Wednesday, August 10

Info - conhost.exe

  • The conhost.exe is a Console Window Host.
  • The conhost.exe process fixes a fundamental problem in the way previous versions of Windows handled console windows, which broke drag & drop in Vista.

  • Conhost.exe is a process under Windows Vista and Windows  7 that handles the functioning of the cmd command with respect to the security protocols. Now with the advent of Windows Vista introduced in the market there were many significant changes made to the core Microsoft engine. 
  • Conhost.exe is one of such changes and it led to many alternate performances such as inappropriate drag and drop function to the Command prompt.
  • While it was first introduced under Vista so as to manage the security aspect of the console window, it led to some bugs and errors in the long run. But with every loophole being surfaced, Microsoft quickly decided to run this process under csrss.exe under Windows Seven. 
  • Now if you watch with process explorer you will find this process running under Csrss.exe whereas under Vista it was an independent process.

conhost.exe IN TASK MANAGER
  • Open TASK MANAGER. Type in RUN "TASKMGR". Goto "Processes Tab" & Search for "csrss.exe".

  • Click on "Show Processes from all Users". This is Because, conhost.exe runs Under csrss.exe.

  • Now in the Next Screen You can find "conhost.exe".
  • conhost.exe is usually located in the %SYSTEM% folder and its usual size is 270,848 bytes.

  • If there are multiple instances of this process running under task manager, Do not panic as this is totally natural. This generally happens when the console host is unable to handle a particular request and it just tries again and again generating multiple instances. 
  • To overcome it just open the task manager, right click the conhost.exe process and select end process tree.

  • Essentially, there’s a problem with the way the console process works on previous versions of Windows—they are all hosted under the csrss.exe (Client Server Runtime Process) service. This process runs as a system-privileged account.
  • If you take a look at the command prompt on Windows XP, you’ll probably notice that the window doesn’t use the active theme at all. This is because the CSRSS process doesn’t have the ability to be themed.

  • If you take a look at the console in Windows Vista, it looks like it uses the same theme as everything else, but you’ll notice that the scrollbars are still using the old style (look closely). This is because the DWM (Desktop Window Manager) process handles drawing the title bars, but underneath it still works the same way, and the scrollbars are part of the window itself.
  • You might also notice that Windows Vista broke the ability to drag and drop files from Explorer straight into the command prompt. It just flat out doesn’t work, because of security issues between the CSRSS process running with a higher level of privileges.

  • Under Windows 7 the conhost.exe process is running underneath the csrss.exe process.
  • The conhost.exe process sitting in the middle between CSRSS and cmd.exe allows Windows 7 to fix both of the problems in previous versions of Windows not only do the scrollbars draw correctly, but you can actually drag and drop a file from Explorer straight into the command prompt.


No comments:

Post a Comment