Tuesday, 5 March 2019

kernel - Killing wininit.exe shuts down Windows


When I kill wininit.exe, Windows 7 suddenly shuts down. Can someone explain this using Windows mechanics?


I feel like this might because the process provides something important, or this might be a security feature.



Answer



From Windows Internals, Part 1


Windows Initialization Process (Wininit.exe)



  • Marks itself critical so that if it exits prematurely and the system is booted in debugging mode it will break into the debugger (if not, the system will crash).

  • Initalizes the user-mode scheduling infrastructure.

  • Creates the %windir%\temp folder

  • Creates a window station (Winsta0) and two desktops (Winlogon and Default) for processes to run in session 0.

  • Creates Services.exe (Service Control Manager or SCM).

  • Starts Lsass.exe (Local Security Authentication Subsystem Server).

  • Starts Lsm.exe (Local Session Manager).

  • Waits forever for system shutdown.


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

How can I VLOOKUP in multiple Excel documents?

I am trying to VLOOKUP reference data with around 400 seperate Excel files. Is it possible to do this in a quick way rather than doing it m...