Writen by Meryl K. Evans
You use Ctrl+Alt+Del to see what's running on your PC, to close crashed programs and processes, and to check performance. You probably avoid a few processes whose names mean nothing to you, but they're essential to Windows. svchost.exe sure likes to appear all the time and multiple times at that. What's taskmgr.exe? Oh yeah, it's the window you're looking at right now. ctfmon? Is he related to Pokemon? navapsvc.exe? Navy? Napa Valley? Navel? NOTA (none of the above).
This is not a comprehensive list as that would take days. It has the standard processes as well as process names from popular applications. If you want to know about a process, the best place to go is ProcessLibrary.com. Just like adware and spyware, there are bad processes that come to life thanks to the bad guys like Trojans and viruses. The site has a list of the top five security threats, so watch out for those processes.
Also, beware the bad guys like to use legitimate names of processes. For example, rundll.exe is a system process that should not be terminated. However, recent reports have stated, "It can also be the LOXOSCAM virus depending on Operating System and file path; this is always a virus on Windows XP and 2000 operating systems however."
You can download software that provide more information about the process. Task Manager, as you know, says nothing except the name of the process and how much CPU it's using. One example is Process Explorer, a standalone application that also has the option of replacing the built in Task Manager for windows. It shows you information about which handles and DLLs processes have opened or loaded. http://www.sysinternals.com/ntw2k/freeware/procexp.shtml
Acrobat Assistant that is used when printing documents to a PDF. The process should not be removed while converting documents to PDF.
Active Disk Service is a component of the Iomega zip drive.
Also for the Iomega zip drive.
Associated with Symantec's Internet Security Suite. Keep it and protect your PC.
Also associated with Symantec's Internet Security Suite. Keep it and protect your PC.
System process that is the main executable for the Microsoft Client / Server Runtim Server Subsystem. It should not be shut down.
Non-essential system process. If you're using only English as the language, then it is not needed. However, it's recommended to leave it alone.
This must always be running in the background. It's a user interface process that runs the windows graphical shell for the desktop, task bar, and Start menu.
Internet Explorer browser. But why are you using it unless it's for a site that doesn't work in any other browser? Use Firefox instead.
Local Security Authority Service is a Windows security-related system process for handling local security and login policies.
Navapsvc.exe, nvsrvc32.exe, and navapw32.exe
These are Symantec's North AnvtiVirus processes. They or whatever virus program you use should run all the time.
RealNetworks Scheduler is not an essential process. It checks for updates for RealNetworks products. It can be safely disabled.
A system process that executes DLLs and loads their libraries.
Nortons AntiVirus process. Keep it.
An essential process that manages the starting and stopping of services including the those in boot up and shut down. Do not terminate it.
Session Manager SubSystem is a system process that is a central part of the Windows operating system. If you try to kill it, it will be difficult hence, the importance of leaving it be.
Microsoft printer spooler service handles local printer processes. It's a system file.
svchost.exe x 6
You may have more than six appearances of this process or less. It's there multiple times to handle processes executed from DLLs. Leave it there.
This is a file that stores information related to local hardware settings in the registry under 'HKEY_LOCAL_MACHINE'. Kill it and kiss your PC's stability bye bye.
System Idele Process
Calculates the amount of CPU currently in use by applications. This won't go away no matter how hard you try. Don't try it, OK?
Appears when you press Ctrl+Alt+Del.
Windows Driver Foundation Manager is part of Windows media player 10 and newer. Better not to stop the process.
Handles the login and logout processes. It's essential.
The great Carnac says, "You're running Microsoft Word."
Don't panic if you see something you have on the "bad guy" list. svchost.exe is important, but some are good guys and some are bad guys. Do your research before deleting anything. For instance, I have admin.exe, which has been reported as a bad guy. However, it is the admin process for one of my programs. When I closed the program, admin.exe also went away.
Meryl K. Evans, Content Maven, is Editor-in-Chief of eNewsletter Journal and The Remediator Security Digest. She's a slave to a MarketingProfs weekly column and a Web design reference guide at InformIT. She is the author of the popular e-report, How to Start a Business Blog and Build Traffic. Visit her site at http://www.meryl.net/blog/ for free newsletters, articles, and tips.