1. svchost.exe
According to Microsoft: “svchost.exe is a generic host process name for services that run from dynamic-link libraries”.
Some time ago, Microsoft started moving all of the functionality from internal Windows services into .dll files instead of .exe files. From a programming perspective this makes more sense for reusability… but the problem is that you can’t launch a .dll file directly from Windows, it has to be loaded up from a running executable (.exe). Thus the svchost.exe process was born.
If you’ve ever taken a look at the Services section in control panel you might notice that there are a Lot of services required by Windows. If every single service ran under a single svchost.exe instance, a failure in one might bring down all of Windows… so they are separated out.
Those services are organized into logical groups, and then a single svchost.exe instance is created for each group. For instance, one svchost.exe instance runs the 3 services related to the firewall. Another svchost.exe instance might run all the services related to the user interface, and so on.
For those who want more on this click here
2. jusched.exe
If you’ve looked in Task Manager and wondered what on earth the jusched.exe process is and if you can turn it off, then you are in luck. This process is the Java Update scheduler, which is a process that wastes memory all the time just to check once a month whether there are new updates to Java.
For those who want more on this click here
3. dwm.exe
Desktop Window Manager (dwm.exe) is the compositing window manager that gives you all those pretty effects in Windows Vista: Transparent windows, live taskbar thumbnails (that you can resize now), and even the Flip3D switcher that you can disable and replace with Switcher.
For those who want more on this click here
4. ctfmon.exe
Ctfmon is the Microsoft process that controls Alternative User Input and the Office Language bar. It’s how you can control the computer via speech or a pen tablet, or using the onscreen keyboard inputs for asian languages. If you are using any of the above, you should leave it enabled. For everybody else, we’ll get to the job of disabling this annoying service.
For those who want more on this click here
5. wmpnscfg.exe and wmpnetwk.exe
Windows Media Player 11 can share media between different computers on the same network, and can even share media with the XBox 360 as well. For this to work, there’s a network sharing service that shares the library even if Media Player isn’t open. It’s really a great system if you use it.
Both of these processes are part of the Windows Media Player Sharing system, so if you use those features you should not disable it.
For those who want more on this click here
6. mDNSResponder.exe / Bonjour
The mDNSResponder.exe process belongs to the Bonjour for Windows service, which is Apple’s “Zero Configuration Networking” application, typically installed automatically by iTunes. If you’ve ever wondered how one iTunes install can talk to another on the same local network, Bonjour is what actually does this behind the scenes.
Bonjour is also bundled in a whole bunch of other software, like Pidgin, Skype, and Safari, and used to connect clients together on the same network.
It’s implemented as a Windows Service, which you can see if you head into the services panel (or just type services.msc into the start menu search box). You can stop it from here anytime.
For those who want more on this click here
7. dpupdchk.exe
This process is some type of automatic update checker from Microsoft IntelliPoint.
if you delete the dpupdchk.exe file, every single time you open the mouse panel you will get horrible errors. so let it run.
For those who want more on this click here
8.Adobe_Updater.exe
This process is used to update Adobe software, just like the name implies. You should really think twice before removing this process or disabling it. The vast majority of websites use Adobe Flash, and PDF has become a standard document format.
For those who want more on this click here
9. SearchIndexer.exe
SearchIndexer.exe is the Windows service that handles indexing of your files for Windows Search, which fuels the file search engine built into Windows that powers everything from the Start Menu search box to Windows Explorer, and even the Libraries feature.
For those who want more on this click here
10. rundll32.exe
The rundll32.exe application is simply used to launch functionality stored in shared .dll files. This executable is a valid part of Windows, and normally shouldn’t be a threat.
Note: the valid process is normally located at \Windows\System32\rundll32.exe, but sometimes spyware uses the same filename and runs from a different directory in order to disguise itself. If you think you have a problem, you should always run a scan to be sure.
For those who want more on this click here
11. wfcrun32.exe
wfcrun32.exe is a process that belongs to the Citrix Program Neighborhood Connection Center, usually used in a corporate environment for remote access to client/server applications.
This process is not a threat, and should not be removed or deleted, as long as it's installed in the normal location.
The process is usually installed in the C:\Program Files\Citrix\icaweb32 directory, but depending on your installation it could be located in a different place. This process is created by Citrix.
For those who want more on this click here
12. ipoint.exe
ipoint.exe is a process that belongs to Microsoft IntelliPoint, a software usually used if you have a Microsoft brand mouse to provide enhancements to the way the mouse works.
This process is the core executable for IntelliPoint. It is not a threat, and should not necessarily be removed or deleted, as long as it's installed in the normal location.
The process is usually installed in the C:\Program Files\Microsoft IntelliPoint directory, but depending on your installation it could be located in a different place.
This process is created by Microsoft
For those who want more on this click here
13. itype.exe
itype.exe is a process that belongs to Microsoft IntelliType, a software usually used if you have a Microsoft brand keyboard to provide enhancements to the way the keyboard works, and to enable the functionality of the media buttons on the keyboard.
Process Manufacturer is Microsoft
For those who want more on this click here
14. WLIDSVC.EXE and WLIDSVCM.EXE
These two processes work together to form the Windows Live Sign-In Assistant service, which helps you stay logged into Windows Live. The WLIDSVC.EXE is the actual Windows Service, and the WLIDSVCM.EXE is the “Service Monitor”.
This service provides a number of benefits, including easier sign-in for multiple accounts when using Windows Live (screenshot from Microsoft’s site).
It’s also absolutely required if you’re using Windows Live Messenger. In fact, if you disable the services, you’ll get the error message “Signing in to Windows Live Messenger Beta failed because the service is temporarily unavailable. Please try again later. Error code 800706ba”.
For those who want more on this click here
15. wfica32.exe
The wfica32.exe is a process that belongs to the Citrix ICA client, usually used in a corporate environment for remote access to server applications.
This process is not a threat, and should not be removed or deleted, as long as it's installed in the normal location.
The process is usually installed in the C:\Program Files\Citrix\icaweb32 directory, but depending on your installation it could be located in a different place.
This process is created by Citrix
For those who want more on this click here
16. mobsync.exe
mobsync.exe is a process that belongs to Microsoft Sync Center, a software usually used if you have a Windows Mobile phone with ActiveSync, a SQL Server installation, or if you have set Internet Explorer to synchronize pages for offline viewing.
This process is the core executable for Microsoft Sync Center. This process is not a threat, and should not be deleted.
The process is usually installed in the \Windows\System32 directory. If the process is running from a different location, you need to run a virus scanner because some viruses disguise themselves as legitimate processes.
This process is created by Microsoft.
For those who want more on this click here
17. conhost.exe
The conhost.exe process fixes a fundamental problem in the way previous versions of Windows handled console windows, which broke drag & drop in Vista.
It’s a completely legitimate executable—as long as it’s running from the system32 folder, and is signed by Microsoft. Scanning your computer for viruses is never a bad idea, though.
For those who want more on this click here.
No comments:
Post a Comment