The winlogon.exe process is a critical part of the Windows operating system. This process is always running in the background on Windows, and it’s responsible for some important system functions.
winlogon.exe进程是Windows操作系统的关键部分。 此过程始终在Windows的后台运行,它负责一些重要的系统功能。
This article is part of our ongoing series explaining various processes found in Task Manager, like svchost.exe, dwm.exe, ctfmon.exe, mDNSResponder.exe, rundll32.exe, Adobe_Updater.exe, and many others. Don’t know what those services are? Better start reading!
本文是我们正在进行的系列文章的一部分,解释了在任务管理器中找到的各种过程,例如svchost.exe , dwm.exe , ctfmon.exe , mDNSResponder.exe , rundll32.exe , Adobe_Updater.exe以及许多其他过程 。 不知道这些服务是什么? 最好开始阅读!
什么是Windows登录应用程序? (What Is Windows Logon Application?)
The winlogon.exe process is a very important part of the Windows operating system, and Windows will be unusable without it.
winlogon.exe进程是Windows操作系统中非常重要的一部分,如果没有Windows,Windows将无法使用。
This process performs a variety of critical tasks related to the Windows sign-in process. For example, when you sign in, the winlogon.exe process is responsible for loading your user profile into the registry. This allows programs to use the keys under HKEY_CURRENT_USER, which are different for each Windows user account.
此过程执行与Windows登录过程相关的各种关键任务。 例如,登录时,winlogon.exe进程负责将用户配置文件加载到注册表中 。 这允许程序使用HKEY_CURRENT_USER下的键,每个Windows用户帐户的键都不同。
Winlogon.exe has special hooks into the system and watches to see if you press Ctrl+Alt+Delete. This is known as the “secure attention sequence”, and it’s why some PCs may be configured to require you to press Ctrl+Alt+Delete before you sign in. This combination of keyboard shortcuts is always caught by winlogon.exe, which ensures you’re signing in on a secure desktop where other programs can’t monitor the password you’re typing or impersonate a sign-in dialog.
Winlogon.exe具有进入系统的特殊挂钩,并监视是否按Ctrl + Alt + Delete。 这就是所谓的“安全注意顺序”,这就是为什么某些PC可能配置为要求您在登录之前按Ctrl + Alt + Delete 。键盘快捷键的组合始终被winlogon.exe捕获,从而确保了您在安全的桌面上登录,其他程序无法监控您输入的密码或无法模拟登录对话框。
The Windows Logon Application also monitors you keyboard and mouse activity and is responsible for locking your PC and starting screen savers after a period of inactivity.
Windows登录应用程序还监视您的键盘和鼠标活动,并在一段时间不活动后负责锁定PC并启动屏幕保护程序 。
In summary, Winlogon is a critical part of the login process and needs to remain running in the background. Microsoft also provides a more detailed, technical list of Winlogon’s responsibilities, if you’re interested.
总之,Winlogon是登录过程的关键部分,需要保持在后台运行。 如果您有兴趣,Microsoft还提供了Winlogon职责的更详细的技术清单。
我可以禁用它吗? (Can I Disable It?)
You can’t disable this process. It’s a crucial part of Windows and must be running at all times. There’s no reason to disable it, anyway, as it just uses a tiny amount of resources in the background to perform critical system functions.
您无法禁用此过程。 它是Windows的关键部分,必须始终运行。 无论如何,没有理由禁用它,因为它仅在后台使用少量资源来执行关键的系统功能。
If you try to end the process from the Task Manager, you’ll see a message saying that ending the process “will cause Windows to become unusable or shut down”. If you bypass this message, your screen will go black and your PC won’t even respond to Ctrl+Alt+Delete. The winlogon.exe process is responsible for handling Ctrl+Alt+Delete, so there’s no recovering your session once you’ve stopped it. You’ll need to restart your PC to continue.
如果您尝试从任务管理器中结束该过程,则会看到一条消息,指出结束该过程“将导致Windows无法使用或关闭”。 如果绕过此消息,则屏幕将变黑,并且PC甚至不会响应Ctrl + Alt + Delete。 winlogon.exe进程负责处理Ctrl + Alt + Delete,因此一旦停止会话就无法恢复。 您需要重新启动PC才能继续。
Windows will always launch this process when you start your PC. If Windows can’t launch winlogon.exe, csrss.exe, or other critical user system processes, your PC will blue screen with error code 0xC000021A.
当您启动PC时,Windows将始终启动此过程。 如果Windows无法启动winlogon.exe, csrss.exe或其他关键用户系统进程,则您的PC将蓝屏 ,错误代码为0xC000021A 。
可能是病毒吗? (Could It Be a Virus?)
It’s normal for the winlogon.exe process to always be running on your system. The real winlogon.exe file is located in the C:\Windows\System32 directory on your system. To verify the real Windows Logon Application is running, right-click it in Task Manager and select “Open file location”.
winlogon.exe进程始终在系统上运行是正常的。 真正的winlogon.exe文件位于系统上的C:\ Windows \ System32目录中。 要验证真实的Windows登录应用程序正在运行,请在任务管理器中右键单击它,然后选择“打开文件位置”。
The file manager should open to the C:\Windows\System32 directory containing the winlogon.exe file.
文件管理器应打开包含winlogon.exe文件的C:\ Windows \ System32目录。
If someone told you that the winlogon.exe file located in C:\Windows\System32 is malicious, that’s a hoax. This is a legitimate file and removing it will damage your Windows installation.
如果有人告诉您C:\ Windows \ System32中的winlogon.exe文件是恶意的,那就是个骗局。 这是合法文件,将其删除会损坏Windows安装。
Tech support scammers have pointed to winlogon.exe and other critical system processes and said “If you see this running on your PC, you have malware”. Every PC has the Windows Logon Application running and that’s just normal. Don’t fall for their scams!
技术支持诈骗者已指出winlogon.exe和其他关键系统进程,并说:“如果在PC上运行此程序,则表明您有恶意软件”。 每台PC都运行Windows登录应用程序,这很正常。 不要为他们的骗局而堕落!
On the other hand, if you see the winlogon.exe file located in any other directory, you have a problem. A virus or other type of malware may be camouflaging itself as this process in an attempt to hide in the background. High CPU or memory use from winlogon.exe is another warning sign, as this process shouldn’t use much CPU or memory in normal situations.
另一方面,如果您看到任何其他目录中的winlogon.exe文件,则说明有问题。 在试图隐藏在后台的过程中,病毒或其他类型的恶意软件可能会伪装自己。 来自winlogon.exe的大量CPU或内存使用是另一个警告信号,因为在正常情况下此过程不应占用过多的CPU或内存。
If you see the winlogon.exe file in another directory or if you’re just concerned malware may be running on your PC, you should run a full system scan with your preferred antivirus software. Your security software will remove any malware it finds.
如果您在另一个目录中看到winlogon.exe文件,或者只是担心PC上可能正在运行恶意软件,则应使用首选的防病毒软件运行完整的系统扫描。 您的安全软件将删除找到的所有恶意软件。
2736
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
