Processes in the Windows Task Manager

From Free Knowledge Base- The DUCK Project: information for everyone
Revision as of 06:22, 29 August 2009 by Admin (Talk | contribs)

Jump to: navigation, search

Windows XP/2000/2003 Services and Background Processes.

  • starwindservice.exe - Belongs to Alcohol 120% and provides network drive sharing capabilities to this product. This program is a non-essential process, but should not be terminated unless suspected to be causing problems. This is a valid program but it is not required to run on startup.
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

Legacy Notes Section

 Services which may be in your task monitor on Windows XP (most apply to Win2k also)
 Windows Services, 3rd Party Services and Drivers
 
 process               description
 -------------------------------------------------------------------------------
 
 USER LEVEL PROCESSES:
 
 1XConfig.exe  Shuttle and SCM MicroSystems drivers or USB utilities Tray icon
 AltiAgent.exe VOiP software propritary
 AltDesk.exe   virtual desktop manager for Windows 9x/NT/Me/2000/XP
 ApntEx.exe    Alps Pointing-device touchpad software driver
 Apoint.exe    Alps Pointing-device touchpad software driver
 F-StopW.exe   F-Prot anti-virus background scanner
 hkcmd.exe     Hotkey Command interpretter part of Intel multimedia devices
 igfxtray.exe  Intel Graphics Tray Icon Graphics Accelerator Helper
 jusched.exe   Sun Microsystem's Java updater
 PRONoMgr.exe  System Tray icon for Intel PRO series Ethernet
 STACMON.exe   SigmaTel Souncard Monitor stacmon for Sigmatel audio devices
 TeaTimer.exe  Spybot search and destroy realtime monitor
 ZCfgSVC.exe   Intel ProSET Zero Config MFC Application Windows 2000/XP/2003 Service
 
 SYSTEM LEVEL PROCESSES:
 
 csrss.exe     
 LSASS.EXE     Local Security Authority Service Process 
 S24EvMon.exe  Event Monitor Wireless extensions for network driver
 SERVICES.EXE  Windows Service Controller for starting and stopping services
 smss.exe      MS Windows Session Manager Subsystem
 SPOOLSV.EXE   Microsoft Printer Spooler responsible for managing print jobs
 svchost.exe   (*A)DLL generic host process
 
 LOCAL SERVICE PROCESSES:
 
 alg.exe               Microsoft Windows Internet Connection sharing and firewall
 svchost.exe   (*A)DLL generic host process
 
 NETWORK SERVICE PROCESSES:
 
 svchost.exe   (*A)DLL generic host process
 
 -------------------------------------------------------------------------------
 
 notes:
 
 (*A). Legit svchost.exe will be present in the %Windir%\System32 folder.  They
 are generic host process name for services that run from dynamic-link
 libraries (DLLs).  The Svchost.exe file is located in the
 %SystemRoot%\System32 folder. At startup, Svchost.exe checks the services part
 %of the registry to construct a list of services that it must load. Multiple
 %instances of Svchost.exe can run at the same time. Each Svchost.exe session
 %can contain a grouping of services. ( MSKB Article ID : 314056 )
 Svchost.exe groups are identified in the following registry key:
 HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Svchost
 PROCESS DETAILS for each svchost:
 At the command prompt type tasklist /svc /fi "imagename eq svchost.exe" and
 press the enter key. You will see a list of the processes on your computer as
 well as the services that a SVCHOST.EXE process is managing.
 EXAMPLE:
 C:\>tasklist /svc /fi "imagename eq svchost.exe"
 
 Image Name                   PID Services
 ========================= ====== =============================================
 svchost.exe                  852 DcomLaunch, TermService
 svchost.exe                  940 RpcSs
 svchost.exe                 1032 AudioSrv, CryptSvc, Dhcp, dmserver, ERSvc,
                                  EventSystem, helpsvc, HidServ, lanmanserver,
                                  lanmanworkstation, Netman, Nla, Schedule,
                                  seclogon, SENS, SharedAccess,
                                  ShellHWDetection, srservice, Themes, TrkWks,
                                  W32Time, winmgmt, wuauserv, WZCSVC
 svchost.exe                 1080 Dnscache
 svchost.exe                 1136 LmHosts, RemoteRegistry, SSDPSRV, WebClient