Search notes:

svchost.exe

svchost.exe runs services.
When Windows starts up, svchost.exe starts the services it finds in the registry under the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost.
But see also the the value of ImagePath under a driver's corresponding registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\driverName.

-k

svchost.exe can be started with -k xyz. In such cases, xyz seems to correspond to a value and a registry key below the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost

Links

See Getting started with svchost.exe.

Index