Life, the Universe and Everything
WinXP Core Processes
I just learned that you CAN kill all those rts and miscellaneous processes in Windows without crashing the machine! :D By process of elimination, actually. Here is a list of Core Processes which Windows MUST have to function, everything else is fair game. :)
Table 28.13 Core System Processes
Core Process
Process Description
Csrss.exe 1
An essential subsystem that is active at all times. Csrss.exe is the user-mode portion of the Windows subsystem and it maintains console windows and creates or deletes threads. Csrss stands for client/server run-time subsystem.
Explorer.exe
An interactive graphical user interface shell. It provides the familiar Windows taskbar and desktop environment.
Internat.exe
When enabled, a process that displays the EN (English) and other language icons in the system notification area, allowing the user to switch between locales.
Lsass.exe 1
The local security authentication (LSA) subsystem server component generates the process that authenticates users for the Winlogon service. The LSA also responds to authentication information received from the Graphical Identification and Authentication (GINA) Msgina.dll component. If authentication is successful, Lsass.exe generates the user's access token, which starts the initial shell. Other processes that the user initiates inherit this token.
Mstask.exe 1
The task scheduler service. It runs tasks at a time determined by the user.
Smss.exe 1
The Session Manager subsystem, which starts the user session. This process is initiated by the system thread and is responsible for various activities, including starting the Winlogon.exe and Csrss.exe services and setting system variables.
Spoolsv.exe 1
The spooler service. It manages spooled print and fax jobs.
Svchost.exe 1
A generic process that acts as a host for other processes running from dynamic-link libraries (DLLs). Multiple entries for this process might be present in the Task Manager list. For more information about Svchost.exe, see article 250320, "Description Of Svchost.exe," in the Microsoft Knowledge Base. To find this article, see the Microsoft Knowledge Base link on the Web Resources page at http://www.microsoft.com/windows/reskits/webresources.
Services.exe 1
The Service Control Manager can start, stop, and pause system services.
System 1
The system process, which is the process in which most kernel-mode threads run.
System Idle 1
A separate instance of this process runs for each processor present, and has the single purpose of accounting for unused processor time.
Taskmgr.exe
The process that runs Task Manager.
Winlogon.exe 1
The process that manages user logon and logoff. Winlogon runs when a user presses CTRL+ALT+DEL to open the logon dialog box.
Winmgmt.exe 1
A core component of client management. This process starts when the first client application connects, or when management applications request its services.
1 You cannot use Task Manager to end this process.
Here's where I found this info:
http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/Default.asp?url=/resources/documentation/Windows/XP/all/reskit/en-us/prmc_str_elqj.asp
I also discovered a new way to End Task! This may be old news, but it's the first time I have run across it. Anyway, Check it out:
Task Kill (Tskill.exe) is a command-line tool used to end one or more processes. You can end processes by using a command-line parameter to Tskill.exe that specifies the process identifier (PID) or any part of the process name, such as the title of the application's main window. You can obtain a list of process names and IDs by using a related tool, Task List (Tasklist.exe).
Use Task Kill for troubleshooting when you suspect that faulty services or applications that stop responding or consume excessive system resources might be adversely affecting the performance of your system. Symptoms typically include sluggish performance, slow screen updates, delayed response to network requests, or slow response to keyboard and mouse input.
Here's the full article:
http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/Default.asp?url=/resources/documentation/Windows/XP/all/reskit/en-us/prmb_tol_wqsv.asp
Table 28.13 Core System Processes
Core Process
Process Description
Csrss.exe 1
An essential subsystem that is active at all times. Csrss.exe is the user-mode portion of the Windows subsystem and it maintains console windows and creates or deletes threads. Csrss stands for client/server run-time subsystem.
Explorer.exe
An interactive graphical user interface shell. It provides the familiar Windows taskbar and desktop environment.
Internat.exe
When enabled, a process that displays the EN (English) and other language icons in the system notification area, allowing the user to switch between locales.
Lsass.exe 1
The local security authentication (LSA) subsystem server component generates the process that authenticates users for the Winlogon service. The LSA also responds to authentication information received from the Graphical Identification and Authentication (GINA) Msgina.dll component. If authentication is successful, Lsass.exe generates the user's access token, which starts the initial shell. Other processes that the user initiates inherit this token.
Mstask.exe 1
The task scheduler service. It runs tasks at a time determined by the user.
Smss.exe 1
The Session Manager subsystem, which starts the user session. This process is initiated by the system thread and is responsible for various activities, including starting the Winlogon.exe and Csrss.exe services and setting system variables.
Spoolsv.exe 1
The spooler service. It manages spooled print and fax jobs.
Svchost.exe 1
A generic process that acts as a host for other processes running from dynamic-link libraries (DLLs). Multiple entries for this process might be present in the Task Manager list. For more information about Svchost.exe, see article 250320, "Description Of Svchost.exe," in the Microsoft Knowledge Base. To find this article, see the Microsoft Knowledge Base link on the Web Resources page at http://www.microsoft.com/windows/reskits/webresources.
Services.exe 1
The Service Control Manager can start, stop, and pause system services.
System 1
The system process, which is the process in which most kernel-mode threads run.
System Idle 1
A separate instance of this process runs for each processor present, and has the single purpose of accounting for unused processor time.
Taskmgr.exe
The process that runs Task Manager.
Winlogon.exe 1
The process that manages user logon and logoff. Winlogon runs when a user presses CTRL+ALT+DEL to open the logon dialog box.
Winmgmt.exe 1
A core component of client management. This process starts when the first client application connects, or when management applications request its services.
1 You cannot use Task Manager to end this process.
Here's where I found this info:
http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/Default.asp?url=/resources/documentation/Windows/XP/all/reskit/en-us/prmc_str_elqj.asp
I also discovered a new way to End Task! This may be old news, but it's the first time I have run across it. Anyway, Check it out:
Task Kill (Tskill.exe) is a command-line tool used to end one or more processes. You can end processes by using a command-line parameter to Tskill.exe that specifies the process identifier (PID) or any part of the process name, such as the title of the application's main window. You can obtain a list of process names and IDs by using a related tool, Task List (Tasklist.exe).
Use Task Kill for troubleshooting when you suspect that faulty services or applications that stop responding or consume excessive system resources might be adversely affecting the performance of your system. Symptoms typically include sluggish performance, slow screen updates, delayed response to network requests, or slow response to keyboard and mouse input.
Here's the full article:
http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/Default.asp?url=/resources/documentation/Windows/XP/all/reskit/en-us/prmb_tol_wqsv.asp
posted by - T at 09:04
There are 0 comments
