode:
Manual
State: Stopped
Service: KVFKFSNCUTFGQ
Display Name:
KVFKFSNCUTFGQ
Description:
Path Name:
C:\WINNT\TEMP\KVFKFSNCUTFGQ.exe
Start Mode:
Disabled
State: Stopped
Service: lanmanserver
Display Name:
Server
Description:
Supports file, print, and named-pipe sharing over the network for this
computer. If this service is stopped, these functions will be unavailable. If
this service is disabled, any services that explicitly depend on it will fail
to start.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode:
Disabled
State: Stopped
Service: lanmanworkstation
Display Name:
Workstation
Description:
Creates and maintains client network connections to remote servers. If this
service is stopped, these connections will be unavailable. If this service is
disabled, any services that explicitly depend on it will fail to start.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: LexBceS
Display Name:
LexBce Server
Description:
Path Name:
C:\WINNT\system32\LEXBCES.EXE
Start Mode: Auto
State: Running
Service: LmHosts
Display Name:
TCP/IP NetBIOS Helper
Description:
Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name
resolution.
Path Name:
C:\WINNT\System32\svchost.exe -k LocalService
Start Mode: Auto
State: Running
Service: maya65docserver
Display Name:
Maya 6.5 Documentation Server
Description:
Searchable online docs for Alias software
Path Name:
"C:\Program Files\Alias\Maya6.5\docs\wrapper.exe" -s "C:\Program
Files\Alias\Maya6.5\docs\Wrapper.conf"
Start Mode:
Manual
State: Stopped
Service: MDM
Display Name:
Machine Debug Manager
Description:
Supports local and remote debugging for Visual Studio and script debuggers. If
this service is stopped, the debuggers will not function properly.
Path Name:
"C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
Start Mode: Auto
State: Running
Service: Messenger
Display Name:
Messenger
Description:
Transmits net send and Alerter service messages between clients and servers.
This service is not related to Windows Messenger. If this service is stopped,
Alerter messages will not be transmitted. If this service is disabled, any
services that explicitly depend on it will fail to start.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode:
Disabled
State: Stopped
Service: mnmsrvc
Display Name:
NetMeeting Remote Desktop Sharing
Description:
Enables an authorized user to access this computer remotely by using NetMeeting
over a corporate intranet. If this service is stopped, remote desktop sharing
will be unavailable. If this service is disabled, any services that explicitly
depend on it will fail to start.
Path Name:
C:\WINNT\System32\mnmsrvc.exe
Start Mode:
Disabled
State: Stopped
Service: MSDTC
Display Name:
Distributed Transaction Coordinator
Description:
Coordinates transactions that span multiple resource managers, such as
databases, message queues, and file systems. If this service is stopped, these
transactions will not occur. If this service is disabled, any services that
explicitly depend on it will fail to start.
Path Name:
C:\WINNT\System32\msdtc.exe
Start Mode: Auto
State: Running
Service: MSIServer
Display Name:
Windows Installer
Description:
Adds, modifies, and removes applications provided as a Windows Installer
(*.msi) package. If this service is disabled, any services that explicitly
depend on it will fail to start.
Path Name:
C:\WINNT\system32\msiexec.exe /V
Start Mode:
Manual
State: Stopped
Service: napagent
Display Name:
Network Access Protection Agent
Description:
Allows windows clients to participate in Network Access Protection
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode:
Manual
State: Stopped
Service: NetDDE
Display Name:
Network DDE
Description:
Provides network transport and security for Dynamic Data Exchange (DDE) for
programs running on the same computer or on different computers. If this
service is stopped, DDE transport and security will be unavailable. If this
service is disabled, any services that explicitly depend on it will fail to
start.
Path Name:
C:\WINNT\system32\netdde.exe
Start Mode:
Disabled
State: Stopped
Service: NetDDEdsdm
Display Name:
Network DDE DSDM
Description:
Manages Dynamic Data Exchange (DDE) network shares. If this service is stopped,
DDE network shares will be unavailable. If this service is disabled, any
services that explicitly depend on it will fail to start.
Path Name:
C:\WINNT\system32\netdde.exe
Start Mode:
Disabled
State: Stopped
Service: Netlogon
Display Name: Net
Logon
Description:
Supports pass-through authentication of account logon events for computers in a
domain.
Path Name:
C:\WINNT\System32\lsass.exe
Start Mode:
Disabled
State: Stopped
Service: Netman
Display Name:
Network Connections
Description:
Manages objects in the Network and Dial-Up Connections folder, in which you can
view both local area network and remote connections.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode:
Manual
State: Running
Service: Nla
Display Name:
Network Location Awareness (NLA)
Description:
Collects and stores network configuration and location information, and
notifies applications when this information changes.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode:
Manual
State: Running
Service: NtLmSsp
Display Name: NT
LM Security Support Provider
Description:
Provides security to remote procedure call (RPC) programs that use transports
other than named pipes.
Path Name:
C:\WINNT\System32\lsass.exe
Start Mode:
Manual
State: Stopped
Service: NtmsSvc
Display Name:
Removable Storage
Description:
Manages removable media, drives, and libraries.
Path Name:
C:\WINNT\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Stopped
Service: ose
Display Name:
Office Source Engine
Description:
Saves installation files used for updates and repairs and is required for the
downloading of Setup updates and Watson error reports.
Path Name:
"C:\Program Files\Common Files\Microsoft Shared\Source
Engine\OSE.EXE"
Start Mode:
Manual
State: Stopped
Service: PACSPTISVR
Display Name:
PACSPTISVR
Description:
Path Name:
"C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe"
Start Mode:
Disabled
State: Stopped
Service: PlugPlay
Display Name:
Plug and Play
Description:
Enables a computer to recognize and adapt to hardware changes with little or no
user input. Stopping or disabling this service will result in system
instability.
Path Name:
C:\WINNT\system32\services.exe
Start Mode: Auto
State: Running
Service: Pml Driver HPZ12
Display Name: Pml
Driver HPZ12
Description:
Path Name:
C:\WINNT\system32\HPZipm12.exe
Start Mode:
Manual
State: Stopped
Service: PolicyAgent
Display Name:
IPSEC Services
Description:
Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP
security driver.
Path Name: C:\WINNT\System32\lsass.exe
Start Mode: Auto
State: Running
Service: ProtectedStorage
Display Name:
Protected Storage
Description:
Provides protected storage for sensitive data, such as private keys, to prevent
access by unauthorized services, processes, or users.
Path Name:
C:\WINNT\system32\lsass.exe
Start Mode: Auto
State: Running
Service: RasAuto
Display Name:
Remote Access Auto Connection Manager
Description:
Creates a connection to a remote network whenever a program references a remote
DNS or NetBIOS name or address.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: RasMan
Display Name:
Remote Access Connection Manager
Description:
Creates a network connection.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: RDSessMgr
Display Name:
Remote Desktop Help Session Manager
Description:
Manages and controls Remote Assistance. If this service is stopped, Remote Assistance
will be unavailable. Before stopping this service, see the Dependencies tab of
the Properties dialog box.
Path Name:
C:\WINNT\system32\sessmgr.exe
Start Mode:
Disabled
State: Stopped
Service: RemoteAccess
Display Name:
Routing and Remote Access
Description:
Offers routing services to businesses in local area and wide area network
environments.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode:
Disabled
State: Stopped
Service: RemoteRegistry
Display Name:
Remote Registry
Description:
Enables remote users to modify registry settings on this computer. If this
service is stopped, the registry can be modified only by users on this
computer. If this service is disabled, any services that explicitly depend on
it will fail to start.
Path Name:
C:\WINNT\system32\svchost.exe -k LocalService
Start Mode:
Disabled
State: Stopped
Service: RpcLocator
Display Name:
Remote Procedure Call (RPC) Locator
Description:
Manages the RPC name service database.
Path Name:
C:\WINNT\System32\locator.exe
Start Mode: Auto
State: Running
Service: RpcSs
Display Name:
Remote Procedure Call (RPC)
Description:
Provides the endpoint mapper and other miscellaneous RPC services.
Path Name:
C:\WINNT\system32\svchost -k rpcss
Start Mode: Auto
State: Running
Service: RSVP
Display Name: QoS
RSVP
Description:
Provides network signaling and local traffic control setup functionality for
QoS-aware programs and control applets.
Path Name: C:\WINNT\System32\rsvp.exe
Start Mode:
Disabled
State: Stopped
Service: SamSs
Display Name:
Security Accounts Manager
Description:
Stores security information for local user accounts.
Path Name:
C:\WINNT\system32\lsass.exe
Start Mode: Auto
State: Running
Service: SCardSvr
Display Name:
Smart Card
Description:
Manages access to smart cards read by this computer. If this service is
stopped, this computer will be unable to read smart cards. If this service is
disabled, any services that explicitly depend on it will fail to start.
Path Name:
C:\WINNT\System32\SCardSvr.exe
Start Mode:
Disabled
State: Stopped
Service: Schedule
Display Name:
Task Scheduler
Description:
Enables a user to configure and schedule automated tasks on this computer. If
this service is stopped, these tasks will not be run at their scheduled times.
If this service is disabled, any services that explicitly depend on it will
fail to start.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: SDhelper
Display Name: PC
Tools Spyware Doctor
Description:
Path Name:
C:\Program Files\Spyware Doctor\sdhelp.exe
Start Mode:
Disabled
State: Stopped
Service: seclogon
Display Name:
Secondary Logon
Description:
Enables starting processes under alternate credentials. If this service is
stopped, this type of logon access will be unavailable. If this service is
disabled, any services that explicitly depend on it will fail to start.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode:
Disabled
State: Stopped
Service: SENS
Display Name:
System Event Notification
Description:
Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of
these events.
Path Name:
C:\WINNT\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: SharedAccess
Display Name:
Windows Firewall/Internet Connection Sharing (ICS)
Description:
Provides network address translation, addressing, name resolution and/or
intrusion prevention services for a home or small office network.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: ShellHWDetection
Display Name:
Shell Hardware Detection
Description:
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: Spooler
Display Name:
Print Spooler
Description:
Loads files to memory for later printing.
Path Name:
C:\WINNT\system32\spoolsv.exe
Start Mode: Auto
State: Running
Service: SPTISRV
Display Name:
Sony SPTI Service
Description:
Path Name:
"C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe"
Start Mode:
Disabled
State: Stopped
Service: srservice
Display Name:
System Restore Service
Description:
Performs system restore functions. To stop service, turn off System Restore
from the System Restore tab in My Computer->Properties
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Stopped
Service: SSDPSRV
Display Name:
SSDP Discovery Service
Description:
Enables discovery of UPnP devices on your home network.
Path Name:
C:\WINNT\System32\svchost.exe -k LocalService
Start Mode:
Disabled
State: Stopped
Service: stisvc
Display Name:
Windows Image Acquisition (WIA)
Description:
Provides image acquisition services for scanners and cameras.
Path Name:
C:\WINNT\System32\svchost.exe -k imgsvc
Start Mode: Auto
State: Running
Service: SwPrv
Display Name: MS
Software Shadow Copy Provider
Description:
Manages software-based volume shadow copies taken by the Volume Shadow Copy
service. If this service is stopped, software-based volume shadow copies cannot
be managed. If this service is disabled, any services that explicitly depend on
it will fail to start.
Path Name:
C:\WINNT\System32\dllhost.exe /Processid:{92010A71-4D10-4145-9EBD-C6B0AF837F71}
Start Mode:
Manual
State: Stopped
Service: SymWSC
Display Name:
SymWMI Service
Description:
Symantec WMI Service
Path Name:
"C:\Program Files\Common Files\Symantec Shared\Security
Center\SymWSC.exe"
Start Mode:
Disabled
State: Stopped
Service: SysmonLog
Display Name:
Performance Logs and Alerts
Description:
Collects performance data from local or remote computers based on preconfigured
schedule parameters, then writes the data to a log or triggers an alert. If
this service is stopped, performance information will not be collected. If this
service is disabled, any services that explicitly depend on it will fail to
start.
Path Name:
C:\WINNT\system32\smlogsvc.exe
Start Mode:
Manual
State: Stopped
Service: TabletService
Display Name:
TabletService
Description:
Path Name:
C:\WINNT\system32\Tablet.exe
Start Mode: Auto
State: Running
Service: TapiSrv
Display Name:
Telephony
Description:
Provides Telephony API (TAPI) support for programs that control telephony
devices and IP based voice connections on the local computer and, through the
LAN, on servers that are also running the service.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode:
Manual
State: Running
Service: TermService
Display Name:
Terminal Services
Description: Allows
multiple users to be connected interactively to a machine as well as the
display of desktops and applications to remote computers. The underpinning of
Remote Desktop (including RD for Administrators), Fast User Switching, Remote
Assistance, and Terminal Server.
Path Name:
C:\WINNT\System32\svchost -k DComLaunch
Start Mode: Auto
State: Running
Service: Themes
Display Name:
Themes
Description:
Provides user experience theme management.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: TlntSvr
Display Name:
Telnet
Description:
Enables a remote user to log on to this computer and run programs, and supports
various TCP/IP Telnet clients, including UNIX-based and Windows-based computers.
If this service is stopped, remote user access to programs might be
unavailable. If this service is disabled, any services that explicitly depend
on it will fail to start.
Path Name:
C:\WINNT\System32\tlntsvr.exe
Start Mode:
Disabled
State: Stopped
Service: TrkWks
Display Name:
Distributed Link Tracking Client
Description:
Maintains links between NTFS files within a computer or across computers in a
network domain.
Path Name:
C:\WINNT\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: upnphost
Display Name:
Universal Plug and Play Device Host
Description:
Provides support to host Universal Plug and Play devices.
Path Name:
C:\WINNT\System32\svchost.exe -k LocalService
Start Mode:
Manual
State: Stopped
Service: UPS
Display Name:
Uninterruptible Power Supply
Description:
Manages an uninterruptible power supply (UPS) connected to the computer.
Path Name:
C:\WINNT\System32\ups.exe
Start Mode:
Manual
State: Stopped
Service: usnjsvc
Display Name:
Messenger Sharing Folders USN Journal Reader service
Description:
Service installed by Messenger to enable sharing scenarios
Path Name:
"C:\Program Files\MSN Messenger\usnsvc.exe"
Start Mode:
Manual
State: Stopped
Service: UtilMan
Display Name:
Utility Manager
Description:
Starts and configures accessibility tools from one window
Path Name:
C:\WINNT\System32\UtilMan.exe
Start Mode:
Manual
State: Stopped
Service: Visual Studio Analyzer RPC bridge
Display Name:
Visual Studio Analyzer RPC bridge
Description:
Path Name:
C:\Program Files\Microsoft Visual
Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe
Start Mode:
Manual
State: Stopped
Service: VMAuthdService
Display Name:
VMware Authorization Service
Description:
Authorization and authentication service for starting and accessing virtual
machines
Path Name:
C:\Program Files\VMware\VMware Player\vmware-authd.exe
Start Mode: Auto
State: Running
Service: VMnetDHCP
Display Name:
VMware DHCP Service
Description: DHCP
service for virtual networks
Path Name:
C:\WINNT\system32\vmnetdhcp.exe
Start Mode: Auto
State: Running
Service: vmount2
Display Name:
VMware Virtual Mount Manager Extended
Description:
Path Name:
"C:\Program Files\Common Files\VMware\VMware Virtual Image
Editing\vmount2.exe"
Start Mode: Auto
State: Running
Service: VMware NAT Service
Display Name:
VMware NAT Service
Description:
Network address translation for virtual networks
Path Name:
C:\WINNT\system32\vmnat.exe
Start Mode: Auto
State: Running
Service: vsmon
Display Name:
TrueVector Internet Monitor
Description:
Monitors internet traffic and generates alerts for disallowed access.
Path Name: C:\WINNT\system32\ZoneLabs\vsmon.exe
-service
Start Mode:
Manual
State: Stopped
Service: VSS
Display Name:
Volume Shadow Copy
Description:
Manages and implements Volume Shadow Copies used for backup and other purposes.
If this service is stopped, shadow copies will be unavailable for backup and
the backup may fail. If this service is disabled, any services that explicitly
depend on it will fail to start.
Path Name:
C:\WINNT\System32\vssvc.exe
Start Mode:
Manual
State: Stopped
Service: W32Time
Display Name:
Windows Time
Description:
Maintains date and time synchronization on all clients and servers in the
network. If this service is stopped, date and time synchronization will be
unavailable. If this service is disabled, any services that explicitly depend
on it will fail to start.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: WebClient
Display Name:
WebClient
Description:
Enables Windows-based programs to create, access, and modify Internet-based
files. If this service is stopped, these functions will not be available. If
this service is disabled, any services that explicitly depend on it will fail
to start.
Path Name:
C:\WINNT\System32\svchost.exe -k LocalService
Start Mode: Auto
State: Running
Service: winmgmt
Display Name:
Windows Management Instrumentation
Description:
Provides a common interface and object model to access management information
about operating system, devices, applications and services. If this service is
stopped, most Windows-based software will not function properly. If this
service is disabled, any services that explicitly depend on it will fail to
start.
Path Name:
C:\WINNT\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: WmdmPmSN
Display Name:
Portable Media Serial Number Service
Description:
Retrieves the serial number of any portable media player connected to this
computer. If this service is stopped, protected content might not be down
loaded to the device.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode:
Disabled
State: Stopped
Service: Wmi
Display Name:
Windows Management Instrumentation Driver Extensions
Description:
Provides systems management information to and from drivers.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: WmiApSrv
Display Name: WMI
Performance Adapter
Description:
Provides performance library information from WMI HiPerf providers.
Path Name:
C:\WINNT\System32\wbem\wmiapsrv.exe
Start Mode:
Disabled
State: Stopped
Service: WMPNetworkSvc
Display Name:
Windows Media Player Network Sharing Service
Description:
Shares Windows Media Player libraries to other networked players and media
devices using Universal Plug and Play
Path Name:
"C:\Program Files\Windows Media Player\WMPNetwk.exe"
Start Mode:
Manual
State: Stopped
Service: wscsvc
Display Name:
Security Center
Description:
Monitors system security settings and configurations.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: wuauserv
Display Name:
Automatic Updates
Description:
Enables the download and installation of Windows updates. If this service is
disabled, this computer will not be able to use the Automatic Updates feature
or the Windows Update Web site.
Path Name:
C:\WINNT\system32\svchost.exe -k netsvcs
Start Mode:
Disabled
State: Stopped
Service: WudfSvc
Display Name: Windows Driver Foundation -
User-mode Driver Framework
Description: Manages user-mode driver host
processes
Path Name:
C:\WINNT\system32\svchost.exe -k WudfServiceGroup
Start Mode:
Manual
State: Stopped
Service: WZCSVC
Display Name:
Wireless Zero Configuration
Description:
Provides automatic configuration for the 802.11 adapters
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running
Service: xmlprov
Display Name:
Network Provisioning Service
Description:
Manages XML configuration files on a domain basis for automatic network
provisioning.
Path Name:
C:\WINNT\System32\svchost.exe -k netsvcs
Start Mode:
Manual
State: Stopped
Service: ZVZBI
Display Name:
ZVZBI
Description:
Path Name:
C:\WINNT\TEMP\ZVZBI.exe
Start Mode:
Disabled
State: Stopped