Details of 15 major Windows XP System Processes

Source: Internet
Author: User

1.svchost.exe

Process file: svchost1_svchost.exe

Process name: microsoft service host process

Description: svchost.exe is a system program of the Microsoft windows operating system used to execute dll files. This program is very important to the normal operation of your system. Note: svchost.exe may also be a w32.welchia. worm virus. It uses the windowslsass vulnerability to create a buffer overflow, causing your computer to shut down. Please refer to the path name. There is also a virus svch0st.exe with a number 0 in the middle, not the English letter o. Note the folder where the process is located. The normal process should be under system32 and servicepackfilesi386 in windows.

 

2. IEXPLORE. EXE

Process file: iexplorepolicipolice.exe

Process name: microsoft internet explorer

Description: iexplore.exe is the main program of microsoft internet explorer. This Microsoft windows application allows you to surf the Internet and access the local interanet network. This is not a pure system program, but terminating it may cause unknown problems. Iexplore.exe is also part of the avant web browser, which is a free internet explorer-based browser. Ipolice.exe may also be a Trojan. killav. B virus that terminates your anti-virus software and some windows system tools. The normal process should be under programfilesinternetexplorer and system32dllcache


3.rundll32.exe

Process file: rundll321_rundll32.exe

Process name: microsoftrundll32

Description: rundll32.exe is used to run dll files in the memory, which will be used in applications. This program is very important to the normal operation of your system. Note: rundll32.exe may also be a w32.miroot. worm Virus. The virus allows attackers to access your computer and steal passwords and personal data. Note the folder where the process is located. The normal process should be under system32 and system32dllcache of windows.


4.ctfmon.exe

Name: alternative user input services

Description: ctfmon.exe is part of the microsoft office product suite. It can select the user text input program and Microsoft Office xp language. This is not a pure system program, but terminating it may cause unknown problems.


5. WINLOGON. EXE

Process file: winlogon or winlogon.exe

Process name: microsoft windows logon process

Description: winlogon.exe is the windows domain logon manager. It is used to process the process of logging on to and exiting the system. The role of this process in your system is very important. Note: winlogon.exe may also be a w32.netsky. d @ mm Worm. The virus is transmitted via email. When you open the attachment sent by the virus, it will be infected. This virus will create an smtp engine on the victim's computer and spread ** emails. The virus allows attackers to access your computer and steal passwords and personal data. Note the folder where the process is located. The normal process should be under system32 of windows.


6.wdfmgr.exe

Process file: wdfmgrw.wdfmgr.exe

Process name: windows driver foundation manager

Description:

Wdfmgr.exe is a program related to the Microsoft microsoftwindowsmediaplayer10 player. This process is used to reduce compatibility issues. This is not a pure system program, but terminating it may cause unknown problems.

7.alg.exe


Process file: alg or alg.exe process name: application layer gateway service Description: alg.exe is a program that comes with Microsoft windows operating system. It is used to process Microsoft windows network connection sharing and network connection firewall. This program is very important to the normal operation of your system.


8.smss.exe

Process file: smss1_smss.exe

Process name: session manager subsystem

Description: smss.exe is part of the Microsoft windows operating system. This process calls the conversation management subsystem and is responsible for operating your system conversations. This program is very important to the normal operation of your system. Note: smss.exe may also be a win32.ladex. a Trojan. This trojan allows attackers to access your computer and steal passwords and personal data. Note the folder where the process is located. The normal process should be under system32 and servicepackfilesi386 in windows.


9.explorer.exe

Process file: assumerpolicer.exe

Process name: microsoft windows explorer

Description: cmder.exe is a windows program manager or windows resource manager. It is used to manage windows Graphical shells, including the Start Menu, taskbar, desktop, and file management. Deleting this program will make the windows GUI unavailable. Note: assumer.exe may also have w32.codered and w32.mydoom. B @ mm viruses. The virus is transmitted via email. When you open the attachment, it will be infected. The worm creates an smtp service on the victim machine for larger transmission. This worm allows attackers to access your computer and steal passwords and personal data. Note the folder where the process is located. The normal process should be under windows and servicepackfilesi386.


10.csrss.exe

Process file: csrss csrss.exe

Process name: microsoft client/server runtime server subsystem

Description: csrss.exe is the runtime subsystem of the Microsoft Client/Server. This process manages windows Graphics related tasks. This program is very important to the normal operation of your system. Note: csrss.exe may also be created by viruses such as w32.netsky. AB @ mm, w32.webus Trojan, and win32.ladex.. The virus is transmitted by email. When you open the attachment, It is infected. The worm creates an smtp service on the victim machine for its own propagation. This virus allows attackers to access your computer and steal Trojans and personal data. Note the folder where the process is located. The normal process should be under system32 and servicepackfilesi386 in windows.

 

11.lsass.exe

Process file: lsass lsass.exe process name: local Security Level author ityservice Description: lsass.exe is a system process about the Microsoft Security Mechanism, mainly dealing with some special security mechanisms and login policies.

 

12. CONIME. EXE

This file is the input process. Note the folder where the process is located. The normal process should be under system32 and system32dllcache of windows. In Windows, conime.exe is a bfghost1.0 Remote Control backdoor program that allows attackers to access your computer and steal passwords and personal data.

 

13.wmiprvse.exe

Process file: wmirvse wmirvse.exe process name: microsoft windows management instrumentation Description: wmirvse.exe is part of microsoft windows operating system. It is used to process wmi operations through the winmgmt.exe program. This program is very important to the normal operation of your system.

 

14.timplatform.exe

Timplatform.exe is an external application development interface management program used by qq and tencent messenger. It is an indispensable underlying core module of qq. If the program is deleted, qq will lose the function of mutual calls with the peripheral functional modules and external applications.

 

15.realsched.exe

Process file: realsched.exe

Process name: real networks scheduler

Description: realsched.exe is a regular update detection program for real networks. This is not a necessary process of the system. It is installed through the User License Agreement. If you terminate it, the update prompt cannot be displayed.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.