PRocesses: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9
Dlls: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9
Popular: svchost.exe | csrss.exe | rthdcpl.exe | spoolsv.exe | mrt.exe | lsass.exe | Home | Manufacturers | Top 1000


batch or vbs forced BSOD

Is there a way is batch or vbs to force the blue screen of death to appear, or a forced crash. This can happen from stopping the process 'csrss.exe' but it wont close via simple batch or vbs script. How can this be done?

View Complete Forum Thread with Replies

Related posts for csrss.exe

See Related Forum Messages: Follow the Links Below to View Complete Thread

Is it possible to get the “Image Path Name” of csrss.exe which is a SYSTEM process?
Hunting down application errors coming from csrss.exe
batch or vbs forced BSOD
Is there a way to inject behavior to csrss.exe and modify/enhance windows console?
make a windows 7 machine crash on BSOD
What does the csrss.exe process do?
is ??c:windows path legitimate

csrss.exe: Is it possible to get the “Image Path Name” of csrss.exe which is a SYSTEM process?

The windows system process (in Windows 7 for this example) 'csrss.exe' runs as a SYSTEM process and when I go to get (programmatically, of course) the process list with pid, command line, and image path name I get no values for command line or image path name because Windows won't let you grab that information for a SYSTEM process (I believe).

Is there a way I can grab image path name from a SYSTEM process? Does Windows actually prevent you from doing this? Is there a workaround?


csrss.exe: Hunting down application errors coming from csrss.exe

I'm the maintainer of a legacy Delphi application. On machines running this program an Application Error appears sometimes with the caption referring to this Delphi app and a message like the following:

The instruction at '...' referenced memory at '...'. The memory could not be 'read'.

Click on OK to terminate the program.

Task Manager says the process belonging to this message box is csrss.exe. What would be a systematic way to find the root cause of this e

csrss.exe: batch or vbs forced BSOD

Is there a way is batch or vbs to force the blue screen of death to appear, or a forced crash. This can happen from stopping the process 'csrss.exe' but it wont close via simple batch or vbs script. How can this be done?

csrss.exe: Is there a way to inject behavior to csrss.exe and modify/enhance windows console?

I'm aware of Console2 and similar solutions, but I would really like to enhance every console window in my system. Any ideas?

csrss.exe: make a windows 7 machine crash on BSOD

I'm trying to write a windows debug utility and I would need to automatically crash a Windows machine and make a Blue Screen Of Death appear.

I can obviously kill the csrss.exe process from the task manager, but the command TASKKILL /F /IM csrss.exe in a .bat file doesn't work.

Is there another way to make a Windows machine crash on bsod? Maybe some external library able to kill any process.

I would prefer to use a command line approach since I'm more familiar with it.

csrss.exe: What does the csrss.exe process do?

What is the purpose of the csrss.exe (Client/Server Runtime Server Subsystem) on Windows?

Maybe someone could give a good explanation or pointers to documentation? Unfortunately Google results are pretty noisy when searching a core process of Windows.

The reason I'm asking is that I got a BSOD from my service application which seems to be related to the csrss.exe process, at least this is what the analysis of the memory dump shows:



csrss.exe: is ??c:windows path legitimate

I am going to check loading and memory path of process to find malicious processes. for example if csrss.exe is executaed from other path than windows/system32 would be considered malicious. But the result of volatility for common process such as csrss.exe is as follow:

loading path : ??C:WINDOWSsystem32csrss.exe

mapped path : WINDOWSsystem32csrss.exe

or for sms.exe I have

loading path : SystemRootSystem32smss.exe

mapped path : WINDOWSsystem32smss.

smss.exe: how to compile to reduce memory /STACK doesn't seem to change anything?

I create a lot of simple programs, which don't need any memory, but they always show around 1MB-1.6MB memory in the private memory column in task manager.

I read that the default stack size is 1MB for linking with link.exe, i tried playing with /STACK like this :

/STACK:65536 (64kb)
/STACK:16777216 (16mb)

when i run the program, the memory hasn't changed at all..

Even a simple program like this, using 1.6MB compiled as 64bit with link.exe and no libs (simple.

w3wp.exe: Multiple Inststances of w3wp.exe

I don't understand why there are two ASP.NET processes in Task Manager when I only have one website and one application pool. Why are there two processes running? I have Googled this and looked on MSDN but cannot find an answer.

I am trying to debug a memory leak in an application. I understand the concept of threading and multiple threads living in a process, but I do not understand why there are multiple processes.

I am specifically asking what scenarios can cause more than one

srvany.exe: Windows srvany.exe and service STOP

I've read the many answers online on how to use SRVANY.exe to create a Windows service out of anything. My service is a batch file that sets up the environment (i need to set env vars and map drives) and then spawns my c++ app. But when i do a NET STOP, the srvany.exe process goes away, and my c++ app stays alive. Is there any way to have it killed when it receives the stop command? I'd need to be able to bounce it in case of any config file changes.

The reason i picked cmd shell is t

perfmon.exe: Perfmon.exe not showing values for Network Interface via powershell

I've been trying to make powershell make a csv file with certain information in Windows 7's perfmon.exe

Most of it works, but it seems to ignore 3 counters.

The script looks like the following:

$date = (Get-Date).ToShortDateString()
$gc = ('Network Interface(`*)Current Bandwith',
'Network Interface(`*)Packets Recieved/sec',
'Network Interface(`*)Packets

msiexec.exe: msiexec.exe intermittently fails to uninstall

msiexec.exe fails to uninstall intermittently.
This behaviour is seen only when msiexec.exe silent uninstall is triggered.

I see the below errors in uninstall log during the failed uninstall. But the error logs are not helpful.

=== Verbose logging started: 9/24/2014 10:45:39 Build type: SHIP UNICODE 5.00.9600.00 Calling process: C:windowsSysWOW64msiexec.exe ===
MSI (c) (2C:50) [10:45:39:478]: Resetting cached policy values
MSI (c) (2C:50) [10:45:39:478]: Machine policy

utility.exe: VBScript to Un-install windows application

I tried to uninstall the windows application exe which is already installed in my system using VBScript. But was not able to Uninstall the exe. Please help me on this. Thanks in advance.

I tried with following code:

Dim oReg, oShell, oFSO
Dim UninstallString, ProductCode
Dim strComputer, colItems, objWMIService, objItem
Dim strKeyPath, subkey, arrSubKeys
strComputer = '.'

'Enter Product Code Of The Application Here That You

kernel32.dll: status failed for LdrLoadDll

I'am trying to work-out the LdrLoadDll function and am having no luck with that..i also googled for some examples there is no much documentation or correct example about this.I know what it exactly does..Please check the code below.

//declaration function pointer for LdrLoadDll
typedef NTSTATUS (_stdcall*fp_LdrLoadDll)(
OUT PHANDLE ModuleHandle );

//calling LdrLoadDll using

iexplore.exe: Batch file to terminate all instances of IExplore.exe

Sometimes IE freezes up and I have to open the Task Manager, right click the process and choose End Process to get it to really close.

If I have a lot open, I have to find the right one to end. I want a batch file command I can run to just terminate them all.

I tried using taskkill as described here, but that does not terminate a frozen IE like the 'End Process' button does.

svchost.exe: Can I use svchost.exe to host my own services?

I can't find documentation for how to do it, which makes me think I'm not supposed to do it.

services.exe: CeSetUserNotificationEx with named event and CNT_TIME fails under services.exe

I have a service application, a simple dll running under services.exe. I can attach the VS debugger to services.exe, activate the service application dll and then single step it in the debugger without any problem.

Now, I try to use CeSetUserNotificationEx to be notified at a certain time in the future. I use the CNT_TIME trigger type with the named event naming scheme. When doing this under services.exe, the event is never signaled by the notification subsystem when the time occurs.

This web site and all information written here is for information purposes only, WITHOUT ANY VARANTY. YOU ARE USING THIS PAGES ON YOU OWN RISK. You should always verify the accuracy of information provided on this page. We pay a big attention to provide you with the correct information. However, many spyware and malware programs use filenames of usual, non-malware processes and DLLs. If we have included information about csrss.exe that is inaccurate, we would appreciate your help by getting us know about your user review. Also, web links to software and DLL vendors are provided just for your conform, and we cannot guarantee its accuracy nor relevance with DLL or process listed on this page. We are not affiliated with this pages. We are not responsible for misprints on this site or changes occured since this page was published. The product, software and operating system names mentioned on this web site, can be copyrighted and registered trademarks of their owners.