What are some of these processes?

[ulillillia]

Is there a way to identify what certain processes are? Looking at my Windows Task Manager, I'm wondering what a few of these are and what they're for. Here's a screenshot showing my setup:

These are the ones I don't know (listed from top to bottom, unknowns flagged in bold, partially known or a question flagged in italics):

1. gimp-2.2 - GIMP, known.
2. firefox.exe - Firefox, known.
3. ekrn.exe - NOD32 (my antivirus program), known.
4. plugin-container.exe - total unknown. What is this?
5. explorer.exe - Windows Explorer, known.
6. spoolsv.exe - total unknown. What is this?
7. VCExpress - Visual C++ 2008 Express, known.
8. explorer.exe - Windows Explorer, known. Why is there a second instance of this?
9. svchost.exe - unknown, some Windows-related thing.
10. csrss.exe - unknown, some Windows-related thing.
11. lsass.exe - unknown, some Windows-related thing.
12. Platform Masters.exe - my project, known.
13. winamp.exe - Winamp, known.
14. System - somewhat known but what exactly is it?
15. rundll32.exe - slightly known, some Windows-related thing that has to do with DLL files as far as I'm aware, and for 32-bit mode.
16. winlogon.exe - somewhat known, some Windows-related thing that has to do with users and logging in.
17. svchost.exe - unknown, a second instance, why?
18. excel.exe - Excel, known.
19. egui.exe - somewhat known, not sure what this is, though likely NOD32-related.
20. wordpad.exe - Wordpad, known.
21. mspdbsrv.exe - total unknown. What is this?
22. svchost.exe - unknown, a third instance of this...
23. TimeMgmtDaemon.exe - total unknown. What is this?
24. AlarmClock.exe - total unknown. What is this?
25. script-fu.exe - a component of GIMP, known.
26. taskmgr.exe - Windows Task Manager, known.
27. svchost.exe - unknown, a fourth instance of this...
28. services.exe - slightly known. I'm guessing this has something to do with various services, from the "services" tab in msconfig.
29. Core Temp.exe - Core Temp, known.
30. svchost.exe - unknown, a fifth instance of this...
31. svchost.exe - unknown, a sixth instance of this...
32. svchost.exe - unknown, a seventh instance of this.... Man, why so many instances!?
33. alg.exe - total unknown. What is this?
34. svchost.exe - unknown, an eighth instance of this.... My goodness there are so many instances of this!
35. notepad.exe - Notepad, known.
36. calc.exe - Calculator, known.
37. smss.exe - unknown, some Windows-related thing.
38. System Idle Process - the process of idling (CPU usage that isn't being used), known.

Why are there 8 instances of svchost.exe and 2 of explorer.exe? I'd have expected one instance as I have Windows Explorer open in my rather cluttered task bar, but a second? What are some of those others, especially the unknowns and total unknowns (a total unknown is where I'm left to random chance to guess what it is, having no clues whatsoever).

 

[Saga Lout]

There's nothing malicious in there and you've already accounted for most of the entries. The main thing is the system idle process ir running at 99% so nothing else is using much in the way of resources.

To find out what SVCHost or Service Hosts are based on, open a Command Prompt and type tasklist /svc then hit Enter. To split up the combined hosts to see which utilities are in them, type
SC CONFIG {name] TYPE= OWN
and that will stretch your list by quite a few. To clarify, if you have an entry SVCHOST that starts with BITS, type SC CONFIG BITS TYPE= OWN and hit Enter and you should see a Success message. That Service now lives in a world of its own.

The syntax is not case sensitive - I show them here in capitals for the benefit of my own eyesight. 😀

 

[Saga Lout]

"spoolsv.exe - total unknown. What is this?"

I am not sure but this is supposed to be the Microsoft Spool service, don't know what this service does exactly - but if this service is disabled via services.msc , the system cannot print.

As you say, it is Microsoft's Print Spooling Service and it's best left turned to Automatic so it's always there when needed. It deals with print queues and other essential functions.

 

[ulillillia]

I doubted that I had any viruses. I've actually never had any since 2000 or 2001, which is when I began actively using computers (before that, it was video game consoles that I was actively involved with).

I leave every process alone. I may occasionally change the priorities of some things, to slightly speed long-lasting tasks up (such as encoding a 4-hour-long video). The only time I ever use "end task" is if that program crashes, common with my own project if I forget to set some parameter(s) or have a typo where I get infinite loops (where the condition never goes false). Sometimes, programs also crash or stop responding, the only other case I use "end task". Beyond this, I otherwise leave everything alone. I was just wondering what some of these processes I have are, especially those marked as "total unknown" or "unknown". Thanks for the answers so far, though there's still a few other unknowns left.

 

[ulillillia]

"24. AlarmClock.exe - total unknown. What is this?"

This process isn't a Microsoft Windows component. And it's not a process which belongs to popular softwares. This is something specific - as per this website, this process belongs to Gigabyte's (famous for it's motherboards) Smart TimeClock. This might have come pre-installed, cannot say anything for sure.

"mspdbsrv.exe - total unknown. What is this?"

As per this website That's a part of Microsoft Visual Studio - which unfortunately keeps running even if you close Visual Studio.

"TimeMgmtDaemon.exe - total unknown. What is this?"

Don't know what exactly is this but somewhat related to GigaByte Smart TimeClock.

--------------------------------------------
All the things you say Windows-related are critical components, not something to worry about.

That site answered pretty much everything. Details are limited on that TimeMgmtDaemon.exe process though. Thanks for pointing me to that. I've even added that site to my bookmarks.

 

[ulillillia]

Best answer selected by ulillillia.