九乡新闻网远程诊疗系统:操作系统中的重要进程使用到的动态库文件1
来源:百度文库 编辑:九乡新闻网 时间:2024/04/30 00:16:44
smss.exe 704 ntdll.dll Session Manager Subsystem,该进程为会话管理子系统用以初始化系统变量,MS-DOS 驱动名称类似 LPT1 以及 COM,调用 Win32 壳子系统和运行在 Windows 登陆过程。它是一个会话管理子系统,负责启动用户会话。这个进程是通过系统进程初始化的并且对许多活动的,包括已经正在运行的 Winlogon,Win32 (csrss.exe) 线程和设定的系统变量作出反映。在它启动这些进程后,它等待 Winlogon.exe 或者 csrss.exe 结束。如果这些过程时正常的,系统就关掉了。如果发生了什么不可预料的事情,smss.exe 就会让系统停止响应(挂起)。
csrss.exe 764 ntdll.dll, CSRSRV.dll, basesrv.dll, 客户端服务子系统,用以控制Windows图形相关子系统
winsrv.dll, GDI32.dll, KERNEL32.dll,
USER32.dll, LPK.DLL, USP10.dll, msvcrt.dll,
ADVAPI32.dll, RPCRT4.dll, sxs.dll
winlogon.exe 788 ntdll.dll, kernel32.dll, ADVAPI32.dll, 系统登陆程序
RPCRT4.dll, AUTHZ.dll, msvcrt.dll,
CRYPT32.dll, USER32.dll, GDI32.dll,
MSASN1.dll, NDdeApi.dll, PROFMAP.dll,
NETAPI32.dll, USERENV.dll, PSAPI.DLL,
REGAPI.dll, Secur32.dll, SETUPAPI.dll,
VERSION.dll, WINSTA.dll, WINTRUST.dll,
IMAGEHLP.dll, WS2_32.dll, WS2HELP.dll,
IMM32.DLL, LPK.DLL, USP10.dll, MSGINA.dll,
SHELL32.dll, SHLWAPI.dll, COMCTL32.dll,
ODBC32.dll, comdlg32.dll, comctl32.dll,
odbcint.dll, SHSVCS.dll, sfc.dll,
sfc_os.dll, ole32.dll, Apphelp.dll,
msctfime.ime, WINSCARD.DLL, WTSAPI32.dll,
sxs.dll, uxtheme.dll, WINMM.dll, cscdll.dll,
rsaenh.dll, klogon.dll, WlNotify.dll,
WINSPOOL.DRV, MPR.dll, SAMLIB.dll,
msv1_0.dll, iphlpapi.dll, cscui.dll,
xpsp2res.dll, NTMARTA.DLL, WLDAP32.dll,
wdmaud.drv, msacm32.drv, MSACM32.dll,
midimap.dll, COMRes.dll, OLEAUT32.dll,
CLBCATQ.DLL
SERVICES.EXE 832 ntdll.dll, kernel32.dll, msvcrt.dll, services.exe是微软windows操作系统的一部分。用于管理启动和停止服务。该进程也会处理在计算机启动和关机时运行的服务。这个程序对你系统的正常运行是非常重要的。注意:services也可能是w32.randex.r(储存在%systemroot%\system32\目录)和sober.p (储存在%systemroot%\connection wizard\status\目录)木马。该木马允许攻击者访问你的计算机,窃取密码和个人数据
ADVAPI32.dll, RPCRT4.dll, USER32.dll,
GDI32.dll, USERENV.dll, SCESRV.dll,
AUTHZ.dll, umpnpmgr.dll, WINSTA.dll,
NETAPI32.dll, NCObjAPI.DLL, MSVCP60.dll,
ShimEng.dll, AcGenral.DLL, WINMM.dll,
ole32.dll, OLEAUT32.dll, MSACM32.dll,
VERSION.dll, SHELL32.dll, SHLWAPI.dll,
UxTheme.dll, IMM32.DLL, LPK.DLL, USP10.dll,
comctl32.dll, comctl32.dll, secur32.dll,
Apphelp.dll, eventlog.dll, WS2_32.dll,
WS2HELP.dll, PSAPI.DLL, wtsapi32.dll
LSASS.EXE 844 ntdll.dll, kernel32.dll, ADVAPI32.dll, 这个本地安全权限服务控制Windows安全机制。管理 IP 安全策略以及启动 ISAKMP/Oakley (IKE) 和 IP 安全驱动程序等
RPCRT4.dll, LSASRV.dll, MPR.dll, USER32.dll,
GDI32.dll, MSASN1.dll, msvcrt.dll,
NETAPI32.dll, NTDSAPI.dll, DNSAPI.dll,
WS2_32.dll, WS2HELP.dll, WLDAP32.dll,
Secur32.dll, SAMLIB.dll, SAMSRV.dll,
cryptdll.dll, ShimEng.dll, AcGenral.DLL,
WINMM.dll, ole32.dll, OLEAUT32.dll,
MSACM32.dll, VERSION.dll, SHELL32.dll,
SHLWAPI.dll, USERENV.dll, UxTheme.dll,
IMM32.DLL, LPK.DLL, USP10.dll, comctl32.dll,
comctl32.dll, msprivs.dll, kerberos.dll,
msv1_0.dll, iphlpapi.dll, netlogon.dll,
w32time.dll, MSVCP60.dll, schannel.dll,
CRYPT32.dll, wdigest.dll, rsaenh.dll,
scecli.dll, SETUPAPI.dll, ipsecsvc.dll,
AUTHZ.dll, oakley.DLL, WINIPSEC.DLL,
pstorsvc.dll, psbase.dll, mswsock.dll,
hnetcfg.dll, wshtcpip.dll, dssenh.dll
SVCHOST.EXE 988 ntdll.dll, kernel32.dll, ADVAPI32.dll, Service Host Process是一个标准的动态连接库主机处理服务。Svchost.exe对那些从动态连接库(DLL)中运行的服务来说是一个普通的主机进程名。Svhost.exe文件定位在系统的Windows\system32文件夹下。在启动的时候,Svchost.exe检查注册表中的位置来构建需要加载的服务列表。这就会使多个Svchost.exe在同一时间运行。Windows 2000一般有2个Svchost进程,一个是RPCSS(Remote Procedure Call)服务进程,另外一个则是由很多服务共享的一个Svchost.exe;而在 windows XP中,则一般有4个以上的Svchost.exe服务进程;Windows 2003 server中则更多。Svchost.exe 是一个系统的核心进程,并不是病毒进程。但由于Svchost.exe进程的特殊性,所以病毒也会千方百计的入侵Svchost.exe。通过察看 Svchost.exe进程的执行路径可以确认是否中毒。如果你怀疑计算机有可能被病毒感染,Svchost.exe的服务出现异常的话通过搜索 Svchost.exe文件就可以发现异常情况。一般只会在C:\Windows\System32目录下找到一个Svchost.exe程序。如果你在其他目录下发现Svchost.exe程序的话,那很可能就Svchost.exe病毒了 如果是中毒了则可以用svchost.exe专杀工具对svchost.exe病毒进行查杀 可能会出svchost.exe错误
如果svchost.exe 的CPU占100%就要小心了
RPCRT4.dll, ShimEng.dll, AcGenral.DLL,
USER32.dll, GDI32.dll, WINMM.dll, ole32.dll,
msvcrt.dll, OLEAUT32.dll, MSACM32.dll,
VERSION.dll, SHELL32.dll, SHLWAPI.dll,
USERENV.dll, UxTheme.dll, IMM32.DLL,
LPK.DLL, USP10.dll, comctl32.dll,
comctl32.dll, NTMARTA.DLL, WLDAP32.dll,
SAMLIB.dll, rpcss.dll, Secur32.dll,
WS2_32.dll, WS2HELP.dll, xpsp2res.dll,
CLBCATQ.DLL, COMRes.dll, termsrv.dll,
ICAAPI.dll, SETUPAPI.dll, WINTRUST.dll,
CRYPT32.dll, MSASN1.dll, IMAGEHLP.dll,
AUTHZ.dll, mstlsapi.dll, ACTIVEDS.dll,
adsldpc.dll, NETAPI32.dll, ATL.DLL,
REGAPI.dll, rsaenh.dll, Apphelp.dll
spoolsv.exe 1516 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, GDI32.dll, USER32.dll,
msvcrt.dll, ShimEng.dll, AcGenral.DLL,
WINMM.dll, ole32.dll, OLEAUT32.dll,
MSACM32.dll, VERSION.dll, SHELL32.dll,
SHLWAPI.dll, USERENV.dll, UxTheme.dll,
IMM32.DLL, LPK.DLL, USP10.dll, comctl32.dll,
comctl32.dll, SPOOLSS.DLL, WS2_32.dll,
WS2HELP.dll, DNSAPI.dll, rasadhlp.dll,
localspl.dll, Secur32.dll, sfc_os.dll,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
IMAGEHLP.dll, winspool.drv, netapi32.dll,
cnbjmon.dll, pjlmon.dll, tcpmon.dll,
usbmon.dll, mswsock.dll, winrnr.dll,
WLDAP32.dll, win32spl.dll, NETRAP.dll,
NTDSAPI.dll, CLBCATQ.DLL, COMRes.dll,
inetpp.dll, xpsp2res.dll