Windows Processes - Introduction

Introduction to Processes

To make it more versatile, Microsoft Windows is structured around services (processes) which run in the background. The list of processes currently running may be viewed by pressing CTRL+ALT+DEL simultaneously, then clicking on the Processes tab. The window then displays the list of processes being run and the system resources allocated to each one.

Many of these processes are system processes which are an integral part of Windows, while some are third-party applications. When the operating system seems to "hang," it may be helpful to determine which process is consuming the most resources.

What's more, the presence of worms, viruses, Trojan horses, spyware, and adware on the system is usually indicate by the presence of suspicious processes. This is why they often take the name of a true system process in order to go unnoticed (for example, system32.exe instead of system32.dll, or isass.exe instead of lsass.exe).

The goal of this folder is to help you recognise system processes, application processes, and several false processes.

Task Manager

The Task Manager is a tool that supervises system performance and monitors the status of Windows processes in real time. You may view the Task Manager by pressing the keys CTRL+ALT+DEL simultaneously, or by right-clicking on the taskbar and selecting "Task Manager", or by running it from Start Menu / Run with the command taskmgr.exe.

Task Manager

The Task Manager has 5 tabs:

Applications: Shows which applications are running, and lets the user make changes to them by opening the context menu with the right mouse button. You can:
- Switch to the task
- End the task
- Minimise the window or task
- Maximise the window or task
- Bring the task to front
- Display the process which corresponds to the task
Processes: Shows the list of processes running, and gives information about what they do. By default, the Task Manager displays the following information:
- Image Name (name of the executable file)
- User Name
- CPU
- Memory Usage
Other indicators can be displayed -- in all, 25 are available -- by going to View / Select Columns.
Performance: Gives graphical representations of processor and page file (swap file) usage.
Networking: Gives statistics for bandwidth usage on computer network interfaces
Users: Displays information on which users can access the computer and their session status. Right-clicking on the user name brings up a context menu which can be used to disconnect the user or log him or her off.

Common processes

Below is a non-exhaustive list of common processes, grouped by category (the third column indicates the name of processes which may constitute a security risk).

System processes	Applications	Risks
agentsvr.exe alg.exe autorun.exe cconnect.exe cidaemon.exe cisvc.exe clisvcl.exe cmd.exe csrss.exe ctfmon.exe ddhelp.exe dfssvc.exe dllhost.exe dmadmin.exe dns.exe dumprep.exe explorer.exe grpconv.exe helpctr.exe hidserv.exe iexplore.exe imapi.exe inetinfo.exe internat.exe ireike.exe ismserv.exe kernel32.dll launch32.exe lights.exe locator.exe lsass.exe mad.exe mapisp32.exe mdm.exe mmc.exe mmtask.tsk mnmsrvc.exe monitor.exe mprexe.exe msconfig.exe msdtc.exe msgsrv32.exe msiexec.exe msoobe.exe mssearch.exe mstask.exe mtx.exe netdde.exe ntfrs.exe ntoskrnl.exe ntvdm.exe pstores.exe regsvc.exe regsvr32.exe rnaapp.exe rpcss.exe rundll32.exe runonce.exe sage.exe scanregw.exe scardsvr.exe scm.exe services.exe smss.exe snmp.exe snmptrap.exe spool32.exe spoolss.exe spoolsv.exe srvany.exe svchost.exe system systray.exe tapisrv.exe taskmgr.exe taskmon.exe taskswitch.exe winlogon.exe winmgmt.exe winoa386.mod wins.exe wisptis.exe wkdetect.exe wmiexe.exe wmiprvse.exe wowexec.exe wuauclt.exe	acrord32.exe acrotray.exe acsd.exe actalert.exe agrsmmsg.exe aim.exe apoint.exe ati2evxx.exe atiptaxx.exe atrack.exe avgcc32.exe avgserv.exe avsynmgr.exe backweb-8876480.exe bcmsmmsg.exe btwdins.exe carpserv.exe ccapp.exe ccevtmgr.exe ccpxysvc.exe ccregvfy.exe cdac11ba.exe cdplayer.exe cmmpu.exe cpd.exe cthelper.exe ctsvccda.exe cvpnd.exe dadapp.exe damon.exe ddcman.exe defwatch.exe devldr32.exe directcd.exe dit.exe dlg.exe dsentry.exe dw.exe dxdllreg.exe em_exec.exe evntsvc.exe ezsp_px.exe findfast.exe firedaemon.exe gamechannel.exe hh.exe hkcmd.exe htpatch.exe iamapp.exe igfxtray.exe javaw.exe jusched.exe kazaa.exe kbd.exe lexbces.exe lexpps.exe livenote.exe loadqm.exe loadwc.exe lucomserver.exe lvcoms.exe mcshield.exe mgabg.exe mm_tray.exe mmtask.exe mobsync.exe mplayer2.exe msgsys.exe mshta.exe msimn.exe msmsgs.exe msnmsgr.exe mspaint.exe mspmspsv.exe mssvc.exe navapsvc.exe navapw32.exe nerocheck.exe netscape.exe netscp6.exe nisum.exe nopdb.exe notepad.exe nwiz.exe nvsvc32.exe osa.exe osd.exe pctspk.exe pds.exe pinger.exe point32.exe promon.exe prpcui.exe ps2.exe psfree.exe ptsnoop.exe qserver.exe qttask.exe ramsys.exe realplay.exe realsched.exe reboot.exe regedit.exe rnathchk.exe rndal.exe rtvscan.exe rulaunch.exe sagent2.exe sbhc.exe schwizex.exe sentry.exe setup.exe sgtray.exe smc.exe sndvol32.exe soffice.exe soundman.exe ssdpsrv.exe starteak.exe steam.exe stimon.exe stisvc.exe studio.exe tcpsvcs.exe tfswctrl.exe tgcmd.exe tkbell.exe unwise.exe updatestats.exe updreg.exe uptodate.exe urlmap.exe userinit.exe wanmpsvc.exe wcescomm.exe wcmdmgr.exe webscanx.exe winamp.exe winvnc.exe winword.exe winzip32.exe wjview.exe wkcalrem.exe wkufind.exe wmplayer.exe wordpad.exe vptray.exe wscript.exe vshwin32.exe vsmon.exe wuser32.exe wzqkpick.exe xfr.exe xl.exe ypager.exe zlclient.exe	adaware.exe alevir.exe arr.exe ascv.exe backWeb.exe bargains.exe blss.exe bootconf.exe bpc.exe brasil.exe bundle.exe bvt.exe cfd.exe cmd32.exe cmesys.exe datemanager.exe dcomx.exe divx.exe dllreg.exe dpps2.exe dssagent.exe emsw.exe explore.exe fsg_4104.exe gator.exe gmt.exe hbinst.exe hbsrv.exe hxdl.exe hxiul.exe iedll.exe iedriver.exe iexplorer.exe image.dll infus.exe infwin.exe intdel.exe isass.exe istsvc.exe jdbgmgr.exe kazza.exe keenvalue.exe kernel32.exe launcher.exe loader.exe mapisvc32.exe md.exe mfin32.exe mmod.exe mostat.exe msapp.exe msbb.exe msblast.exe mscache.exe msccn32.exe mscman.exe msdm.exe msiexec16.exe mslagent.exe mslaugh.exe msmgt.exe msmsgri32.exe msrexe.exe mssys.exe msvxd.exe netd32.exe nssys32.exe nstask32.exe nsupdate.exe onsrvr.exe optimize.exe patch.exe pgmonitr.exe powerscan.exe prizesurfer.exe prmt.exe prmvr.exe ray.exe rb32.exe rcsync.exe run32dll.exe rundll.exe rundll16exe ruxdll32.exe sahagent.exe save.exe savenow.exe sc.exe scam32.exe scrsvr.exe scvhost.exe service.exe showbehind.exe skynetave.exe soap.exe spoler.exe srng.exe start.exe stcloader.exe support.exe svc.exe svchosts.exe svshost.exe system.exe system32.exe teekids.exe trickler.exe tsadbot.exe tvmd.exe tvtmd.exe webdav.exe win32.exe win32us.exe winactive.exe win-bugsfix.exe windows.exe wininetd.exe wininit.exe winlogin.exe winmain.exe winnet.exe winppr32.exe winservn.exe winssk32.exe winstart.exe winstart001.exe wintsk32.exe winupdate.exe wnad.exe wuamgrd.exe wupdt.exe

System processes

Applications

Risks

agentsvr.exe
alg.exe
autorun.exe
cconnect.exe
cidaemon.exe
cisvc.exe
clisvcl.exe
cmd.exe
csrss.exe
ctfmon.exe
ddhelp.exe
dfssvc.exe
dllhost.exe
dmadmin.exe
dns.exe
dumprep.exe
explorer.exe
grpconv.exe
helpctr.exe
hidserv.exe
iexplore.exe
imapi.exe
inetinfo.exe
internat.exe
ireike.exe
ismserv.exe
kernel32.dll
launch32.exe
lights.exe
locator.exe
lsass.exe
mad.exe
mapisp32.exe
mdm.exe
mmc.exe
mmtask.tsk
mnmsrvc.exe
monitor.exe
mprexe.exe
msconfig.exe
msdtc.exe
msgsrv32.exe
msiexec.exe
msoobe.exe
mssearch.exe
mstask.exe
mtx.exe
netdde.exe
ntfrs.exe
ntoskrnl.exe
ntvdm.exe
pstores.exe
regsvc.exe
regsvr32.exe
rnaapp.exe
rpcss.exe
rundll32.exe
runonce.exe
sage.exe
scanregw.exe
scardsvr.exe
scm.exe
services.exe
smss.exe
snmp.exe
snmptrap.exe
spool32.exe
spoolss.exe
spoolsv.exe
srvany.exe
svchost.exe
system
systray.exe
tapisrv.exe
taskmgr.exe
taskmon.exe
taskswitch.exe
winlogon.exe
winmgmt.exe
winoa386.mod
wins.exe
wisptis.exe
wkdetect.exe
wmiexe.exe
wmiprvse.exe
wowexec.exe
wuauclt.exe

acrord32.exe

acrotray.exe

acsd.exe
actalert.exe
agrsmmsg.exe
aim.exe
apoint.exe
ati2evxx.exe
atiptaxx.exe
atrack.exe
avgcc32.exe
avgserv.exe
avsynmgr.exe
backweb-8876480.exe
bcmsmmsg.exe
btwdins.exe
carpserv.exe
ccapp.exe
ccevtmgr.exe
ccpxysvc.exe
ccregvfy.exe
cdac11ba.exe
cdplayer.exe
cmmpu.exe
cpd.exe
cthelper.exe
ctsvccda.exe
cvpnd.exe
dadapp.exe
damon.exe
ddcman.exe
defwatch.exe
devldr32.exe
directcd.exe
dit.exe
dlg.exe
dsentry.exe
dw.exe
dxdllreg.exe
em_exec.exe
evntsvc.exe
ezsp_px.exe
findfast.exe
firedaemon.exe
gamechannel.exe
hh.exe
hkcmd.exe
htpatch.exe
iamapp.exe
igfxtray.exe
javaw.exe
jusched.exe
kazaa.exe
kbd.exe
lexbces.exe
lexpps.exe
livenote.exe
loadqm.exe
loadwc.exe
lucomserver.exe
lvcoms.exe
mcshield.exe
mgabg.exe
mm_tray.exe
mmtask.exe
mobsync.exe
mplayer2.exe
msgsys.exe
mshta.exe
msimn.exe
msmsgs.exe
msnmsgr.exe
mspaint.exe
mspmspsv.exe
mssvc.exe
navapsvc.exe
navapw32.exe
nerocheck.exe
netscape.exe
netscp6.exe
nisum.exe
nopdb.exe
notepad.exe
nwiz.exe
nvsvc32.exe
osa.exe
osd.exe
pctspk.exe
pds.exe
pinger.exe
point32.exe
promon.exe
prpcui.exe
ps2.exe
psfree.exe
ptsnoop.exe
qserver.exe
qttask.exe
ramsys.exe
realplay.exe
realsched.exe
reboot.exe
regedit.exe
rnathchk.exe
rndal.exe
rtvscan.exe
rulaunch.exe
sagent2.exe
sbhc.exe
schwizex.exe
sentry.exe
setup.exe
sgtray.exe
smc.exe
sndvol32.exe
soffice.exe
soundman.exe
ssdpsrv.exe
starteak.exe
steam.exe
stimon.exe
stisvc.exe
studio.exe
tcpsvcs.exe
tfswctrl.exe
tgcmd.exe
tkbell.exe
unwise.exe
updatestats.exe
updreg.exe
uptodate.exe
urlmap.exe
userinit.exe
wanmpsvc.exe
wcescomm.exe
wcmdmgr.exe
webscanx.exe
winamp.exe
winvnc.exe
winword.exe
winzip32.exe
wjview.exe
wkcalrem.exe
wkufind.exe
wmplayer.exe
wordpad.exe
vptray.exe
wscript.exe
vshwin32.exe
vsmon.exe
wuser32.exe
wzqkpick.exe
xfr.exe
xl.exe
ypager.exe
zlclient.exe

adaware.exe
alevir.exe
arr.exe
ascv.exe
backWeb.exe
bargains.exe
blss.exe
bootconf.exe
bpc.exe
brasil.exe
bundle.exe
bvt.exe
cfd.exe
cmd32.exe
cmesys.exe
datemanager.exe
dcomx.exe
divx.exe
dllreg.exe
dpps2.exe
dssagent.exe
emsw.exe
explore.exe
fsg_4104.exe
gator.exe
gmt.exe
hbinst.exe
hbsrv.exe
hxdl.exe
hxiul.exe
iedll.exe
iedriver.exe
iexplorer.exe
image.dll
infus.exe
infwin.exe
intdel.exe
isass.exe
istsvc.exe
jdbgmgr.exe
kazza.exe
keenvalue.exe
kernel32.exe
launcher.exe
loader.exe
mapisvc32.exe
md.exe
mfin32.exe
mmod.exe
mostat.exe
msapp.exe
msbb.exe
msblast.exe
mscache.exe
msccn32.exe
mscman.exe
msdm.exe
msiexec16.exe
mslagent.exe
mslaugh.exe
msmgt.exe
msmsgri32.exe
msrexe.exe
mssys.exe
msvxd.exe
netd32.exe
nssys32.exe
nstask32.exe
nsupdate.exe
onsrvr.exe
optimize.exe
patch.exe
pgmonitr.exe
powerscan.exe
prizesurfer.exe
prmt.exe
prmvr.exe
ray.exe
rb32.exe
rcsync.exe
run32dll.exe
rundll.exe
rundll16exe
ruxdll32.exe
sahagent.exe
save.exe
savenow.exe
sc.exe
scam32.exe
scrsvr.exe
scvhost.exe
service.exe
showbehind.exe
skynetave.exe
soap.exe
spoler.exe
srng.exe
start.exe
stcloader.exe
support.exe
svc.exe
svchosts.exe
svshost.exe
system.exe
system32.exe
teekids.exe
trickler.exe
tsadbot.exe
tvmd.exe
tvtmd.exe
webdav.exe
win32.exe
win32us.exe
winactive.exe
win-bugsfix.exe
windows.exe
wininetd.exe
wininit.exe
winlogin.exe
winmain.exe
winnet.exe
winppr32.exe
winservn.exe
winssk32.exe
winstart.exe
winstart001.exe
wintsk32.exe
winupdate.exe
wnad.exe
wuamgrd.exe
wupdt.exe

Last update on Thursday October 16, 2008 02:43:19 PM.

Next Actmovie.exe

Windows Processes - Introduction Introduction to Processes To make it more versatile, Microsoft Windows is structured around services (processes) which run in the background. The list of processes currently running may be viewed by pressing CTRL+ALT+DEL simultaneously, then... en.kioskea.net/contents/processus/processus.php3

Optimizing Windows boot process Optimizing Windows boot process. Click on the start menu. Open the run tab. Type in sysedit and press OK. This should open the System configuration editor, and in the C:\AUTOEXEC.BAT panel, type in the following command: LH... en.kioskea.net/faq/sujet-566-optimizing-windows-boot-process

User management in Windows NT The notion of a user Windows NT is an operating system which manages sessions, meaning that when the system is started, it is necessary to log in with a user name and password. When Windows NT is installed, the administrator account is created by... en.kioskea.net/contents/winnt/ntusers.php3

Results for Windows Processes Introduction

[Windows XP] Explorer.exe is using the CPU at 99% or100%[Windows XP] Explorer.exe is using the CPU at 99% or100% Then fact that Windows Explorer is using CPU resources at 99% or a 100% may be due to a bug :Windows usually calculate the duration of all videos on the disk, causing the... en.kioskea.net/faq/sujet-813-windows-xp-explorer-exe-is-using-the-cpu-at-99-or100

Identify the processorIntroduction This is a trick to allow you to simply identify your processor. Useful to know precisely the capabilities and the technical characteristics of this element and further, possibly your configuration. How to identify the... en.kioskea.net/faq/sujet-25-identify-the-processor

Error Codes in WindowsError Codes in Windows The list below details the error codes displayed in the dialog boxes in Windows: Code Description _________________________________________________________________________ 1 Incorrect function.... en.kioskea.net/faq/sujet-2347-error-codes-in-windows

Results for Windows Processes Introduction

Win32.brontoki keep getting a message from my protection program stating that i have a worm called "win32.brontok" and i cant figure out a way to get rid of it if there is some special program that can get rid of it or a process that can get rid of it i would... en.kioskea.net/forum/affich-104646-win32-brontok

Windows live messenger is not opening (Solved)Hello, I know that a lot post were create on this subject but heretofore I did not have answer! For 2 weeks now, WLM (windows Live Messenger) does not start.I explain: I throw application, 1 second of egg timer, and anything more. I acquired ground in... en.kioskea.net/forum/affich-12352-windows-live-messenger-is-not-opening

Win32 Generic Host (Solved)Hello, I am using a dail-up-Connection, whenever i connect to internet after sometime a window appears saying that Generic Host cause a problem we have to close it and something like that, and then internet stop working.. what should i do?? bLuE en.kioskea.net/forum/affich-56033-win32-generic-host

Results for Windows Processes Introduction

Download Process ExplorerProcess Explorer shows you information about which handles and DLLs processes have opened or loaded. Advantage It consists of two sub-windows that in the 1st one you can see the active process and the names of their owning accounts whereas in the... en.kioskea.net/telecharger/telecharger-286-process-explorer

Download Windows Mobile Device CenterWith the arriving of Windows Vista, it is consequently necessary to use Windows Mobile Device Center.It works on the same foundation as ActiveSync but on top of that aesthetics more complete and with a catch in hand more intuitive.The Windows Mobile... en.kioskea.net/telecharger/telecharger-409-windows-mobile-device-center

Download Windows Live MessengerWindows Live Messenger is the next-generation MSN Messenger. It has everything you already love about Messenger—your contact list, emoticons, and instant access to your friends via text, voice, and video—plus new ways to connect and share photos... en.kioskea.net/telecharger/telecharger-47-windows-live-messenger

Results for Windows Processes Introduction

Microsoft OEM Licence Microsoft OEM Windows Server 2003 Enterprise Edition Inc. Service Pack 2 25 CLInc ., Designed for mission-critical server workloads, Windows Server 2003, Enterprise Edition, is the recommended operating system for servers that run applications such as networking, messaging, inventory, and customer service systems; databases;... en.kioskea.net/guide/641746359-microsoft-oem-licence-microsoft-oem-windows-server-2003-enterprise-edition-inc-service-pack-2-25-clt-r2-1-pack

Microsoft OEM Licence Windows XP Home Edition with Service Pack 3, English, 1 pack DSP OEI CDOEM WIN XP HOME SP3 en.kioskea.net/guide/458935119-microsoft-oem-licence-windows-xp-home-edition-with-service-pack-3-english-1-pack-dsp-oei-cd

Microsoft OEM Licence Windows Vista Home Basic SP1 32-bit English 1pk DSP OEI DVDSP 1 1 pk, Windows Vista Home Basic is the operating system for homes with basic computing needs. It is easy to set up, it helps you use your PC more securely and reliably, and like all of the editions of Windows Vista, it is compatible with the... en.kioskea.net/guide/536900861-microsoft-oem-licence-windows-vista-home-basic-sp1-32-bit-english-1pk-dsp-oei-dvd

Results for Windows Processes Introduction

Quality - Process ManagementThe Concept of Processes The process model consists in considering a company's goal to be to provide products and/or services that meet client expectations. Thus, the company is modeled as a series of processes that allows the company to identify... en.kioskea.net/contents/qualite/processus.php3

Winmgmt - winmgmt.exewinmgmt - winmgmt.exe winmgmt.exe (winmgmt stands for Windows Management Services) is a Windows 98/NT/Me/2000/XP generic process for creating scripts used in managing hardware, user accounts, networking, etc. The process winmgmt is not in any way a... en.kioskea.net/contents/processus/winmgmt-exe.php3

Winlogon - winlogon.exewinlogon - winlogon.exe winlogon.exe (winlogon stands for Windows LogOn Process) is a Windows NT/2000/XP generic process which manages log-on and log-off processes. The process winlogon is also active when the Windows Security window is open (shown... en.kioskea.net/contents/processus/winlogon-exe.php3

Results for Windows Processes Introduction