PDA

View Full Version : csrss.exe



beginthebegin
2006-09-27, 20:49
If this exe is listed to the following path, could it be a problem? Or, is this commonly found w/ this path?

\??\C:\WINDOWS\system32\csrss.exe

Thanks

tashi
2006-09-27, 22:11
Hello.

An in-forum search on csrss.exe brings up several topics.

This one might be of interest. :)
http://forums.spybot.info/showthread.php?t=4621&highlight=csrss.exe

beginthebegin
2006-09-27, 22:25
Thanks. So by the look of these other posts, this is not an issue, correct?

tashi
2006-09-27, 22:31
It appears not to be, however to be certain we would need to see a log.

If you would like to provide one please let me know and I will give instructions.

Cheers.

beginthebegin
2006-09-28, 00:29
Here's the process log. Thanks Just trying to track down issues where my pc hangs/pauses briefly.


--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-06-21 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2006-02-06 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2006-02-20 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-09-22 Includes\Cookies.sbi
2006-09-22 Includes\Dialer.sbi
2006-09-22 Includes\Hijackers.sbi
2006-09-22 Includes\Keyloggers.sbi
2004-11-29 Includes\LSP.sbi
2006-09-22 Includes\Malware.sbi
2006-09-22 Includes\PUPS.sbi
2006-09-22 Includes\Revision.sbi
2006-09-22 Includes\Security.sbi
2006-09-22 Includes\Spybots.sbi
2005-02-17 Includes\Tracks.uti
2006-09-22 Includes\Trojans.sbi

PID: 0 ( 0) [System]
PID: 432 ( 4) \SystemRoot\System32\smss.exe
PID: 816 ( 432) \??\C:\WINDOWS\system32\csrss.exe
PID: 880 ( 432) \??\C:\WINDOWS\system32\winlogon.exe
PID: 924 ( 880) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 936 ( 880) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 1132 ( 924) C:\WINDOWS\system32\Ati2evxx.exe
size: 364544
MD5: DFEA480EE09BDEB7F51244900170E173
PID: 1144 ( 924) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1232 ( 924) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1372 ( 924) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1592 ( 924) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1604 ( 924) C:\WINDOWS\system32\ngvpnmgr.exe
size: 307265
MD5: 89769C430C162EF3624117CC6571C7E0
PID: 1912 ( 924) C:\WINDOWS\system32\LEXBCES.EXE
size: 303104
MD5: 2B7005BD9E0966CCCF70AE9A5B9D2427
PID: 1940 ( 924) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1976 ( 924) C:\WINDOWS\System32\SCardSvr.exe
size: 95744
MD5: 25D8DE134DF108E3DBC8D7D23B1AA58E
PID: 2012 (1912) C:\WINDOWS\system32\LEXPPS.EXE
size: 174592
MD5: 7A4CC92D2A23D34934C71C61671E3A7C
PID: 576 ( 924) C:\Program Files\Connected\AgentSrv.EXE
size: 168002
MD5: 40D6D01CB7F80E38AD90ECE3F45C0A56
PID: 600 ( 924) C:\WINDOWS\system32\ccmsetup\ccmsetup.exe
size: 267488
MD5: 7432A43A0006716A9656E6C4CE9B532A
PID: 644 ( 924) C:\PROGRA~1\Cerner\CDMPRI~1.EXE
size: 208896
MD5: 1B412648B96EBD55E27495CFAEF08B2C
PID: 684 ( 924) C:\Program Files\iPass\iPassConnect\iPCAgent.exe
size: 90112
MD5: 66A6057A1BA3F02BA6D718537B91C1A4
PID: 704 ( 924) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
size: 322120
MD5: 11F714F85530A2BD134074DC30E99FCA
PID: 732 ( 924) C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
size: 495616
MD5: 684AE7FBF842FF1A36F97F0FDD4221A2
PID: 1072 ( 924) C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
size: 614488
MD5: 75B24694616553D41CBF902418792672
PID: 1400 ( 924) C:\WINDOWS\system32\wdfmgr.exe
size: 38912
MD5: C81B8635DEE0D3EF5F64B3DD643023A5
PID: 1488 ( 924) C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe
size: 248544
MD5: 71F0B274D222C26EE27E142BF001AB56
PID: 1548 ( 924) C:\WINDOWS\system32\CCM\CcmExec.exe
size: 578784
MD5: 258CA873EA70292AF5968B4A1676B550
PID: 1584 ( 924) C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
size: 233552
MD5: D3ECB9CA72594EA54C81FA3E05EC60BD
PID: 400 ( 732) C:\WINDOWS\TEMP\VQE041.EXE
size: 172099
MD5: 3D4A3262F183D37DCC975D933DD732FE
PID: 2128 (1144) C:\WINDOWS\system32\wbem\wmiprvse.exe
size: 218112
MD5: 075EA6C849AB0FE416A3D6DD65C3CF41
PID: 2196 ( 924) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 2704 (1144) C:\WINDOWS\system32\wbem\wmiprvse.exe
size: 218112
MD5: 075EA6C849AB0FE416A3D6DD65C3CF41
PID: 2296 ( 880) C:\WINDOWS\system32\Ati2evxx.exe
size: 364544
MD5: DFEA480EE09BDEB7F51244900170E173
PID: 2480 (2352) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 3380 (2480) C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
size: 90169
MD5: D257C5540E5AB498F92A231BA469EC93
PID: 1204 (2480) C:\Program Files\Apoint\Apoint.exe
size: 155648
MD5: A0B4823C28AD825728550796042C68A4
PID: 3536 (2480) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
PID: 3576 (2480) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
size: 344064
MD5: 663CF5C7280F5253E524D609BE6345E8
PID: 3584 (2480) C:\Program Files\Trend Micro\OfficeScan Client\Pccntmon.exe
size: 356352
MD5: 42D6C7419442F7992FC9338EDFABA7F0
PID: 3592 (2480) C:\Documents and Settings\cp4789\iTunesHelper.exe
size: 278528
MD5: 00D20B701816BDD2CC2445E6C388EF70
PID: 3644 (3612) C:\Program Files\Apoint\Apntex.exe
size: 45056
MD5: 0AA31DE4E40861EAF259D194A58D4317
PID: 3660 ( 924) C:\Program Files\iPod\bin\iPodService.exe
size: 323584
MD5: 4B532AD0D7614F701F2D29355D6321FB
PID: 3740 (2480) C:\Program Files\Cerner\support.exe
size: 860160
MD5: C3A96A75CD1A0F9865AD4CEAC58AC1F7
PID: 3636 (2480) C:\Program Files\Connected\CBSysTray.exe
size: 118851
MD5: 2323F57BDED549BDE762B835970FACE3
PID: 3772 ( 684) C:\Program Files\iPass\iPassConnect\downloader\ipccheck.exe
size: 286720
MD5: 17D360371E685F738CD1533015D5AB00
PID: 1296 (2480) C:\Program Files\Internet Explorer\IEXPLORE.EXE
size: 93184
MD5: E7484514C0464642BE7B4DC2689354C8
PID: 980 (2124) C:\WINDOWS\system32\ngmonitor.exe
size: 99907
MD5: 3D9072A770051898ABFB5C8A6E51BDA4
PID: 612 ( 924) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 2492 (2480) C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
size: 196296
MD5: 4FAE742E47970755BD040622657D6533
PID: 1740 (1144) c:\PROGRA~1\MICROS~2\LIVEME~1\Addins\LMCAPI.exe
size: 775496
MD5: 60C748BC42151091E27367FCE512AFD8
PID: 3336 (1144) C:\WINDOWS\DOWNLO~1\SIEBEL~1.EXE
size: 74000
MD5: 2A6C426F98574F62D5E322077BA5F11A
PID: 2696 (2480) C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
size: 10196752
MD5: 2486349FFCC2E51C2F82773637BE1123
PID: 3404 (2480) C:\WINDOWS\system32\NOTEPAD.EXE
size: 69120
MD5: 388B8FBC36A8558587AFC90FB23A3B99
PID: 3136 (2480) C:\Program Files\Internet Explorer\IEXPLORE.EXE
size: 93184
MD5: E7484514C0464642BE7B4DC2689354C8
PID: 2684 (2480) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System