|
Sorry, we can't really answer questions about this as we are almost as much in the dark as you are but if this
information is helpful to you then just send us an email to say "thanks". Use the information at your own peril
as we make NO GUARANTEES about it and we may be completely WRONG!
If your machine is running slow or doing strange things you may have a active virus or other rogue program running
on your computer. How do you find out? Make sure that your anti-virus software is up to date FIRST! but following these
instructions may help you.
If you hold down the CTRL and the ALT key on your keyboard and at the same time press the DELETE key then you
will start up the Windows Task Manager window. This can show the names of all of the programs which are currently
running on your computer.
The APPLICATIONS tab will show you the programs which are visibly running on your system while the PROCESSES
tab will show you other programs which are running which may not be visible to you. Some of these processes are
required for Windows to actually run and if you END TASK these critical processes then you may cause Windows to
shut down. In general, if it's a Microsoft program, then you probably shouldn't use the END TASK option to terminate
the process. However you MAY be able to terminate other programs in order to stop a crashed or non-responding program
or virus from interfering with the normal running of your computer.
Use the END TASK option at your own peril but here is a list of many processes that we have seen running on our own
(or our customer's) computers and what the purpose of these processes are. You can PROBABLY assume that any processes
that say that they are from MICROSOFT are ok - but this MAY NOT be the case as it is possible to generate a program
and say that it is a Microsoft program when it isn't. The Microsoft programs we have in this list we believe ARE
genuine Microsoft programs/processes.
If a program or process isn't in this list you can find out what it is by locating it on your hard disk in Windows
Explorer and then using the RIGHT mouse button to right-click on it and choose PROPERTIES. The information that is
displayed about the program/process MAY be helpful in deciding whether it is safe or not.
Many of the files/processes can be found in your C:\Windows, C:\Windows\System or C:\Windows\System32 folders.
On some systems you may not have a C:\Windows folder but you may have a C:\WinNT folder instead and if so then look
there instead.
If you can't find the program/process in these folders then you can click on the START menu and then SEARCH and
then FILES OR FOLDERS and then enter the name of that process into the search engine and see if Windows can find
it for you. If you DO see the file in the listing then you can RIGHT-CLICK on the listed file and choose PROPERTIES
and have a look at what it says in there. This may give you a clue as to what the process is for (and it may NOT).
Note that in the list below items in green we believe are genuine Microsoft programs while
items in red we believe to cause problems.
To find out WHERE these processes are loaded and run from ou need to check the following locations....
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run using RegEdit
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run using RegEdit
- C:\Documents and Settings\All Users\Start Menu\Programs\Startup using Windows Explorer
- C:\Documents and Settings\{YourUsername}\Start Menu\Programs\Startup using Windows Explorer
| Possible Windows Processes Running & their Purpose |
|---|
| Process | Name/Purpose of Process | Source |
|---|
| alg.exe | Application Layer Gateway Service | Microsoft |
| apdproxy.exe | Adobe Photoshop Album | Adobe |
| AutoSave.exe | AutoSave - backs up changed files to a networked computer | AutoSave |
| atiptaxx.Exe | ATI Desktop Control Panel (ATI VGA driver) | ATI Technologies |
| ati2evxx.Exe | ATI External Event Utility (ATI VGA Driver) | ATI Technologies |
| beetle.exe | Cyber Beetle Mouse Driver | Samsung |
| cs32desk.exe | CoSession Remote Desktop (Remote Access Support Software) | InSync |
| csrss.exe | Client/Server RunTime Process | Microsoft |
| ctfmon.Exe | Microsoft's stupid text services file: see Removing CTFMON | Microsoft |
| datalayer.Exe | Nokia Mobile Phone Data Module | Nokia |
| dcfssvc.Exe | Kodak Digital Camera Driver | Kodak |
| DirectCD.Exe | Roxio Direct-CD software for CD-RW disks | Roxio |
| explorer.exe | Windows Explorer Shell | Microsoft |
| icqnet.exe | ICQ Messenger Network Monitor | ICQ |
| imgicon.exe | Iomega Zip Drive Icons | Iomega |
| InCD.exe | Nero InCD Rewritable CD Packet Driver | Ahead Nero |
| incmail.exe | IncrediMail Email Client | Incredimail |
| inetinfo.exe | Normally part of MS IIS web server but may also be Trojan.W32.RONTOKBRO | Microsoft |
| iSafe.Exe | Vet Anti-Virus Email Checker | Vet |
| jusched.Exe | Sun's Automatic Java Update Tool | Sun Micro Systems |
| lsass.exe | LSA Shell | Microsoft |
| mailchkr.exe | ? | ? |
| megaedit.Exe | Mega-Edit Text File Editor - similar to Windows Notepad | Mega-Edit |
| mfntctl.exe | Mighty Fax Controller | |
| mhotkey.exe | Keyboard Driver for Chiconey keyboards - safe to remove | Mail Frontier |
| mlfbuddy.exe | Mail Frontier Buddy (Matador Junkmail filter) | Mail Frontier |
| Mlog.exe | Reconnect Network Drives & Printers | GO Software |
| Mozilla.exe | Mozilla Internet Browser | Mozilla.Org |
| msmsgs.exe | Microsoft Messenger | Microsoft |
| MsnMsgr.exe | MSN Messenger | Microsoft |
| MWSOEMON.Exe| My Web Search Email Plugin (Delete it?) C:\Program Files\My Way\... | MyWebSearch.com |
| ncITray.Exe | Nokia Mobile Phone Status Monitor | Nokia |
| NeroCheck.exe | Ahead Nero CD Writing Software | Ahead Nero |
| ntvdm.exe | NTVDM Application | Microsoft |
| olfsnt40.exe | Symantec Fax Starter Edition | Symantec |
| qttask.exe | Apple QuickTime | Apple |
| RealSched.Exe | Realplayer Media player software | RealPlayer |
| Refresh.exe | Iomega Zip Drive Refresh | Iomega |
| save.exe | Linked to WeatherCast - don't need it! | WhenU.Com |
| servic~1.exe | ? | ? |
| ServiceLayer.Exe | Nokia Mobile Phone Service Layer Module | Nokia |
| services.exe | Services & Controller App | Microsoft |
| slserv.Exe | User Level Modem Service (Rockwell Chipset Modem Driver) Netcomm? | Rockwell |
| smss.exe | Windows NT Session Manager | Microsoft |
| soundman.Exe | Advance Sound Effect Manager (audio driver) | Advance Logic Inc |
| spoolsv.exe | Spooler Subsystem App | Microsoft |
| StartNT.exe | Iomega Zip Drive Startup Options | Iomega |
| svchost.exe | Generic Host process for Win32 Services | Microsoft |
| sysint16.Exe | Unknown (Delete it?) | Unknown |
| SynTPLpr.Exe | Synaptics Touchpad (mouse) Driver Help | Synaptics Inc |
| SynTPEnh.Exe | Synaptics Touchpad (mouse) Enhancements | Synaptics Inc |
| System | Windows System Process | Microsoft |
| System Idle Process | Windows Idle Process | Microsoft |
| taskmgr.exe | Windows Task Manager | Microsoft |
| uphclean.Exe | Microsoft's Unreconciled Profile Cleanup Service (Speeds up logoff) | Microsoft |
| VetMsg.Exe | Vet Anti-Virus | Vet |
| VetTray.exe | Vet Anti-Virus System Tray Icon | Vet |
| vsmon.exe | Zone Alarm Firewall | ZoneLabs |
| wb0x2.Exe | This is a pop-up advert and should be killed | Unknown |
| weather.exe | 4 day Weather Forecast Software | WhenU.Com |
| WebShotsTray.Exe | WebShots Desktop Image & Screensaver software | WebShots |
| winampa.Exe | WinAmp Media Player (audio/Video player) | WinAmp |
| WinCinemaMgr.Exe | WinCinema DVD Player Software | |
| winlogon.exe | Windows NT Logon Application | Microsoft |
| wowexec.exe | Windows Win16 Application Launcher | Microsoft |
| WzQkPick.exe | Winzip Quick Pick | Winzip |
| YPager.exe | Yahoo Messenger | Yahoo |
Note that we believe that you should make sure that you have up to date virus protection (we recommend
VET software), Malware/Spyware detection software (we recommend
AD-Aware software) and also Firewall software (we recommend
Zone Alarm software) on your computer if you connect to the internet.
You may find further useful information at
answersthatwork.com/Tasklist_pages/tasklist.htm
|