Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: what processes are considered by task manager to be critical

01 Jan 2015   #1
Keyes

Windows 7 Home Premium 64 bit
 
 
what processes are considered by task manager to be critical

I.e, the ones that give you the system will shutdown immediately warning if you try to end them.

These are the only ones that give me the warning.

Csrss.exe
smss.exe
wininit.exe

I would have thought lsass.exe or winlogon.exe would give these warnings. Why is it that they dont recieve warnings? Is there a complete list of processes that are considered critical like this?


My System SpecsSystem Spec
.
01 Jan 2015   #2
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 
List of critical processes

Well I don't know the full list but here's some to get you started.

Two screenshots - the first with critical processes hidden and the second one with critical processes shown.

No critical processes in this screenshot:
what processes are considered by task manager to be critical-uvk-critical-hidden.jpg
The processes that are not highlighted in the screenshot below are critical - at least according to UVK:
what processes are considered by task manager to be critical-uvk-critical-shown.jpg


My System SpecsSystem Spec
01 Jan 2015   #3
Keyes

Windows 7 Home Premium 64 bit
 
 

Well I am going by task managers list, the ones that bring up the warning. Is it just the 3 i mentioned or should others like lsass do it as well?
My System SpecsSystem Spec
.

01 Jan 2015   #4
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 
Critical Processes

Quote   Quote: Originally Posted by Keyes View Post
Well I am going by task managers list, the ones that bring up the warning. Is it just the 3 i mentioned or should others like lsass do it as well?
Sorry but I don't use task manager to kill proccesses so I never see the warning that you mention. I might use it to close an application though. I tend to use UVK or Process Hacker instead and sometimes Process Explorer.

According to UVK lsass.exe is critical. I see that I missed that one in my earlier screenshot so on that basis you should manually compare the two screenshots - which is what I did but missed one process at least!

Note   Note
Edit: I didn't miss it. I'm just getting slightly confused.


I did some digging. Acording to this article the following applies:

Windows 7 Startup

Quote from the article

Critical processes that must keep running:

Windows has many critical processes that cause Windows to crash if they fail. That is unless Windows has booted in debugging mode in which case the debugger will appear:
System process for the Kernel (NTOSKrnl.exe) !
The Session Manager Sub-System (SMSS.exe) !
Client Server Runtime Sub-System (CSRSS.exe) !
Windows Logon (WinLogon.exe) !
Windows Init (WinInit.exe) !
Windows Logon User Interface Host (LogonUI.exe) for RDP only !
Local Security Authority Process (lsass.exe) !
Service Control Manager (Services.exe) !
Service Host (svchost.exe) with RPCSS or Dcom/PnP !
Desktop Window Manager (DWM.exe) !
plus other optional processes such as performance monitoring ! or Internet Information Server (ISS) !
My System SpecsSystem Spec
01 Jan 2015   #5
Pyprohly

Windows 10, Windows 8.1 Pro, Windows 7 Professional, OS X El Capitan
 
 

Just tried killing wininit with:
Code:
taskkill /im wininit.exe /f
first BSOD ever .

Now I'm curious to uncover more of these so called 'critical' processes that are protected by task manager (and CMD (exception: the above command)). I couldn't find such a list online... but that does not mean we can't make one...

Callender, I was able to kill each one of those so called critical system processes you've indicated, no probs. -- so we can mark those ones off the list for sure.


A batch file could be utilized to find critical processes; loop through the tasklist, attempt to kill each task and see wheather it was sucessful in doing so.

Might be dangerous. Should I try?
My System SpecsSystem Spec
01 Jan 2015   #6
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 
Wininit?

Quote   Quote: Originally Posted by Pyprohly View Post
Just tried killing wininit with:
Code:
taskkill /im wininit.exe /f
first BSOD ever .

Callender, I was able to kill each one of those so called critical system processes you've indicated, no probs. -- so we can mark those ones off the list for sure.

Might be dangerous. Should I try?
wininit.exe was shown as critical in my second screenshot (not highlighted)

svchost.exe is listed I suppose because it's not safe to kill it without checking which processes are running under each instance.

Personally I wouldn't try anything without a backup - I always have several.

Edit - again!

Just to be clear I've compared what UVK shows in both screenshots and the results show that UVK hides the following processes that it sees as critical:

csrss.exe
lsass.exe
lsm.exe
services.exe
smss.exe
svchost.exe - doesn't apply to every instance
wininit.exe
winlogon.exe
My System SpecsSystem Spec
01 Jan 2015   #7
Pyprohly

Windows 10, Windows 8.1 Pro, Windows 7 Professional, OS X El Capitan
 
 

Sorry. My previous post did not account for the one above it; didn't see your second reply there .

Imma try killing some of these critical processes and see what happens.
My System SpecsSystem Spec
01 Jan 2015   #8
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

Quote   Quote: Originally Posted by Pyprohly View Post
Sorry. My previous post did not account for the one above it; didn't see your second reply there .

Imma try killing some of these critical processes and see what happens.
Let us know how you get on. I'll check to see what you've found tomorrow.
My System SpecsSystem Spec
01 Jan 2015   #9
Pyprohly

Windows 10, Windows 8.1 Pro, Windows 7 Professional, OS X El Capitan
 
 

Quote   Quote: Originally Posted by Callender View Post
Quote   Quote: Originally Posted by Pyprohly View Post
Sorry. My previous post did not account for the one above it; didn't see your second reply there .

Imma try killing some of these critical processes and see what happens.
Let us know how you get on. I'll check to see what you've found tomorrow.
I'll have to make a backup first. I'll continue to test tomorrow and post back results later in the week, my holiday schedule is packed and I'm losing daylight today. Time sure flies in NY.
My System SpecsSystem Spec
02 Jan 2015   #10
LMiller7

Windows 7 Pro 64 bit
 
 

In Windows 2000 Task Manager recognized a number of processes as critical and would refuse to kill them. That served to protect the processes but had a serious problem. The problem was that the critical nature was based only on the process name. If a malicious process used such a name it could not be killed by Task manager. Not good. There is no 100% reliable way to distinguish a critical process from a malicious one. Any attempted method could potentially be exploited by a malicious process to defend itself. Later systems dropped this feature.

It appears that the feature is back, but this time only as a warning. The user can disregard the warning and kill the process if the account has sufficient rights. If the process is critical the user must accept the consequences, usually a forced reboot.

The "SYSTEM" and "System Idle Process" are very special processes and cannot be killed under any circumstances. A good case can be made that they are not real processes at all. Novices sometimes attempt to kill the System Idle Process under the mistaken belief it has excessive CPU usage.

Some processes belonging to AV software cannot normally be killed. Some malicious software will attempt to kill known AV processes so they need to use advanced methods to defend themselves.
My System SpecsSystem Spec
Reply

 what processes are considered by task manager to be critical




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Task Manager not showing relevant processes.
When I start the task manager to end a process it comes up with a bunch of processes and I can't find the one (like MS word for example) that I wish to end. Any help is much appreciated. Thanks
General Discussion
Unwanted task manager processes
hi guys, I checked my task manager, I have like 12 svchost.exe running and one of them is hogging memory. They exist since I format my harddrive last week so I don't think infections have anything to do with them. Anyways I still run a full scan with avg and no suspicious result return. I...
Performance & Maintenance
How do I copy my running processes in task manager
I have tons of processes currently running in my task manager, some are duplicates or more. How do I make a copy of everything that is currently running?
Performance & Maintenance
Task Manager not killing processes!!
I don't know what it is but this has been an ongoing problem for me with win7 x64 when I shut down an application or one crashes the program seems to close but is still running in task manager. For instance firefox does this all the time the current release and priors, I'll close it and then reopen...
General Discussion
task manager processes
after some extensive scans with Prevx & Microsoft security essentials They've come back with the all clear. However after some virus troubles, there are some processes left I'm rather suspicious of. I've done checks on them with free online scanners but I'm still left unsure. processes...
System Security
why does task manager show more processes with uac off?
if i turn uac off i see much more processes in taskmanager compared to the off setting . but i still use the same account. is there a way to see "all" processes in taskmanager even if uac is on? what is this whole thing about and where can i find more info about this topic? thanks alot...
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 19:58.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App