Windows 2000/XP task manager is a very useful tool it can provide us with a lot of information such as the programs (processes) currently running in the system but facing We may be a little confused about the executable file names of those files. We don't know what they do and whether there are suspicious processes (viruses Trojan horses etc.). The purpose of this article is to provide some commonly used process names in Windows 2000 and briefly explain their usefulness.
?? In WINDOWS 2000 the system contains the following default processes:
??Lsass.exe < BR>??Mstask.exe
?? System Idle Process
?? More processes and their briefs are listed below Description
??csrss.exe ??? ?Subsystem server process
??winlogon.exe???Manage user login
??services.exe???Contains many system services
??lsass.exe ????Manage IP security policy And start ISAKMP/Oakley (IKE) and IP security driver.
??svchost.exe??? Windows 2000/XP file protection system
??SPOOLSV.EXE??? Load the file into the memory for later printing. )
??internat.exe???The pinyin icon in the tray area)
??mstask.exe???? Allows the program to run at a specified time .
??regsvc.exe???? allows remote registry operations. (System Service)->remoteregister
??winmgmt.exe ??? Provide system management information (system service).
??tftpd.exe ???? Implement the TFTP Internet standard. The standard does not require user names and passwords.
??dns.exe ????? Respond to Domain Name System (DNS) name queries and update requests.
??tcpsvcs.exe??? Provides the ability to remotely install Windows 2000 Professional on PXE remotely bootable client computers.
??ismserv.exe ??? allows sending and receiving messages between Windows Advanced Server sites.
??ups.exe ????? Manage the uninterruptible power supply (UPS) connected to the computer.
??wins.exe????? provides NetBIOS name service for TCP/IP clients who register and resolve NetBIOS names.
??llssrv.exe???? Certificate Recording Service
??ntfrs.exe ???? Maintains file synchronization of the contents of the file directory among multiple servers.
?? RsSub.exe ???? Controls the media used to store data remotely.
??locator.exe ??? manages the RPC name service database.
??lserver.exe ??? Register the client license.
??dfssvc.exe???? Manage the logical volume distributed in the local area network or wide area network.
??clipsrv.exe ??? supports 'Clipbook Viewer' so that you can view scrapbook pages from a remote scrapbook.
?? msdtc.exe ???? Parallel transactions are distributed in more than two databases message queues file systems or other transaction protection resource managers.
??faxsvc.exe???? Help you send and receive faxes.
?? cisvc.exe ???? Indexing service
??dmadmin.exe? Disk management request system management service.
??mnmsrvc.exe ??? allows authorized users to use NetMeeting to remotely access the Windows desktop.
??netdde.exe???? provides dynamic data exchange (DDE) network transmission and security features.
??smlogsvc.exe??? Configure performance logs and alerts.
??rsvp.exe????? Provides network signal and local communication control installation functions for programs and control applications that rely on Quality of Service (QoS).
?? RsEng.exe ???? Coordinating services and management tools used to store infrequently used data.
?? RsFsa.exe ???? Manage remotely stored file operations.
??grovel.exe???? Scan for duplicate files on the Zero Backup Storage (SIS) volume and point the duplicate files to a data storage point to save disk space (only useful for NTFS file systems).
?? SCardSvr.ex ??? Manage and access the smart card inserted in the computer smart card reader.
??snmp.exe????? contains agents that can monitor the activities of network devices and report to the network console workstation.
??snmptrap.exe??? Receive trap messages generated by local or remote SNMP agents and then pass the messages to the SNMP management program running on this computer.
?? UtilMan.exe ??? Start and configure auxiliary tools from a window.
??msiexec.exe??? Install repair and delete software according to the commands contained in the .MSI file.
?? Summary: The secret to discovering suspicious processes is to look at the list of processes in the task manager. After reading more you can find suspicious processes at a glance just like looking for a stranger among familiar people Same as people.