Some of these are no longer used, at least aren't on my PC.. but I found this thread:
http://technet.microsoft.com/en-us/library/bb457123.aspx
On table 29-9 Core System Processes
These should never be under the username that you are using, rather either nothing or Network Service, etc.
Unless: both Explorer.exe and Taskmgr.exe are running with my computer name under User Name
To find the location of it
Some of them don't open, if they don't they are usually safe
Core Process
Process Description
Csrss.exe*
An essential subsystem that is active at all times. Csrss.exe is the user-mode portion of the Windows subsystem, and it maintains console windows and creates or deletes
threads. Csrss stands for client/server run-time subsystem.
Location: C:\Windows\System32
Explorer.exe
An interactive graphical user interface shell. It provides the familiar Windows taskbar and desktop environment.
Location: C:\Windows
Internat.exe
When enabled, a process that displays the EN (English) and other language icons in the system notification area, allowing the user to switch between locales.
Location: C:\Windows\System32
Lsass.exe*
The local security authentication (LSA) subsystem server component generates the process that authenticates users for the Winlogon service. The LSA also responds to
authentication information received from the Graphical Identification and Authentication (GINA) Msgina.dll component. If authentication is successful, Lsass.exe generates the
user’s access token, which starts the initial shell. Other processes that the user initiates inherit this token.
Location: C:\Windows\System32
Mstask.exe*
The task scheduler service. It runs tasks at a time determined by the user.
Location: C:\Windows\System32
Smss.exe*
The Session Manager subsystem, which starts the user session. This process is initiated by the system thread and is responsible for various activities, including starting the
Winlogon.exe and Csrss.exe services and setting system variables.
Location: C:\Windows\System32
Spoolsv.exe*
The spooler service. It manages spooled print and fax jobs.
C:\Windows\System32
Svchost.exe*
A generic process that acts as a host for other processes running from dynamic-link libraries (DLLs). Multiple entries for this process might be present in the Task Manager list.
Location: C:\Windows\System32
Services.exe*
The Service Control Manager can start, stop, and pause system services.
Location: C:\Windows\System32
System*
The system process, which is the process in which most kernel-mode threads run.
System Idle*
A separate instance of this process runs for each processor present, and has the single purpose of accounting for unused processor time.
Taskmgr.exe
The process that runs Task Manager.
Location(S): C:\Windows or C:\Windows\System32
Winlogon.exe*
The process that manages user logon and logoff. Winlogon runs when a user presses CTRL+ALT+DEL to open the logon dialog box.
C:\Windows\System32
Winmgmt.exe*
A core component of client management. This process starts when the first client application connects, or when management applications request its services.
Location: C:\WINDOWS\System32\Wbem
This is basically just because so many people make threads about what is svchost.exe and others pretty often.
Locations provided by neuber.com
I did NOT create this list..
http://technet.microsoft.com/en-us/library/bb457123.aspx
On table 29-9 Core System Processes
These should never be under the username that you are using, rather either nothing or Network Service, etc.
Unless: both Explorer.exe and Taskmgr.exe are running with my computer name under User Name
To find the location of it
Code:
Right click > Open file locationCore Process
Process Description
Csrss.exe*
An essential subsystem that is active at all times. Csrss.exe is the user-mode portion of the Windows subsystem, and it maintains console windows and creates or deletes
threads. Csrss stands for client/server run-time subsystem.
Location: C:\Windows\System32
Explorer.exe
An interactive graphical user interface shell. It provides the familiar Windows taskbar and desktop environment.
Location: C:\Windows
Internat.exe
When enabled, a process that displays the EN (English) and other language icons in the system notification area, allowing the user to switch between locales.
Location: C:\Windows\System32
Lsass.exe*
The local security authentication (LSA) subsystem server component generates the process that authenticates users for the Winlogon service. The LSA also responds to
authentication information received from the Graphical Identification and Authentication (GINA) Msgina.dll component. If authentication is successful, Lsass.exe generates the
user’s access token, which starts the initial shell. Other processes that the user initiates inherit this token.
Location: C:\Windows\System32
Mstask.exe*
The task scheduler service. It runs tasks at a time determined by the user.
Location: C:\Windows\System32
Smss.exe*
The Session Manager subsystem, which starts the user session. This process is initiated by the system thread and is responsible for various activities, including starting the
Winlogon.exe and Csrss.exe services and setting system variables.
Location: C:\Windows\System32
Spoolsv.exe*
The spooler service. It manages spooled print and fax jobs.
C:\Windows\System32
Svchost.exe*
A generic process that acts as a host for other processes running from dynamic-link libraries (DLLs). Multiple entries for this process might be present in the Task Manager list.
Location: C:\Windows\System32
Services.exe*
The Service Control Manager can start, stop, and pause system services.
Location: C:\Windows\System32
System*
The system process, which is the process in which most kernel-mode threads run.
System Idle*
A separate instance of this process runs for each processor present, and has the single purpose of accounting for unused processor time.
Taskmgr.exe
The process that runs Task Manager.
Location(S): C:\Windows or C:\Windows\System32
Winlogon.exe*
The process that manages user logon and logoff. Winlogon runs when a user presses CTRL+ALT+DEL to open the logon dialog box.
C:\Windows\System32
Winmgmt.exe*
A core component of client management. This process starts when the first client application connects, or when management applications request its services.
Location: C:\WINDOWS\System32\Wbem
This is basically just because so many people make threads about what is svchost.exe and others pretty often.
Locations provided by neuber.com
I did NOT create this list..