0
Above mentioned EMLPROXY.EXE (from Quickheal Total Security) suddenly takes up 95% CPU, it is not killable from task manager and Resource Monitor. I get a "Permission denied" error.
I downloaded ProcessHacker (http://processhacker.sourceforge.net/index.php), and while it is able to (partially) terminate the selected process, it leaves behind a System Idle Process (PID 0) which still shows that 95% CPU consumption, however the actual resource usage drops to normal.
I tried to read this, but didn't understand much: https://blogs.technet.microsoft.com/markrussinovich/2005/08/17/unkillable-processes/
What is the reason for such unkillable process? Please help.
Spandan
Posted 2016-03-09T14:16:36.397
Reputation: 125
Possible duplicate of How to terminate System Idle Process?
– DavidPostill – 2016-03-09T14:20:33.027@DavidPostill: No, my problem is not that a system idle entry is present, my problem is that Task Manager and Resource Monitor CANNOT kill a process while some other 3rd party tool, partially can. Why so? – Spandan – 2016-03-09T14:43:02.317
Because they are different programs and so have different capabilities. – DavidPostill – 2016-03-09T14:45:25.580
@DavidPostill: That's interesting. I believe that Task Manager and Resource Monitor being provided by Windows, should have kernel privileges, which a 3rd party tool cannot have. It should only execute in user-level privileges. But my case seems to be the opposite. – Spandan – 2016-03-09T14:56:18.700
User mode programs can have threads that enter kernel mode as the result of a call to a Windows API function, or because of an external event: when a device driver needs to process an interrupt or DPC, the code runs in the context of whichever thread happens to be active at the time. – DavidPostill – 2016-03-09T18:21:44.133