Windows 2000/XP Task Manager is a very useful tool that can provide us with a lot of information, such as the programs that are running in the system now, but we may be a bit dazed with those file executables, and we don't know what they are, or whether there are any suspicious processes (viruses, trojans, etc.). The purpose of this article is to provide some of the common process names in Windows 2000 and to illustrate their usefulness.
In Windows 2000, the system contains the following default processes:
csrss.exe
explorer.exe
internat.exe
lsass.exe
mstask.exe
smss.exe
spoolsv.exe
svchost.exe
services.exe
system
system Idle Process
taskmgr.exe
winlogon.exe
winmgmt.exe
More processes and their brief descriptions are listed below
Process name description
smss.exesessionmanager
csrss.exe Subsystem Server process
winlogon.exe Admin User Login
services.exe contains many system services
lsass.exe manages IP Security policies and initiates Isakmp/oakley (IKE) and IP security drivers.
File Protection system of svchost.exewindows 2000/XP
spoolsv.exe loads the file into memory for later printing. )
explorer.exe Explorer
Phonetic icon for internat.exe tray area)
mstask.exe allows programs to run at specified times.
regsvc.exe allows remote registry operations. (System services)->remoteregister
winmgmt.exe provides system management information (System services).
inetinfo.exemsftpsvc,w3svc,iisadmn
tlntsvr.exetlnrsvr
tftpd.exe implements the TFTP Internet standard. The standard does not require a user name and password.
termsrv.exetermservice
dns.exe answers query and update requests for Domain Name System (DNS) names.
tcpsvcs.exe provides the ability to remotely install Windows Professional on a PXE-capable, remote boot client computer.
ismserv.exe allows messages to be sent and received between Windows Advanced Server sites.
ups.exe manages an uninterruptible power supply (UPS) connected to your computer.
wins.exe provides NetBIOS name services for TCP/IP clients that register and resolve NetBIOS names.
llssrv.exe Certificate Logging Service
ntfrs.exe to maintain file synchronization of file directory content among multiple servers.
rssub.exe controls the media used to store data remotely.
locator.exe manages the RPC name service database.
lserver.exe Register client licenses.
dfssvc.exe manages logical volumes that are distributed over a LAN or WAN.
clipsrv.exe supports ClipBook Viewer so that you can view the clip pages from a remote ClipBook.
msdtc.exe is a parallel transaction that is distributed in more than two databases, message queues, file systems, or other transaction protection resource managers.
faxsvc.exe helps you send and receive faxes.
cisvc.exe Indexing Service
dmadmin.exe System Management Service for disk Management requests.
mnmsrvc.exe allows a privileged user to remotely access the Windows desktop using NetMeeting.
netdde.exe provides network transport and security features for Dynamic Data exchange (DDE).
smlogsvc.exe configures Performance Logs and Alerts.
rsvp.exe provides network signaling and local communication control installation power functions for quality service (QoS)-dependent programs and control applications.
Rseng.exe coordinates services and management tools that are used to store infrequently used data.
rsfsa.exe the operation of remotely stored files.
grovel.exe scans for duplicate files on 0 backup storage (SIS) volumes and points duplicate files to a data storage point to conserve disk space (useful only for NTFS file systems).
scardsvr.ex manages and accesses the smart card inserted into the computer's smart card reader.
snmp.exe contains agents that can monitor the activity of network devices and report to the network console workstation.
snmptrap.exe receives a trap message generated by a local or remote SNMP agent, and then passes the message to the SNMP management program running on this computer.
utilman.exe starts and configures the accessibility tool from a single window.
msiexec.exe basis. MSI file to install, fix, and delete the software.
Summary: The secret of discovering a suspicious process is to look at the list of processes in Task Manager, and after looking at it, one can find suspicious processes, just like finding a group of strangers in a familiar crowd.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
