PRocesses: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9
Dlls: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0 1 2 3 4 5 6 7 8 9
Popular: svchost.exe | csrss.exe | rthdcpl.exe | spoolsv.exe | mrt.exe | lsass.exe | Home | Manufacturers | Top 1000


Is there a way to inject behavior to csrss.exe and modify/enhance windows console?

I'm aware of Console2 and similar solutions, but I would really like to enhance every console window in my system. Any ideas?

View Complete Forum Thread with Replies

Related posts for csrss.exe

See Related Forum Messages: Follow the Links Below to View Complete Thread

Is it possible to get the “Image Path Name” of csrss.exe which is a SYSTEM process?
Hunting down application errors coming from csrss.exe
batch or vbs forced BSOD
Is there a way to inject behavior to csrss.exe and modify/enhance windows console?
make a windows 7 machine crash on BSOD
What does the csrss.exe process do?
is ??c:windows path legitimate

csrss.exe: Is it possible to get the “Image Path Name” of csrss.exe which is a SYSTEM process?

The windows system process (in Windows 7 for this example) 'csrss.exe' runs as a SYSTEM process and when I go to get (programmatically, of course) the process list with pid, command line, and image path name I get no values for command line or image path name because Windows won't let you grab that information for a SYSTEM process (I believe).

Is there a way I can grab image path name from a SYSTEM process? Does Windows actually prevent you from doing this? Is there a workaround?


csrss.exe: Hunting down application errors coming from csrss.exe

I'm the maintainer of a legacy Delphi application. On machines running this program an Application Error appears sometimes with the caption referring to this Delphi app and a message like the following:

The instruction at '...' referenced memory at '...'. The memory could not be 'read'.

Click on OK to terminate the program.

Task Manager says the process belonging to this message box is csrss.exe. What would be a systematic way to find the root cause of this e

csrss.exe: batch or vbs forced BSOD

Is there a way is batch or vbs to force the blue screen of death to appear, or a forced crash. This can happen from stopping the process 'csrss.exe' but it wont close via simple batch or vbs script. How can this be done?

csrss.exe: Is there a way to inject behavior to csrss.exe and modify/enhance windows console?

I'm aware of Console2 and similar solutions, but I would really like to enhance every console window in my system. Any ideas?

csrss.exe: make a windows 7 machine crash on BSOD

I'm trying to write a windows debug utility and I would need to automatically crash a Windows machine and make a Blue Screen Of Death appear.

I can obviously kill the csrss.exe process from the task manager, but the command TASKKILL /F /IM csrss.exe in a .bat file doesn't work.

Is there another way to make a Windows machine crash on bsod? Maybe some external library able to kill any process.

I would prefer to use a command line approach since I'm more familiar with it.

csrss.exe: What does the csrss.exe process do?

What is the purpose of the csrss.exe (Client/Server Runtime Server Subsystem) on Windows?

Maybe someone could give a good explanation or pointers to documentation? Unfortunately Google results are pretty noisy when searching a core process of Windows.

The reason I'm asking is that I got a BSOD from my service application which seems to be related to the csrss.exe process, at least this is what the analysis of the memory dump shows:



csrss.exe: is ??c:windows path legitimate

I am going to check loading and memory path of process to find malicious processes. for example if csrss.exe is executaed from other path than windows/system32 would be considered malicious. But the result of volatility for common process such as csrss.exe is as follow:

loading path : ??C:WINDOWSsystem32csrss.exe

mapped path : WINDOWSsystem32csrss.exe

or for sms.exe I have

loading path : SystemRootSystem32smss.exe

mapped path : WINDOWSsystem32smss.

wmiprvse.exe: Why is a WPF TextBox sending wmiprvse.exe out of control?

I have been working on an application, and was trying to figure out why my CPU usage was hitting 80-100%.

I narrowed it down to the TextBox controls in my WPF page. It turns out that if I put focus on them it would start hammering the wmiprvse.exe process. This sent my overall CPU usage up to 100%.

I then created a test WPF application to see whether it may have been underlying code, or whether it is just the TextBox that is the culprit. Turns out, IT IS!

My test form only o

winlogon.exe: obtain session id and process id for winlogon.exe

I'm trying to create a process that starts up an application that requires a UI. So it can't be in session 0.
My idea was to obtain the process id of winlogon.exe of the current logged on user. In this way I could duplicate the winlogon token and run my application using the CreateProcessAsUser function.
my code so far:(this is being called when the application i want run is required)

#include <windows.h>
#include <tlhelp32.h>
#include <tchar.h>


savservice.exe: How to log output to file

powershell newb here. I am having some difficulty trying log my output to a file. I have tried two tactics, both of which do not work for me. The first is using the Start/Stop-Transcript cmdlet. This works great in testing on my local machine, but doesn't seem to work at all in a script that I deploy to workstations.

$path1 = Test-Path ($env:ProgramFiles + 'SophosSophos Anti-VirusSavService.exe')
$path2 = Test-Path (${env:ProgramFiles(x86)} + 'SophosSophos Anti-VirusSavService.exe')

rundll32.exe: C# DLL loaded for exe-application is not found when launching similar DLL by rundll32.exe

I have built a C++/CLI DLL that is a wrapper for some .NET C# DLL. As a sample application I have built a simple project for exe-application based on WindowsForms GUI. It works fine with my C++/CLI library and the mentioned .NET C# DLL. But if I build another C++ DLL, which substitutes this sample exe-application, it doesn't succeed to load the .NET C# DLL, although it is located in the current Windows path. The following exception is occurred when trying to call some function from this C# code:

-system process-: Why is processing a sorted array faster than an unsorted array?

Here is a piece of C++ code that seems very peculiar. For some strange reason, sorting the data miraculously makes the code almost six times faster:

#include <algorithm>
#include <ctime>
#include <iostream>

int main()
// Generate data
const unsigned arraySize = 32768;
int data[arraySize];

for (unsigned c = 0; c < arraySize; ++c)
data[c] = std::rand() % 256;

// !!! With this, the next loop runs fas

dllhost.exe: generating dmp files from an inproc com dll running in dllhost.exe

I am writing an inproc com dll that runs in the dllhost.exe surrogate, but I see an issue debugging it.

in exe's that I've written, I have a top level exception handler that creates a .dmp file i can load in windbg and then crashes, and I'm unsure of how to do this from dllhost. Is there another way to generate stack dumps from dllhost.exe on a crash? i've seen this page (, but it seems to involve the component services program. Is there some registr

windows.exe: What does 'ml' stand for in 'netbeans-7.0-ml-windows.exe'?

I have just downloaded Netbeans 7 and wondered what 'ml' stands for in 'netbeans-7.0-ml-windows.exe'?

regedit.exe: .abc branch in regedit.exe

I wanted to change icon on .exe format file, and I found some same answers about that.
After that I discovered one problem. in my Registry editor, there are not any .abc branch (folder), nor in HKEY_CURRENT_USER, neither HKEY_CLASSES_ROOT. In my computer .abc branch doesn't exist. What can I do?

taskmgr.exe: Is it possible to add functionality to Vista/7 taskmgr.exe?

I was wondering if anyone knew whether taskmgr.exe in Windows Vista/7 was extend-able via a plugin system.

I found this, but this is limited to XP,2k3 and he specifically states he didn't know about vista's and seven's.

logonui.exe: LogonUI.exe process doesn't terminate after switching user

I am developing a Credential Provider (CP) that shows a dialog at logon or unlock screen of Windows Vista/7. That dialog terminates whenever the destructor of my Credential Provider is invoked. For basic scenarios like unlock or logon, that dialog is closed properly; however, I got into trouble with this scenario:

Lock computer: this will show my dialog
Click 'Other Credentials'
Click 'Switch User'

After step 3, a new dialog is created (a new logonUI process creates m

This web site and all information written here is for information purposes only, WITHOUT ANY VARANTY. YOU ARE USING THIS PAGES ON YOU OWN RISK. You should always verify the accuracy of information provided on this page. We pay a big attention to provide you with the correct information. However, many spyware and malware programs use filenames of usual, non-malware processes and DLLs. If we have included information about csrss.exe that is inaccurate, we would appreciate your help by getting us know about your user review. Also, web links to software and DLL vendors are provided just for your conform, and we cannot guarantee its accuracy nor relevance with DLL or process listed on this page. We are not affiliated with this pages. We are not responsible for misprints on this site or changes occured since this page was published. The product, software and operating system names mentioned on this web site, can be copyrighted and registered trademarks of their owners.