Sign in with
Sign up | Sign in
Your question

Task Manager Hell!!!!!

Last response: in Windows XP
Share
October 15, 2004 4:05:05 AM

Archived from groups: microsoft.public.windowsxp.perform_maintain (More info?)

Hi

I'm having what seems to be a familair problem with Task Manager,
Regedit etc.

I've updated my AVG definitions, scanned in safe mode and normal, run
a couple of the suggested online scanners, run Spybot and Spyware
Doctor. And (!) I've tried Doug's various utilities (Security Console
and XP_taskmgrenab included) and I Task Manager is still greyed out. I
can however run everything when I boot in Safe Mode.

So I've used Doug's Program Tracker and I'm hoping someone can help me
decipher what the heck is going on.

Many thanks in advance and please don't tell me to run a virus
check!!!!

-- Registry --
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce

No Items Found

-- Registry --
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

IgfxTray C:\WINDOWS\System32\igfxtray.exe
HotKeysCmds C:\WINDOWS\System32\hkcmd.exe
Apoint C:\Program Files\Apoint\Apoint.exe
Dell QuickSet C:\Program
Files\Dell\QuickSet\quickset.exe
bascstray BascsTray.exe
DVDSentry C:\WINDOWS\System32\DSentry.exe
AVG_CC C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
/STARTUP
vptray C:\Program Files\NavNT\vptray.exe
QuickTime Task "C:\Program Files\QuickTime\qttask.exe"
-atboottime
Openwares LiveUpdate C:\Program
Files\LiveUpdate\LiveUpdate.exe
RoxioEngineUtility "C:\Program Files\Common Files\Roxio
Shared\System\EngUtil.exe"
RoxioAudioCentral "C:\Program Files\Roxio\Easy CD Creator
6\AudioCentral\RxMon.exe"
GSICONEXE gsicon.exe
DSLAGENTEXE dslagent.exe USB
MMTray C:\Program Files\MUSICMATCH\MUSICMATCH
Jukebox\mm_tray.exe
mmtask C:\Program Files\MUSICMATCH\MUSICMATCH
Jukebox\mmtask.exe
SmcService C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

-- Registry --
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce

No Items Found

-- Registry --
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

H/PC Connection Agent "C:\Program Files\Microsoft
ActiveSync\WCESCOMM.EXE"
Creative Detector C:\Program
Files\Creative\MediaSource\Detector\CTDetect.exe /R
SpySweeper "C:\Program Files\Webroot\Spy
Sweeper\SpySweeper.exe" /0
ctfmon.exe C:\WINDOWS\system32\ctfmon.exe

-- Registry --
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce

No Items Found

-- Start Menu - Current User --
DESKTOP.INI

-- Start Menu - All Users --
Acrobat Assistant.lnk
BTTray.lnk
Dataviz Messenger.lnk
DESKTOP.INI
Microsoft Office OneNote 2003 Quick Launch.lnk
Phone Connection Monitor.lnk
Service Manager.lnk

-- Disabled Items --
No Items Found

-- Registry - Shell Value - HKLM\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon --
Explorer.exe

-- Running Processes --
System Idle Process
System
smss.exe \SystemRoot\System32\smss.exe
csrss.exe C:\WINDOWS\system32\csrss.exe
ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On
SubSystemType=Windows ServerDll=basesrv,1
ServerDll=winsrv:UserServerDllInitialization,3
ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off
MaxRequestThreads=16
winlogon.exe winlogon.exe
services.exe C:\WINDOWS\system32\services.exe
lsass.exe C:\WINDOWS\system32\lsass.exe
svchost.exe C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe C:\WINDOWS\system32\svchost -k rpcss
svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs
Smc.exe "C:\Program Files\Sygate\SPF\smc.exe"
svchost.exe C:\WINDOWS\System32\svchost.exe -k NetworkService
svchost.exe C:\WINDOWS\System32\svchost.exe -k LocalService
spoolsv.exe C:\WINDOWS\system32\spoolsv.exe
scardsvr.exe C:\WINDOWS\System32\SCardSvr.exe
avgserv.exe C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
BAsfIpM.exe C:\WINDOWS\System32\basfipm.exe
btwdins.exe "C:\Program Files\Dell\Bluetooth
Software\bin\btwdins.exe"
cisvc.exe C:\WINDOWS\system32\cisvc.exe
CTSVCCDA.EXE C:\WINDOWS\System32\CTsvcCDA.EXE
defwatch.exe "C:\Program Files\NavNT\defwatch.exe"
inetinfo.exe C:\WINDOWS\System32\inetsrv\inetinfo.exe
sqlservr.exe C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe
rtvscan.exe "C:\Program Files\NavNT\rtvscan.exe"
svchost.exe C:\WINDOWS\System32\svchost.exe -k imgsvc
wdfmgr.exe C:\WINDOWS\system32\wdfmgr.exe
WLTRYSVC.EXE C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
MsPMSPSv.exe C:\WINDOWS\System32\MsPMSPSv.exe
BCMWLTRY.EXE C:\WINDOWS\System32\bcmwltry.exe
alg.exe C:\WINDOWS\System32\alg.exe
explorer.exe C:\WINDOWS\Explorer.EXE
REGSVR.EXE C:\WINDOWS\REGSVR.EXE
hkcmd.exe "C:\WINDOWS\System32\hkcmd.exe"
Apoint.exe "C:\Program Files\Apoint\Apoint.exe"
quickset.exe "C:\Program Files\Dell\QuickSet\quickset.exe"
DSentry.exe "C:\WINDOWS\System32\DSentry.exe"
avgcc32.exe "C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe" /STARTUP
ApntEx.exe "Apntex.exe"
vptray.exe "C:\Program Files\NavNT\vptray.exe"
RxMon.exe "C:\Program Files\Roxio\Easy CD Creator
6\AudioCentral\RxMon.exe"
gsicon.exe "C:\WINDOWS\system32\gsicon.exe"
dslagent.exe "C:\WINDOWS\system32\dslagent.exe" USB
mm_tray.exe "C:\Program Files\MUSICMATCH\MUSICMATCH
Jukebox\mm_tray.exe"
mmtask.exe "C:\Program Files\MUSICMATCH\MUSICMATCH
Jukebox\mmtask.exe"
wcescomm.exe "C:\Program Files\Microsoft
ActiveSync\WCESCOMM.EXE"
CTDetect.exe "C:\Program
Files\Creative\MediaSource\Detector\CTDetect.exe" /R
SpySweeper.exe "C:\Program Files\Webroot\Spy
Sweeper\SpySweeper.exe" /0
ctfmon.exe "C:\WINDOWS\system32\ctfmon.exe"
Playlist.exe "C:\Program Files\Roxio\Easy CD Creator
6\AudioCentral\Playlist.exe" -Embedding
acrotray.exe "C:\Program Files\Adobe\Acrobat
6.0\Distillr\acrotray.exe"
BTTray.exe "C:\Program Files\Dell\Bluetooth
Software\BTTray.exe"
DvzMsgr.exe "C:\WINDOWS\DvzCommon\DvzMsgr.exe"
audevicemgr.exe "C:\Program Files\Sony
Ericsson\Mobile\audevicemgr.exe"
sqlmangr.exe "C:\Program Files\Microsoft SQL
Server\80\Tools\Binn\sqlmangr.exe" /n
MROUTE~2.EXE c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\MROUTE~2.EXE
-Embedding
BTStackServer.exe C:\PROGRA~1\Dell\BLUETO~1\BTSTAC~1.EXE -Embedding
CONNMN~1.EXE C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE
-Embedding
OUTLOOK.EXE "C:\Program Files\Microsoft
Office\OFFICE11\OUTLOOK.EXE" /recycle
SYNCIN~1.EXE C:\PROGRA~1\SONYER~1\Mobile\SYNCIN~1.EXE
-Embedding
CIDAEMON.EXE "cidaemon.exe" DownLevelDaemon "c:\system volume
information\catalog.wci" 196672l 1616l
CIDAEMON.EXE "cidaemon.exe" DownLevelDaemon "c:\documents and
settings\all users\application data\microsoft\visio\catalog.wci"
196672l 1616l
CIDAEMON.EXE "cidaemon.exe" DownLevelDaemon
"c:\inetpub\catalog.wci" 196672l 1616l
wuauclt.exe "C:\WINDOWS\system32\wuauclt.exe"
iexplore.exe "C:\Program Files\Internet Explorer\iexplore.exe"
WINZIP32.EXE "C:\PROGRA~1\WINZIP\winzip32.exe" "C:\Documents
and Settings\jamie.UK0\Desktop\StartupTracker3.zip"
StartupTracker3.exe "c:\TEMP\StartupTracker3.exe"
wmiprvse.exe C:\WINDOWS\System32\wbem\wmiprvse.exe

-- Running Services --

Name: ALG
Description: Provides support for 3rd party protocol plug-ins for
Internet Connection Sharing and the Windows Firewall.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\alg.exe

Name: AudioSrv
Description: Manages audio devices for Windows-based programs. If this
service is stopped, audio devices and effects will not function
properly. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: AvgServ
Description:
Startup Mode: Auto
Run from: C:\PROGRA~1\Grisoft\AVG6\avgserv.exe

Name: BAsfIpM
Description: IP monitoring service for Broadcom ASF applications.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\basfipm.exe

Name: BITS
Description: Transfers files in the background using idle network
bandwidth. If the service is stopped, features such as Windows Update,
and MSN Explorer will be unable to automatically download programs and
other information. If this service is disabled, any services that
explicitly depend on it may fail to transfer files if they do not have
a fail safe mechanism to transfer files directly through IE in case
BITS has been disabled.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: Browser
Description: Maintains an updated list of computers on the network and
supplies this list to computers designated as browsers. If this
service is stopped, this list will not be updated or maintained. If
this service is disabled, any services that explicitly depend on it
will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: btwdins
Description:
Startup Mode: Auto
Run from: C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe

Name: CiSvc
Description: Indexes contents and properties of files on local and
remote computers; provides rapid access to files through flexible
querying language.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\cisvc.exe

Name: Creative Service for CDROM Access
Description:
Startup Mode: Auto
Run from: C:\WINDOWS\System32\CTsvcCDA.EXE

Name: CryptSvc
Description: Provides three management services: Catalog Database
Service, which confirms the signatures of Windows files; Protected
Root Service, which adds and removes Trusted Root Certification
Authority certificates from this computer; and Key Service, which
helps enroll this computer for certificates. If this service is
stopped, these management services will not function properly. If this
service is disabled, any services that explicitly depend on it will
fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: DcomLaunch
Description: Provides launch functionality for DCOM services.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost -k DcomLaunch

Name: DefWatch
Description:
Startup Mode: Auto
Run from: C:\Program Files\NavNT\defwatch.exe

Name: Dhcp
Description: Manages network configuration by registering and updating
IP addresses and DNS names.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: dmserver
Description: Detects and monitors new hard disk drives and sends disk
volume information to Logical Disk Manager Administrative Service for
configuration. If this service is stopped, dynamic disk status and
configuration information may become out of date. If this service is
disabled, any services that explicitly depend on it will fail to
start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: Dnscache
Description: Resolves and caches Domain Name System (DNS) names for
this computer. If this service is stopped, this computer will not be
able to resolve DNS names and locate Active Directory domain
controllers. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k NetworkService

Name: ERSvc
Description: Allows error reporting for services and applictions
running in non-standard environments.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: Eventlog
Description: Enables event log messages issued by Windows-based
programs and components to be viewed in Event Viewer. This service
cannot be stopped.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\services.exe

Name: EventSystem
Description: Supports System Event Notification Service (SENS), which
provides automatic distribution of events to subscribing Component
Object Model (COM) components. If the service is stopped, SENS will
close and will not be able to provide logon and logoff notifications.
If this service is disabled, any services that explicitly depend on it
will fail to start.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: helpsvc
Description: Enables Help and Support Center to run on this computer.
If this service is stopped, Help and Support Center will be
unavailable. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: HidServ
Description: Enables generic input access to Human Interface Devices
(HID), which activates and maintains the use of predefined hot buttons
on keyboards, remote controls, and other multimedia devices. If this
service is stopped, hot buttons controlled by this service will no
longer function. If this service is disabled, any services that
explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: IISADMIN
Description: Allows administration of Web and FTP services through the
Internet Information Services snap-in
Startup Mode: Auto
Run from: C:\WINDOWS\System32\inetsrv\inetinfo.exe

Name: Irmon
Description: Supports infrared devices installed on the computer and
detects other devices that are in range.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: lanmanserver
Description: Supports file, print, and named-pipe sharing over the
network for this computer. If this service is stopped, these functions
will be unavailable. If this service is disabled, any services that
explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: LanmanWorkstation
Description: Creates and maintains client network connections to
remote servers. If this service is stopped, these connections will be
unavailable. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: LmHosts
Description: Enables support for NetBIOS over TCP/IP (NetBT) service
and NetBIOS name resolution.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k LocalService

Name: MSSQLSERVER
Description:
Startup Mode: Auto
Run from: C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe

Name: Netlogon
Description: Supports pass-through authentication of account logon
events for computers in a domain.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\lsass.exe

Name: Netman
Description: Manages objects in the Network and Dial-Up Connections
folder, in which you can view both local area network and remote
connections.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: Nla
Description: Collects and stores network configuration and location
information, and notifies applications when this information changes.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: Norton AntiVirus Server
Description:
Startup Mode: Auto
Run from: C:\Program Files\NavNT\rtvscan.exe

Name: PlugPlay
Description: Enables a computer to recognize and adapt to hardware
changes with little or no user input. Stopping or disabling this
service will result in system instability.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\services.exe

Name: ProtectedStorage
Description: Provides protected storage for sensitive data, such as
private keys, to prevent access by unauthorized services, processes,
or users.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\lsass.exe

Name: RasMan
Description: Creates a network connection.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: RemoteRegistry
Description: Enables remote users to modify registry settings on this
computer. If this service is stopped, the registry can be modified
only by users on this computer. If this service is disabled, any
services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k LocalService

Name: RpcSs
Description: Provides the endpoint mapper and other miscellaneous RPC
services.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost -k rpcss

Name: SamSs
Description: Stores security information for local user accounts.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\lsass.exe

Name: SCardSvr
Description: Manages access to smart cards read by this computer. If
this service is stopped, this computer will be unable to read smart
cards. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\SCardSvr.exe

Name: Schedule
Description: Enables a user to configure and schedule automated tasks
on this computer. If this service is stopped, these tasks will not be
run at their scheduled times. If this service is disabled, any
services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: seclogon
Description: Enables starting processes under alternate credentials.
If this service is stopped, this type of logon access will be
unavailable. If this service is disabled, any services that explicitly
depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: SENS
Description: Tracks system events such as Windows logon, network, and
power events. Notifies COM+ Event System subscribers of these events.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: SharedAccess
Description: Provides network address translation, addressing, name
resolution and/or intrusion prevention services for a home or small
office network.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: ShellHWDetection
Description:
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: SmcService
Description:
Startup Mode: Auto
Run from: C:\Program Files\Sygate\SPF\smc.exe

Name: SMTPSVC
Description: Transports electronic mail across the network
Startup Mode: Auto
Run from: C:\WINDOWS\System32\inetsrv\inetinfo.exe

Name: Spooler
Description: Loads files to memory for later printing.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\spoolsv.exe

Name: SSDPSRV
Description: Enables discovery of UPnP devices on your home network.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k LocalService

Name: stisvc
Description: Provides image acquisition services for scanners and
cameras.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k imgsvc

Name: TapiSrv
Description: Provides Telephony API (TAPI) support for programs that
control telephony devices and IP based voice connections on the local
computer and, through the LAN, on servers that are also running the
service.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: TermService
Description: Allows multiple users to be connected interactively to a
machine as well as the display of desktops and applications to remote
computers. The underpinning of Remote Desktop (including RD for
Administrators), Fast User Switching, Remote Assistance, and Terminal
Server.
Startup Mode: Manual
Run from: C:\WINDOWS\System32\svchost -k DComLaunch

Name: Themes
Description: Provides user experience theme management.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

Name: TrkWks
Description: Maintains links between NTFS files within a computer or
across computers in a network domain.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: UMWdf
Description: Enables Windows user mode drivers.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\wdfmgr.exe

Name: w32time
Description: Maintains date and time synchronization on all clients
and servers in the network. If this service is stopped, date and time
synchronization will be unavailable. If this service is disabled, any
services that explicitly depend on it will fail to start.

Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: W3SVC
Description: Provides Web connectivity and administration through the
Internet Information Services snap-in
Startup Mode: Auto
Run from: C:\WINDOWS\System32\inetsrv\inetinfo.exe

Name: WebClient
Description: Enables Windows-based programs to create, access, and
modify Internet-based files. If this service is stopped, these
functions will not be available. If this service is disabled, any
services that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k LocalService

Name: winmgmt
Description: Provides a common interface and object model to access
management information about operating system, devices, applications
and services. If this service is stopped, most Windows-based software
will not function properly. If this service is disabled, any services
that explicitly depend on it will fail to start.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: WLTRYSVC
Description:
Startup Mode: Auto
Run from: C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe

Name: WMDM PMSP Service
Description:
Startup Mode: Auto
Run from: C:\WINDOWS\System32\MsPMSPSv.exe

Name: wuauserv
Description: Enables the download and installation of critical Windows
updates. If the service is disabled, the operating system can be
manually updated at the Windows Update Web site.
Startup Mode: Auto
Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs

Name: WZCSVC
Description: Provides automatic configuration for the 802.11 adapters
Startup Mode: Auto
Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs

More about : task manager hell

October 15, 2004 4:29:09 AM

Archived from groups: microsoft.public.windowsxp.perform_maintain (More info?)

Someone else suggested running Tasklist from the command prompt to provide
some more diagnostic info - so here you go!

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\jamie.UK0>TASKLIST

Image Name PID Session Name Session# Mem Usage
========================= ====== ================ ======== ============
System Idle Process 0 Console 0 16 K
System 4 Console 0 220 K
smss.exe 1176 Console 0 376 K
csrss.exe 1228 Console 0 5,712 K
winlogon.exe 1256 Console 0 2,976 K
services.exe 1300 Console 0 4,400 K
lsass.exe 1316 Console 0 7,352 K
svchost.exe 1500 Console 0 5,212 K
svchost.exe 1548 Console 0 4,552 K
svchost.exe 1744 Console 0 27,648 K
Smc.exe 1804 Console 0 9,740 K
svchost.exe 612 Console 0 3,536 K
svchost.exe 684 Console 0 5,280 K
spoolsv.exe 1920 Console 0 7,124 K
scardsvr.exe 372 Console 0 2,776 K
avgserv.exe 1092 Console 0 4,360 K
BAsfIpM.exe 1120 Console 0 3,672 K
btwdins.exe 1608 Console 0 2,180 K
cisvc.exe 1624 Console 0 700 K
CTSVCCDA.EXE 1644 Console 0 1,804 K
defwatch.exe 1668 Console 0 1,816 K
inetinfo.exe 1720 Console 0 9,528 K
sqlservr.exe 1772 Console 0 12,868 K
rtvscan.exe 532 Console 0 12,744 K
svchost.exe 444 Console 0 4,292 K
wdfmgr.exe 924 Console 0 2,156 K
WLTRYSVC.EXE 1080 Console 0 1,908 K
MsPMSPSv.exe 1196 Console 0 1,928 K
BCMWLTRY.EXE 1200 Console 0 3,588 K
alg.exe 2236 Console 0 3,668 K
explorer.exe 2432 Console 0 26,340 K
REGSVR.EXE 2572 Console 0 2,932 K
hkcmd.exe 2756 Console 0 6,444 K
Apoint.exe 2864 Console 0 4,800 K
quickset.exe 2976 Console 0 4,224 K
DSentry.exe 3044 Console 0 2,408 K
avgcc32.exe 1836 Console 0 2,176 K
vptray.exe 3312 Console 0 4,116 K
ApntEx.exe 3472 Console 0 2,296 K
RxMon.exe 3708 Console 0 4,240 K
gsicon.exe 3716 Console 0 3,096 K
dslagent.exe 3784 Console 0 2,288 K
mm_tray.exe 3824 Console 0 4,728 K
mmtask.exe 3832 Console 0 3,084 K
wcescomm.exe 3888 Console 0 6,728 K
CTDetect.exe 2016 Console 0 4,196 K
SpySweeper.exe 132 Console 0 20,384 K
ctfmon.exe 1576 Console 0 4,316 K
Playlist.exe 340 Console 0 5,476 K
acrotray.exe 416 Console 0 2,840 K
BTTray.exe 560 Console 0 5,616 K
DvzMsgr.exe 1304 Console 0 2,976 K
audevicemgr.exe 2516 Console 0 6,876 K
sqlmangr.exe 2672 Console 0 5,336 K
MROUTE~2.EXE 2992 Console 0 8,916 K
BTSTAC~1.EXE 3112 Console 0 7,108 K
CONNMN~1.EXE 2072 Console 0 4,980 K
OUTLOOK.EXE 3436 Console 0 23,644 K
SYNCIN~1.EXE 1584 Console 0 3,284 K
CIDAEMON.EXE 3076 Console 0 420 K
CIDAEMON.EXE 2912 Console 0 264 K
CIDAEMON.EXE 3588 Console 0 824 K
iexplore.exe 3756 Console 0 21,836 K
WCESMgr.exe 2788 Console 0 9,980 K
cmd.exe 3980 Console 0 2,776 K
TASKLIST.EXE 2608 Console 0 4,532 K
wmiprvse.exe 2116 Console 0 5,704 K

C:\Documents and Settings\jamie.UK0>

"McFly" wrote:

> Hi
>
> I'm having what seems to be a familair problem with Task Manager,
> Regedit etc.
>
> I've updated my AVG definitions, scanned in safe mode and normal, run
> a couple of the suggested online scanners, run Spybot and Spyware
> Doctor. And (!) I've tried Doug's various utilities (Security Console
> and XP_taskmgrenab included) and I Task Manager is still greyed out. I
> can however run everything when I boot in Safe Mode.
>
> So I've used Doug's Program Tracker and I'm hoping someone can help me
> decipher what the heck is going on.
>
> Many thanks in advance and please don't tell me to run a virus
> check!!!!
>
> -- Registry --
> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
>
> No Items Found
>
> -- Registry --
> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
>
> IgfxTray C:\WINDOWS\System32\igfxtray.exe
> HotKeysCmds C:\WINDOWS\System32\hkcmd.exe
> Apoint C:\Program Files\Apoint\Apoint.exe
> Dell QuickSet C:\Program
> Files\Dell\QuickSet\quickset.exe
> bascstray BascsTray.exe
> DVDSentry C:\WINDOWS\System32\DSentry.exe
> AVG_CC C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
> /STARTUP
> vptray C:\Program Files\NavNT\vptray.exe
> QuickTime Task "C:\Program Files\QuickTime\qttask.exe"
> -atboottime
> Openwares LiveUpdate C:\Program
> Files\LiveUpdate\LiveUpdate.exe
> RoxioEngineUtility "C:\Program Files\Common Files\Roxio
> Shared\System\EngUtil.exe"
> RoxioAudioCentral "C:\Program Files\Roxio\Easy CD Creator
> 6\AudioCentral\RxMon.exe"
> GSICONEXE gsicon.exe
> DSLAGENTEXE dslagent.exe USB
> MMTray C:\Program Files\MUSICMATCH\MUSICMATCH
> Jukebox\mm_tray.exe
> mmtask C:\Program Files\MUSICMATCH\MUSICMATCH
> Jukebox\mmtask.exe
> SmcService C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
>
> -- Registry --
> HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
>
> No Items Found
>
> -- Registry --
> HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
>
> H/PC Connection Agent "C:\Program Files\Microsoft
> ActiveSync\WCESCOMM.EXE"
> Creative Detector C:\Program
> Files\Creative\MediaSource\Detector\CTDetect.exe /R
> SpySweeper "C:\Program Files\Webroot\Spy
> Sweeper\SpySweeper.exe" /0
> ctfmon.exe C:\WINDOWS\system32\ctfmon.exe
>
> -- Registry --
> HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce
>
> No Items Found
>
> -- Start Menu - Current User --
> DESKTOP.INI
>
> -- Start Menu - All Users --
> Acrobat Assistant.lnk
> BTTray.lnk
> Dataviz Messenger.lnk
> DESKTOP.INI
> Microsoft Office OneNote 2003 Quick Launch.lnk
> Phone Connection Monitor.lnk
> Service Manager.lnk
>
> -- Disabled Items --
> No Items Found
>
> -- Registry - Shell Value - HKLM\SOFTWARE\Microsoft\Windows
> NT\CurrentVersion\Winlogon --
> Explorer.exe
>
> -- Running Processes --
> System Idle Process
> System
> smss.exe \SystemRoot\System32\smss.exe
> csrss.exe C:\WINDOWS\system32\csrss.exe
> ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On
> SubSystemType=Windows ServerDll=basesrv,1
> ServerDll=winsrv:UserServerDllInitialization,3
> ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off
> MaxRequestThreads=16
> winlogon.exe winlogon.exe
> services.exe C:\WINDOWS\system32\services.exe
> lsass.exe C:\WINDOWS\system32\lsass.exe
> svchost.exe C:\WINDOWS\system32\svchost -k DcomLaunch
> svchost.exe C:\WINDOWS\system32\svchost -k rpcss
> svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs
> Smc.exe "C:\Program Files\Sygate\SPF\smc.exe"
> svchost.exe C:\WINDOWS\System32\svchost.exe -k NetworkService
> svchost.exe C:\WINDOWS\System32\svchost.exe -k LocalService
> spoolsv.exe C:\WINDOWS\system32\spoolsv.exe
> scardsvr.exe C:\WINDOWS\System32\SCardSvr.exe
> avgserv.exe C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
> BAsfIpM.exe C:\WINDOWS\System32\basfipm.exe
> btwdins.exe "C:\Program Files\Dell\Bluetooth
> Software\bin\btwdins.exe"
> cisvc.exe C:\WINDOWS\system32\cisvc.exe
> CTSVCCDA.EXE C:\WINDOWS\System32\CTsvcCDA.EXE
> defwatch.exe "C:\Program Files\NavNT\defwatch.exe"
> inetinfo.exe C:\WINDOWS\System32\inetsrv\inetinfo.exe
> sqlservr.exe C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe
> rtvscan.exe "C:\Program Files\NavNT\rtvscan.exe"
> svchost.exe C:\WINDOWS\System32\svchost.exe -k imgsvc
> wdfmgr.exe C:\WINDOWS\system32\wdfmgr.exe
> WLTRYSVC.EXE C:\WINDOWS\System32\WLTRYSVC.EXE
> C:\WINDOWS\System32\bcmwltry.exe
> MsPMSPSv.exe C:\WINDOWS\System32\MsPMSPSv.exe
> BCMWLTRY.EXE C:\WINDOWS\System32\bcmwltry.exe
> alg.exe C:\WINDOWS\System32\alg.exe
> explorer.exe C:\WINDOWS\Explorer.EXE
> REGSVR.EXE C:\WINDOWS\REGSVR.EXE
> hkcmd.exe "C:\WINDOWS\System32\hkcmd.exe"
> Apoint.exe "C:\Program Files\Apoint\Apoint.exe"
> quickset.exe "C:\Program Files\Dell\QuickSet\quickset.exe"
> DSentry.exe "C:\WINDOWS\System32\DSentry.exe"
> avgcc32.exe "C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe" /STARTUP
> ApntEx.exe "Apntex.exe"
> vptray.exe "C:\Program Files\NavNT\vptray.exe"
> RxMon.exe "C:\Program Files\Roxio\Easy CD Creator
> 6\AudioCentral\RxMon.exe"
> gsicon.exe "C:\WINDOWS\system32\gsicon.exe"
> dslagent.exe "C:\WINDOWS\system32\dslagent.exe" USB
> mm_tray.exe "C:\Program Files\MUSICMATCH\MUSICMATCH
> Jukebox\mm_tray.exe"
> mmtask.exe "C:\Program Files\MUSICMATCH\MUSICMATCH
> Jukebox\mmtask.exe"
> wcescomm.exe "C:\Program Files\Microsoft
> ActiveSync\WCESCOMM.EXE"
> CTDetect.exe "C:\Program
> Files\Creative\MediaSource\Detector\CTDetect.exe" /R
> SpySweeper.exe "C:\Program Files\Webroot\Spy
> Sweeper\SpySweeper.exe" /0
> ctfmon.exe "C:\WINDOWS\system32\ctfmon.exe"
> Playlist.exe "C:\Program Files\Roxio\Easy CD Creator
> 6\AudioCentral\Playlist.exe" -Embedding
> acrotray.exe "C:\Program Files\Adobe\Acrobat
> 6.0\Distillr\acrotray.exe"
> BTTray.exe "C:\Program Files\Dell\Bluetooth
> Software\BTTray.exe"
> DvzMsgr.exe "C:\WINDOWS\DvzCommon\DvzMsgr.exe"
> audevicemgr.exe "C:\Program Files\Sony
> Ericsson\Mobile\audevicemgr.exe"
> sqlmangr.exe "C:\Program Files\Microsoft SQL
> Server\80\Tools\Binn\sqlmangr.exe" /n
> MROUTE~2.EXE c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\MROUTE~2.EXE
> -Embedding
> BTStackServer.exe C:\PROGRA~1\Dell\BLUETO~1\BTSTAC~1.EXE -Embedding
> CONNMN~1.EXE C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE
> -Embedding
> OUTLOOK.EXE "C:\Program Files\Microsoft
> Office\OFFICE11\OUTLOOK.EXE" /recycle
> SYNCIN~1.EXE C:\PROGRA~1\SONYER~1\Mobile\SYNCIN~1.EXE
> -Embedding
> CIDAEMON.EXE "cidaemon.exe" DownLevelDaemon "c:\system volume
> information\catalog.wci" 196672l 1616l
> CIDAEMON.EXE "cidaemon.exe" DownLevelDaemon "c:\documents and
> settings\all users\application data\microsoft\visio\catalog.wci"
> 196672l 1616l
> CIDAEMON.EXE "cidaemon.exe" DownLevelDaemon
> "c:\inetpub\catalog.wci" 196672l 1616l
> wuauclt.exe "C:\WINDOWS\system32\wuauclt.exe"
> iexplore.exe "C:\Program Files\Internet Explorer\iexplore.exe"
> WINZIP32.EXE "C:\PROGRA~1\WINZIP\winzip32.exe" "C:\Documents
> and Settings\jamie.UK0\Desktop\StartupTracker3.zip"
> StartupTracker3.exe "c:\TEMP\StartupTracker3.exe"
> wmiprvse.exe C:\WINDOWS\System32\wbem\wmiprvse.exe
>
> -- Running Services --
>
> Name: ALG
> Description: Provides support for 3rd party protocol plug-ins for
> Internet Connection Sharing and the Windows Firewall.
> Startup Mode: Manual
> Run from: C:\WINDOWS\System32\alg.exe
>
> Name: AudioSrv
> Description: Manages audio devices for Windows-based programs. If this
> service is stopped, audio devices and effects will not function
> properly. If this service is disabled, any services that explicitly
> depend on it will fail to start.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: AvgServ
> Description:
> Startup Mode: Auto
> Run from: C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
>
> Name: BAsfIpM
> Description: IP monitoring service for Broadcom ASF applications.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\basfipm.exe
>
> Name: BITS
> Description: Transfers files in the background using idle network
> bandwidth. If the service is stopped, features such as Windows Update,
> and MSN Explorer will be unable to automatically download programs and
> other information. If this service is disabled, any services that
> explicitly depend on it may fail to transfer files if they do not have
> a fail safe mechanism to transfer files directly through IE in case
> BITS has been disabled.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: Browser
> Description: Maintains an updated list of computers on the network and
> supplies this list to computers designated as browsers. If this
> service is stopped, this list will not be updated or maintained. If
> this service is disabled, any services that explicitly depend on it
> will fail to start.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: btwdins
> Description:
> Startup Mode: Auto
> Run from: C:\Program Files\Dell\Bluetooth Software\bin\btwdins.exe
>
> Name: CiSvc
> Description: Indexes contents and properties of files on local and
> remote computers; provides rapid access to files through flexible
> querying language.
> Startup Mode: Auto
> Run from: C:\WINDOWS\system32\cisvc.exe
>
> Name: Creative Service for CDROM Access
> Description:
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\CTsvcCDA.EXE
>
> Name: CryptSvc
> Description: Provides three management services: Catalog Database
> Service, which confirms the signatures of Windows files; Protected
> Root Service, which adds and removes Trusted Root Certification
> Authority certificates from this computer; and Key Service, which
> helps enroll this computer for certificates. If this service is
> stopped, these management services will not function properly. If this
> service is disabled, any services that explicitly depend on it will
> fail to start.
> Startup Mode: Auto
> Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs
>
> Name: DcomLaunch
> Description: Provides launch functionality for DCOM services.
> Startup Mode: Auto
> Run from: C:\WINDOWS\system32\svchost -k DcomLaunch
>
> Name: DefWatch
> Description:
> Startup Mode: Auto
> Run from: C:\Program Files\NavNT\defwatch.exe
>
> Name: Dhcp
> Description: Manages network configuration by registering and updating
> IP addresses and DNS names.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: dmserver
> Description: Detects and monitors new hard disk drives and sends disk
> volume information to Logical Disk Manager Administrative Service for
> configuration. If this service is stopped, dynamic disk status and
> configuration information may become out of date. If this service is
> disabled, any services that explicitly depend on it will fail to
> start.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: Dnscache
> Description: Resolves and caches Domain Name System (DNS) names for
> this computer. If this service is stopped, this computer will not be
> able to resolve DNS names and locate Active Directory domain
> controllers. If this service is disabled, any services that explicitly
> depend on it will fail to start.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k NetworkService
>
> Name: ERSvc
> Description: Allows error reporting for services and applictions
> running in non-standard environments.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: Eventlog
> Description: Enables event log messages issued by Windows-based
> programs and components to be viewed in Event Viewer. This service
> cannot be stopped.
> Startup Mode: Auto
> Run from: C:\WINDOWS\system32\services.exe
>
> Name: EventSystem
> Description: Supports System Event Notification Service (SENS), which
> provides automatic distribution of events to subscribing Component
> Object Model (COM) components. If the service is stopped, SENS will
> close and will not be able to provide logon and logoff notifications.
> If this service is disabled, any services that explicitly depend on it
> will fail to start.
> Startup Mode: Manual
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: helpsvc
> Description: Enables Help and Support Center to run on this computer.
> If this service is stopped, Help and Support Center will be
> unavailable. If this service is disabled, any services that explicitly
> depend on it will fail to start.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: HidServ
> Description: Enables generic input access to Human Interface Devices
> (HID), which activates and maintains the use of predefined hot buttons
> on keyboards, remote controls, and other multimedia devices. If this
> service is stopped, hot buttons controlled by this service will no
> longer function. If this service is disabled, any services that
> explicitly depend on it will fail to start.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: IISADMIN
> Description: Allows administration of Web and FTP services through the
> Internet Information Services snap-in
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\inetsrv\inetinfo.exe
>
> Name: Irmon
> Description: Supports infrared devices installed on the computer and
> detects other devices that are in range.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: lanmanserver
> Description: Supports file, print, and named-pipe sharing over the
> network for this computer. If this service is stopped, these functions
> will be unavailable. If this service is disabled, any services that
> explicitly depend on it will fail to start.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: LanmanWorkstation
> Description: Creates and maintains client network connections to
> remote servers. If this service is stopped, these connections will be
> unavailable. If this service is disabled, any services that explicitly
> depend on it will fail to start.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: LmHosts
> Description: Enables support for NetBIOS over TCP/IP (NetBT) service
> and NetBIOS name resolution.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k LocalService
>
> Name: MSSQLSERVER
> Description:
> Startup Mode: Auto
> Run from: C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe
>
> Name: Netlogon
> Description: Supports pass-through authentication of account logon
> events for computers in a domain.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\lsass.exe
>
> Name: Netman
> Description: Manages objects in the Network and Dial-Up Connections
> folder, in which you can view both local area network and remote
> connections.
> Startup Mode: Manual
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: Nla
> Description: Collects and stores network configuration and location
> information, and notifies applications when this information changes.
> Startup Mode: Manual
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: Norton AntiVirus Server
> Description:
> Startup Mode: Auto
> Run from: C:\Program Files\NavNT\rtvscan.exe
>
> Name: PlugPlay
> Description: Enables a computer to recognize and adapt to hardware
> changes with little or no user input. Stopping or disabling this
> service will result in system instability.
> Startup Mode: Auto
> Run from: C:\WINDOWS\system32\services.exe
>
> Name: ProtectedStorage
> Description: Provides protected storage for sensitive data, such as
> private keys, to prevent access by unauthorized services, processes,
> or users.
> Startup Mode: Auto
> Run from: C:\WINDOWS\system32\lsass.exe
>
> Name: RasMan
> Description: Creates a network connection.
> Startup Mode: Manual
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: RemoteRegistry
> Description: Enables remote users to modify registry settings on this
> computer. If this service is stopped, the registry can be modified
> only by users on this computer. If this service is disabled, any
> services that explicitly depend on it will fail to start.
> Startup Mode: Auto
> Run from: C:\WINDOWS\system32\svchost.exe -k LocalService
>
> Name: RpcSs
> Description: Provides the endpoint mapper and other miscellaneous RPC
> services.
> Startup Mode: Auto
> Run from: C:\WINDOWS\system32\svchost -k rpcss
>
> Name: SamSs
> Description: Stores security information for local user accounts.
> Startup Mode: Auto
> Run from: C:\WINDOWS\system32\lsass.exe
>
> Name: SCardSvr
> Description: Manages access to smart cards read by this computer. If
> this service is stopped, this computer will be unable to read smart
> cards. If this service is disabled, any services that explicitly
> depend on it will fail to start.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\SCardSvr.exe
>
> Name: Schedule
> Description: Enables a user to configure and schedule automated tasks
> on this computer. If this service is stopped, these tasks will not be
> run at their scheduled times. If this service is disabled, any
> services that explicitly depend on it will fail to start.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: seclogon
> Description: Enables starting processes under alternate credentials.
> If this service is stopped, this type of logon access will be
> unavailable. If this service is disabled, any services that explicitly
> depend on it will fail to start.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: SENS
> Description: Tracks system events such as Windows logon, network, and
> power events. Notifies COM+ Event System subscribers of these events.
> Startup Mode: Auto
> Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs
>
> Name: SharedAccess
> Description: Provides network address translation, addressing, name
> resolution and/or intrusion prevention services for a home or small
> office network.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: ShellHWDetection
> Description:
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: SmcService
> Description:
> Startup Mode: Auto
> Run from: C:\Program Files\Sygate\SPF\smc.exe
>
> Name: SMTPSVC
> Description: Transports electronic mail across the network
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\inetsrv\inetinfo.exe
>
> Name: Spooler
> Description: Loads files to memory for later printing.
> Startup Mode: Auto
> Run from: C:\WINDOWS\system32\spoolsv.exe
>
> Name: SSDPSRV
> Description: Enables discovery of UPnP devices on your home network.
> Startup Mode: Manual
> Run from: C:\WINDOWS\System32\svchost.exe -k LocalService
>
> Name: stisvc
> Description: Provides image acquisition services for scanners and
> cameras.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k imgsvc
>
> Name: TapiSrv
> Description: Provides Telephony API (TAPI) support for programs that
> control telephony devices and IP based voice connections on the local
> computer and, through the LAN, on servers that are also running the
> service.
> Startup Mode: Manual
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: TermService
> Description: Allows multiple users to be connected interactively to a
> machine as well as the display of desktops and applications to remote
> computers. The underpinning of Remote Desktop (including RD for
> Administrators), Fast User Switching, Remote Assistance, and Terminal
> Server.
> Startup Mode: Manual
> Run from: C:\WINDOWS\System32\svchost -k DComLaunch
>
> Name: Themes
> Description: Provides user experience theme management.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
> Name: TrkWks
> Description: Maintains links between NTFS files within a computer or
> across computers in a network domain.
> Startup Mode: Auto
> Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs
>
> Name: UMWdf
> Description: Enables Windows user mode drivers.
> Startup Mode: Auto
> Run from: C:\WINDOWS\system32\wdfmgr.exe
>
> Name: w32time
> Description: Maintains date and time synchronization on all clients
> and servers in the network. If this service is stopped, date and time
> synchronization will be unavailable. If this service is disabled, any
> services that explicitly depend on it will fail to start.
>
> Startup Mode: Auto
> Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs
>
> Name: W3SVC
> Description: Provides Web connectivity and administration through the
> Internet Information Services snap-in
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\inetsrv\inetinfo.exe
>
> Name: WebClient
> Description: Enables Windows-based programs to create, access, and
> modify Internet-based files. If this service is stopped, these
> functions will not be available. If this service is disabled, any
> services that explicitly depend on it will fail to start.
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k LocalService
>
> Name: winmgmt
> Description: Provides a common interface and object model to access
> management information about operating system, devices, applications
> and services. If this service is stopped, most Windows-based software
> will not function properly. If this service is disabled, any services
> that explicitly depend on it will fail to start.
> Startup Mode: Auto
> Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs
>
> Name: WLTRYSVC
> Description:
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\WLTRYSVC.EXE
> C:\WINDOWS\System32\bcmwltry.exe
>
> Name: WMDM PMSP Service
> Description:
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\MsPMSPSv.exe
>
> Name: wuauserv
> Description: Enables the download and installation of critical Windows
> updates. If the service is disabled, the operating system can be
> manually updated at the Windows Update Web site.
> Startup Mode: Auto
> Run from: C:\WINDOWS\system32\svchost.exe -k netsvcs
>
> Name: WZCSVC
> Description: Provides automatic configuration for the 802.11 adapters
> Startup Mode: Auto
> Run from: C:\WINDOWS\System32\svchost.exe -k netsvcs
>
Anonymous
October 15, 2004 1:04:57 PM

Archived from groups: microsoft.public.windowsxp.perform_maintain (More info?)

Use Google to search for info. i.e.

http://www.google.com/search?hl=en&q=igfxtray.exe&btnG=...

igfxtray - igfxtray.exe - Process Information
http://www.liutilities.com/products/wintaskspro/process...

Do a little research.

--
Hope this helps. Let us know.
Wes

In news:6B1B64C2-3093-4790-9B88-E897529CD7EB@microsoft.com,
McFly <McFly@discussions.microsoft.com> hunted and pecked:
> Hi
>
> I'm having what seems to be a familair problem with Task Manager,
> Regedit etc.
>
> I've updated my AVG definitions, scanned in safe mode and normal, run
> a couple of the suggested online scanners, run Spybot and Spyware
> Doctor. And (!) I've tried Doug's various utilities (Security Console
> and XP_taskmgrenab included) and I Task Manager is still greyed out. I
> can however run everything when I boot in Safe Mode.
>
> So I've used Doug's Program Tracker and I'm hoping someone can help me
> decipher what the heck is going on.
>
> Many thanks in advance and please don't tell me to run a virus
> check!!!!
>

<SNIP>
!