Investigate Windows Processes

Tuesday, August 3, 2004
By: Matthew Doucette

Ever wonder what all those processes running on your Windows system are for?

Press Ctrl-Alt-Delete to load Windows Task Manager, then click the "Processes" tab to see them.  Some are easy to figure out.  "IEXPLORE.EXE" is Internet Explorer.  "winamp.exe" is Winamp.  Most commonly known processes have an associating application listed under the "Applications" tab.

But, what about the others?


Use LIUtilities

LIUtilities' website is your solution.  It explains most, if not all, of the processes you will ever want to inquire about.  Use Google's site specific search function to search only LIUtilities' site:

Google search...

#1 Google result...

Instantly, you have the information you seek:

winlogon - winlogon.exe - Process Information

Process File: winlogon or winlogon.exe
Process Name: Windows Logon Process
Description: Windows NT logon utility that manages user logons and logoffs. The utility prompts you for the password when you log on and allows you to log off or shut down.
Company: Microsoft Corp.
System Process: Yes
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): No
Common Errors: N/A


Let's try that again with a "bad" process:

Google search...

#1 Google result...

Again, instantly the information you seek is available:

msbb - msbb.exe - Process Information

Process File: msbb or msbb.exe
Process Name: MSBB Web3000 Spyware Application
Description: MSBB Web3000 spyware application that is included with some adware products and is started from the registry when Windows is loaded.
System Process: No
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): Yes
Common Errors: N/ A

(Read our  Uninstall 180 Search Assistant article for more information about msbb.exe.)


Also, you can use the information in my Search MSDN with Google article to create a Google search form site specific to as shown below:


LIUtilities additionally offers this convenient top 5 processes JavaScript for webmasters to add to their websites:


What If LIUtilities Does Not Have My Process?

If LIUtilities does not have the process you are looking for, then simply do a regular Google search on just the process name.  The reason I suggest searching LIUtilities first is because their results are very trustworthy, and other results may or may not be as trustworthly.  If you are ever unsure about a certain website's results, please continue your search and check out multiple websites about the same process until you are comfortable that you have found the proper solution.  If the process you are searching for is a legitimate well-known process, then you will be able to find an explanation for it in Google.

You might also be aware that any virus or spyware can be renamed by their companies to have any process name they want.  Maybe of them rename their horrid processes to the same name as typical processes found on your computer, so that you will not detect and delete them.  You should always be aware of this possibility.

To detect virus and spyware processes that are renamed to the same process name as a regular Windows process, you may have to start paying attention as to when the process starts and stops and compare it with when the Windows process should start and stop.  Other considerations are memory usage and file sizes, if you can find the process file on your hard drive.


Also See:



About the Author: I am Matthew Doucette of Xona Games, an award-winning indie game studio that I founded with my twin brother. We make intensified arcade-style retro games. Our business, our games, our technology, and we as competitive gamers have won prestigious awards and received worldwide press. Our business has won $190,000 in contests. Our games have ranked from #1 in Canada to #1 in Japan, have become #1 best sellers in multiple countries, have won game contests, and have held 3 of the top 5 rated spots in Japan of all Xbox LIVE indie games. Our game engines have been awarded for technical excellence. And we, the developers, have placed #1 in competitive gaming competitions -- relating to the games we make. Read about our story, our awards, our games, and view our blog.