SpeedUtilities Processes | DLLs | Operating systems | Manufacturers | CPUs | Ports | Services | Log files | Directories | Internet services | Software packages | Viruses | Network adapters | Internet bots
» An ultimate catalog of computer data
Popular: svchost.exe | csrss.exe | spoolsv.exe | mrt.exe | lsass.exe

Forum posts for csrss.exe

is ??c:windows path legitimate

I am going to check loading and memory path of process to find malicious processes. for example if csrss.exe is executaed from other path than windows/system32 would be considered malicious. But the result of volatility for common process such as csrss.exe is as follow:

loading path : ??C:WINDOWSsystem32csrss.exe

mapped path : WINDOWSsystem32csrss.exe

or for sms.exe I have

loading path : SystemRootSystem32smss.exe

mapped path : WINDOWSsystem32smss.exe

So are these two paths equal in these two examples or not ? i.e. is ??C:WINDOWS==WINDOWS
or SystemRootSystem32 == WINDOWSsystem32

View complete forum thread with replies

Other posts related to csrss.exe

See Related Forum Messages: Follow the Links Below to View Complete Thread

Is it possible to get the “Image Path Name” of csrss.exe which is a SYSTEM process?
Hunting down application errors coming from csrss.exe
batch or vbs forced BSOD
Is there a way to inject behavior to csrss.exe and modify/enhance windows console?
make a windows 7 machine crash on BSOD
What does the csrss.exe process do?
is ??c:windows path legitimate

What is the carbon footprint of your coffee?

Is it low? Is it high? Can this things really kill the planet Earth? Maybe the answer will surprise you. Maybe not.
>>> Check it now at GreenOrDie.org
Privacy | Best registry cleaners | SpeedUtilities.com