Helping people with computers... one answer at a time.
Csrss.exe is the Windows Client Server Runtime SubSystem.
What is csrss.exe?
•
It's the Windows Client Server Runtime SubSystem. A expensive name for what is a core part of Windows itself.
•
Article C2044 - June 14, 2004
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
Looking at another page I found the help I needed, and I post it here so that it might help someone else. I updated the graphics. As simple as that. All problems gone!
Posted by: Power at March 11, 2009 3:28 PMhi!
to remove RP09.exe
1. run command prompt
2. type cd\
3. type ATTRIB -H -S -R /S /D..it would few minutes if your drive have many files and folders..
4. manually delete autorun.inf, syste~1, niaw folder.. just type "del autorun.inf" etc...
5. run regedit.exe using command prompt or RUN command.
6. Press Ctrl + F.
7. Find syste~1\_resto~1\RP09.exe
8. delete it.
6.
thats it..
Posted by: silent at March 31, 2009 9:44 PMI've seen this virus/worm/malware... I've infected my gf's anti-virus-less internet-less computer by accidentally clicking a file that looks like a folder. I searched the registry but I couldn't find the source...
I went to this website for advice and I figured out how this virus works...
1. It creates a file csrss.exe in Documents and Settings folder
2. The main executable and registry file are located at Program Files\microsoft frontpage
3. Just like any other malware, it creates duplicates on USB flash drives with autorun.inf
I think it creates a registry entry in
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer and creates a subdirectory "run". You can find the directory path of the virus through there so you can delete it manually. Delete the whole "Run" subdirectory
Correct me if i'm wrong.
Make sure before attempting to delete the malware, start your computer in safe mode (Press F8 after the BIOS but before Windows loads)
I'd think the creator of this malware is very crafty that he wants the virus not to be detected even by experienced computer users. He didn't put those in the commonly used HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run as this would be too obvious for experienced users
Posted by: triad at August 30, 2009 12:38 AMYou've got some great solutions here for the csrss.exe error, here is another solution that I found.
http://www.improve-pc-tools.com/index.php/dealing-with-the-csrss-exe-error/
Posted by: dor at December 29, 2009 1:15 AMyou can get more info on csrss.exe at www.http://csrss-exe.com
Posted by: shalom at July 4, 2011 6:30 AMapparently their doing blogs on everything today