Hello and yes I am back 😆 I was trying to invent something cool.
At one point or another, a windows user has to access the task manager. Most times, we do it when our computers are running slow and we want to kill those background processes/services that are eating up resources.
Last week, I was tracking some very evasive malware on my brother’s computer. I had to do it manually on the task manager and the registry. I realized that most people have no idea about the stuff that runs our machines.
Background processes are computer processes that run behind the scenes without user intervention. On a Windows system, background processes are programs that don’t create a user interface or windows service.
Processes are started via start menu while Windows services are started by Service Control Manager.
Windows Services have no limit to the amount of system resources they can take up.
You can view Windows services by hitting Win + R and typing services.msc in the Run dialog box. You will get a list of all the services on your machine.
You can also (as I said earlier) view some of the services in the taskbar.
Most of them have very weird names and it is hard to know what they do. However, Some of them are pretty important and should never be stopped when you’re trying to reduce usage.
An example of the services/processes you might run into:
o Svchost.exe or servicehost is a system process that hosts multiple Windows Services. It is essential in the implementation of shared service processes, where a number of services can share a process in order to reduce resource consumption.
o Most processes we know run as stand-alone executables. There are however some services which are implemented by DLLs. svchost loads these DLLs and runs them itself.
o You will notice that there are always many instances of svchost running
o Crss stands for Client/Server Run-time Subsystem. It is essential and must be running all the time.
o Crss is responsible for console windows, creating and deleting threads and implementing some portions of the virtual MS-DOS environment.
o Sppsvc.exe is a Microsoft Software Protection Platform Service also referred to as sppsvc. which is also referred to as sppsvc.
o It is aimed at piracy prevention and software tampering protection, which helps to initiate licensing easier.
Services and processes are very important to the operating system. My advice is to always check what a process or services does before stopping or disabling it.
Also published on Medium.