Black Viper
Black Viper
Oct 222007
 

Important Information

  • Before E-Mailing me, see if your question has been addressed in the FAQ!
  • All of the following services are “Strange” with Windows Vista. If you discover one of these Services or processes running, they were installed by another program.
  • At the bottom of the page, I have listed some processes that are not really “Services,” but applications running in the background when looking at Task Manager. I will try to identify “why” these particular applications are now running on your system…

Table Header Information

  • Display Name ~ Is how it is displayed in the Services Control Panel.
  • Service Name ~ Is what the service is called.
  • Process Name ~ Name of Process running in the background (displayed in Task Manager).
  • Dependencies ~ What this service needs to run.
  • Need it? ~ From what I have concluded by trial and error and also the services that I have found pointless…Your computer probably will be slightly different, so use this as what it was intended for, a guide.
  • DEFAULT ~ How the program supplier thinks it should be running.
  • “SAFE” Configuration ~ This is the configuration that 95% of the people will be able to use with little side effects. It will also minimizes the amount of “errors” that is reported in the Event Viewer. This does not guarantee it will work for you, but if you are scared, this configuration should be a good starting point for you as a test.

Black Viper’s Windows Vista Strange Services Configurations

Display Name Service Name Process Name Dependencies Need it? How did it get there? DEFAULT “SAFE”
##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## Bonjour Service mDNSResponder.exe TCP/IP Protocol Driver No. This service is installed iTunes, Safari and Adobe CS3 suite. I believe it has something to do with sharing files, however, since I do not use iTunes, nor do I share files using CS3 suite or Safari, this service can be safely disabled. It has been reported to me that TiVo Desktop uses this for PC connections. In this case, it is best left on Automatic. Automatic Disabled
APC UPS Service APC UPS Service mainserv.exe None Yes. This service is installed with APC’s PowerChute Personal Edition. It places a tray icon (apcsystray.exe) in the lower right to monitor UPS status as well as perform shutdown duties when the battery becomes low. I advise you to keep this service in Automatic. It uses between 4MB and 8MB of RAM as well as the tray icon using 8MB. Automatic Automatic

These are not really “Services,” but are applications or processes running at different times

Most may be disabled using “msconfig.”

csrss.exe: This is “Client Server Runtime Process” is part of the core of Windows. You cannot kill it and I am not sure why you would even want to. It is a process that sucks up about 2 MB to 30 MB or so, but I do not support making it go away. Usually, if it is “difficult” to get rid of, it is needed. You may have one or two of these processes running.

CTHELPER.EXE: This is installed with the SoundBlaster drivers. It takes about 2 MB to 8 MB of RAM.

explorer.exe: This is NOT related to Internet Explorer. There will ALWAYS be an explorer.exe running in the background. It is the user interface process/desktop/shell, etc. This is one of the many ways how Bill got away with “integrating” IE with Windows… If you load up “Windows Explorer” to rummage through files, you will see an additional explorer.exe in the background. This will fluctuate depending on what you have (fonts, background pics, active desktop) going at any given time. Usage of between 9 MB and 50 MB RAM is typical.

firefox.exe: This is the Mozilla.org Firefox browser executable. It uses between 17 MB and ??? MB of memory, depending on usage patterns.

“Generic Host Process for Win32 Services”: This is what ZoneAlarm complains about while connected to the internet. “SVCHOST.EXE” is “Generic Service Host.” What that means is it is a “host” for other processes or services. Check on This Page to see “all” of the services that use SVCHOST.EXE as a front for something else.

If your internet connection seems to “no longer work,” it is due to you disallowing various “required” functions to no longer access the internet. A big one is “DNS Lookups.” If you do not allow this to get through, you will no longer be able to type in “blackviper.com” but you will always be able to type in the IP address of the systems. The internet connection is still working, but you are blocking a “vital” part of the process for surfing web pages.

Idle: This is a generic process that is used when no other program or process is requiring CPU resources. It is not a bad thing if it is using 99% of your CPU! This process is a 16 k loop that the CPU processes while it is not doing “anything” else. If you computer is called upon to do any other task than nothing, the idle process allows that to happen and the % used will decrease accordingly. You can not disable the idle process. If it is using 97% CPU, which only means that the other 3% is used by real programs. If your idle process is constantly at a low rate (for example, 3%) something else, an application or process is using the CPU.

iexplore.exe: This is the IE6/7/8 browser. Pops up only when you want to suck up 7.3 MB to ?? MB of memory to surf the web. I say ?? MB because every time you open an additional browser, you also start another one of these processes.

smss.exe: Dubbed “Windows NT Session Manager.” Another process (see csrss.exe above) that is part of the core of Windows. It is a process that uses about 500k to 2 MB. You cannot kill this process manually and I do not recommend trying other ways to get rid of it. Usually, if it is “difficult” to get rid of, it is needed.

svchost.exe: A generic process that is “Service Host” for other processes. Yes, this is actually a service, but I am placing it here because I have no where else to put it. You may have 2 to 15 copies running in task manager
(system, network, user, and ?). If you use my tweaking tips here, you can rid yourself of a couple of them.

System IDLE Process: This is a generic process that is used when no other program or process is requiring CPU resources. It is not a bad thing if it is using 99% of your CPU! This process is a 16 k loop that the CPU processes while it is not doing “anything” else. If you computer is called upon to do any other task than nothing, the idle process allows that to happen and the % used will decrease accordingly. You can not disable the idle process. If it is using 97% CPU, which only means that the other 3% is used by real programs. If your idle process is constantly at a low rate (for example, 3%) something else, an application or process is using the CPU.

taskmgr.exe: If you are looking at the processes running, this is the application that you are using to do it. “Windows Task Manager” is the full name. It uses about 2 MB to 10 MB of RAM, so take that into account when you are
tweaking your system.

winlogon.exe: This takes care of login and logoff tasks. Really, you cannot get rid of this process. It is required as long as you are “logged in.” I have seen this process fluctuate between 2 MB to 5 MB on a system that has been up for only an hour and 2 MB and 16 MB on a system that has been up for 40+ days.

WMPSideShowGadget.exe: This process enables Windows Media Player information to be displayed on a SideShow capable device. Unfortunately, if you have a keyboard, such as the Logitech G15, this gadget installs itself and constantly runs in the background, using about 15MB to 18MB of RAM, even though WMP is not running. You can stop this process by going to Control Panel -> Hardware and Sound -> Windows SideShow -> uncheck all the boxes next to the Windows Media Player gadgets, but leave “Notify me when new gadgets are installed” checked.