XP main 15 system processes

1.svchost.exe

Process file: svchost or svchost.exe

Process name: microsoft service host process

Description: svchost.exe is a part of Microsoft Windows operating system system program for executing dll files. This program is very important for the normal operation of your system. Note: svchost.exe may also be a w32.welchia.worm virus that exploits the windowslsass vulnerability to create a buffer overflow that causes your computer to shut down. Please note the name of this process, there is also a virus svch0st.exe, the middle of the name is the number 0, not the English letter o. Please note that the folder where this process is located, the normal process should be under windows system32 and servicepackfiles\\i386

2.IEXPLORE.EXE

process file: iexplore or iexplore.exe

Process Name: microsoft internet explorer

Description: iexplore.exe is the main program of microsoft internet explorer. This Microsoft windows app lets you surf the web and access the local interanet network. This is not a pure system program, but if it is terminated, it can lead to an unknown problem. Iexplore.exe is also part of the avant web browser, a free internet explorer based browser. Note that iexplore.exe may also be a Trojan.killav.b virus, which will terminate your anti-virus software, and some windows system tools. The normal process should be under \\programfiles\\internetexplorer and system32\\dllcache

3.rundll32.exe

process file: rundll32 or rundll32.exe

process name: microsoftrundll32

Description: rundll32.exe is used to run dll files in memory, they will be used in the application. This program is very important for the normal operation of your system. Note: rundll32.exe may also be w32.miroot.worm virus. The virus allows an attacker to access your computer and steal passwords and personal data. Please note that the folder where this process is located, the normal process should be under windows system32 and system32\\dllcache

4.ctfmon.exe

Name: alternative user input services
< Description: ctfmon.exe is part of the microsoft office product suite. It can choose the user text input program, and the Microsoft office xp language bar. This is not a pure system program, but if it is terminated, it can lead to an unknown problem.

5.WINLOGON.EXE

Process file: winlogon or winlogon.exe

Process name: microsoft windows logon process

Description:winlogon.exe is Windows domain login manager. It is used to handle the process of logging in and out of the system. The role of this process in your system is very important. Note: winlogon.exe may also be the w32.netsky.d@mm worm. The virus spreads via email and is infected when you open an attachment sent by the virus. The virus will create the smtp engine on the victim's computer, and the ** mail will spread. The virus allows an attacker to access your computer and steal passwords and personal data. Please note that the folder where this process is located, the normal process should be under the system32 of windows

6.wdfmgr.exe

process file: wdfmgr or wdfmgr.exe

Process Name: windows driver foundation manager

Description:

wdfmgr.exe is a program related to Microsoft microsoftwindowsmediaplayer10 player. This process is used to reduce compatibility issues. This is not a pure system program, but if it is terminated, it can lead to an unknown problem.

7.alg.exe

Process file: alg or alg.exe Process name: application layer gateway service Description: alg.exe is the program that comes with the Microsoft Windows operating system. It is used to handle Microsoft Windows network connection sharing and network connection firewall. This program is very important for the normal operation of your system. 8.smss.exe

Process file: smss or smss.exe

Process name: session manager subsystem

Description: smss.exe is part of the Microsoft Windows operating system. This process invokes the dialog management subsystem and the dialog responsible for operating your system. This program is very important for the normal operation of your system. Note: smss.exe may also be win32.ladex.a trojan. The Trojan allows attackers to access your computer and steal passwords and personal data. Please note that the folder where this process is located, the normal process should be under windows system32 and servicepackfiles\\i386

9.explorer.exe

process file: explorer or explorer.exe

Process Name: microsoft windows explorer

Description: explorer.exe is a windows program manager or windows resource manager, which is used to manage windows graphics shell, including start menu, taskbar, desktop and files. management. Deleting this program will make the windows graphical interface unsuitable. Note: explorer.exe may also be w32.codered and w32.mydoom.b@mm virus. The virus spreads via email and is infected when you open the attachment. The worm will build smtp services on the victim's machine for a wider range of propagation. The worm allows attackers to access your computer and steal passwords and personal data. Please note that the folder where this process is located, the normal process should be under windows and servicepackfiles\\i386

10.csrss.exe

process file: csrss or csrss.exe

Process Name: microsoft client/server runtime server subsystem

Description: csrss.exe is the Microsoft client/server runtime subsystem. This process manages windows graphics related tasks. This program is very important for the normal operation of your system. Note: csrss.exe may also be created by w32.netsky.ab@mm, w32.webus Trojan, win32.ladex.a and other viruses. The virus is spread by email and is infected when you open the attachment. The worm will set up the smtp service on the victim's machine for its own propagation. The virus allows attackers to access your computer and steal Trojans and personal data. Please note that the folder where this process is located, the normal process should be under windows system32 and servicepackfiles\\i386

11.lsass.exe

process file: lsass Or lsass.exe process name: local security level author ityservice Description: lsass.exe is a system process for Microsoft security mechanism, mainly dealing with some special security mechanisms and login strategies.

12.CONIME.EXE

This file is the input method process, please note that the folder where this process is located, the normal process should be in the system32 of windows and System32\\dllcache below. Note that in non-Asian languages, conime.exe is a bfghost 1.0 remote control backdoor that allows an attacker to access your computer and steal passwords and personal data.