I'm afraid I have deleted csrss system file, and everytime that I try to put on the pc the screen turns black and I just can't do nothing. I've also tried to boot in safe mode but the same thing hapened.
Hello Leo/
do you know how to delete the RP09.exe? is this a virus? I think it is connected to csrss.exe. I have two (2) csrss.exe processing in my TaskManager is this normal? Do you know how to remove "ñiäw", i believe this is some kind of a virus. Tnx...hope U can HELP.
Posted by: code_ryan at February 2, 2009 6:24 PM
For CODE_RYAN
Just an Info, I have encountered this RP09.EXE, if they said its not a virus then what's inside "ñiäw", there you could also find a copy of RP09.EXE as well as indside the "system volume information" folder.
I you think you're in doubt then try opening your registry "type REGEDIT inside START->RUN" then press F3-find then type "RP09", I know it will find one, under MOUNTPOINTS2 where WORMS usually imprint their AUTORUN.INF instructions.
Be carefull in choosing a drive then using the RIGHT CLICK bcoz EXPLORE, OPEN, AUTOPLAY are already their trigger in spreading.
As of Now, Im doing it manually since I've got nothing, no available anti virus online for now. WE ARE ON OUR OWN, unless any of you guys got some AV for this, please....
Posted by: Cyberwolf at February 8, 2009 5:59 PM
there are 2 other csrss.exe that can be found on your computer once you are infected by this virus. One is on C:\Documents and Settings\user\csrss.exe and the other is on C:\Program files\Microsoft Fronpage\csrss.exe and together with is is a .reg file (18something) and a time.dat. These too are also products of the virus
Posted by: docdoom16 at February 12, 2009 6:38 PM
csrss.exe is a windows program. But when you see two csrss.exe in your task manager, it could be a virus. Avast anti-virus can remove this virus.
Or
Manually delete:
1. Boot in Safe Mode, this limits the program that are running in the background.
2. Goto Start - run, then type MSCONFIG.
3. Goto Startup, then find and uncheck any RP09.exe or csrss.exe that you will see. Don't be afraid of csrss.exe. The original csrss.exe of windows is loaded in different location.
4. Right click "My Computer", then select explore.
5. Click "C:" from the left pane. Then delete "autorun.inf", "ñiäw" folder and an exe file with a filename of your computer name and an icon of folder. ex. if your computer name is andrew, delete the file "andrew.exe".
6. Delete also "RP09.exe" from the following directory:
C:\program files\Microsoft Frontpage\ (as well as the reg file).
C:\Documents and Settings.
C:\System Volume Information.
7. restart you computer...
:)
Posted by: JB at February 16, 2009 10:59 PM
csrss.exe is not always a virus... it can be normal to have it running multiple times. if your not sure open up do this
1. hit windows key+r
2. type in cmd
3. hit enter
4. type in tasklist
5. find and write down the PID of both processes
6. now type in tasklist /v
7. find both csrss.exe and see who authorised it. If it is a virus one of the two is not authorised by "NT AUTHORITY\SYSTEM"
8. remember the PID of the virus and type in tasklist /fi "pid eq (your virus pid)"
9. Now you should see just one process. remember the mem usage (at me 4.652 K) and hit ctrl+shift+esc
10. find your virus and kill the processnow find it and delete it :D
Posted by: Dwight Rimmelzwaan at February 20, 2009 12:07 AM
I have a pop up window on my desktop: Windos - No Disk Exception Processing Messag c0000013 Parametes 75b6bf9c 4 75b6bf9c 75b6bf9c. Could this be a problem with the crss.exe file?
Posted by: sge at March 7, 2009 5:54 AM
So, I have a huge problem with csrss.exe eating my CPU up to 99%, and I don't have the virus, I only have csrss.exe in the right place (SYSTEM). I started a new profile on my computer and intended to erase the previous one to check if that could help, but before I had the chance to do this, csrss.exe took over the new profile too, which is why I sincerely doubt it will do any good to erase the first profile. I also installed a "hotfix" that would fix a problem with csrss.exe that starts when right-clicking something, when I was unsure that it might be the problem (since the description of my problem was exactly the same: 100% CPU). HEEELP! :-/ Thanx!
Posted by: Power at March 10, 2009 3:45 AM
Looking at another page I found the help I needed, and I post it here so that it might help someone else. I updated the graphics. As simple as that. All problems gone!
Posted by: Power at March 11, 2009 3:28 PM
hi!
to remove RP09.exe
1. run command prompt
2. type cd\
3. type ATTRIB -H -S -R /S /D..it would few minutes if your drive have many files and folders..
4. manually delete autorun.inf, syste~1, niaw folder.. just type "del autorun.inf" etc...
5. run regedit.exe using command prompt or RUN command.
6. Press Ctrl + F.
7. Find syste~1\_resto~1\RP09.exe
8. delete it.
6.
I'm afraid I have deleted csrss system file, and everytime that I try to put on the pc the screen turns black and I just can't do nothing. I've also tried to boot in safe mode but the same thing hapened.
HELP PLEASE
(soz for the english)
22-Dec-2008
Hello Leo/
Posted by: code_ryan at February 2, 2009 6:24 PMdo you know how to delete the RP09.exe? is this a virus? I think it is connected to csrss.exe. I have two (2) csrss.exe processing in my TaskManager is this normal? Do you know how to remove "ñiäw", i believe this is some kind of a virus. Tnx...hope U can HELP.
For CODE_RYAN
Just an Info, I have encountered this RP09.EXE, if they said its not a virus then what's inside "ñiäw", there you could also find a copy of RP09.EXE as well as indside the "system volume information" folder.
I you think you're in doubt then try opening your registry "type REGEDIT inside START->RUN" then press F3-find then type "RP09", I know it will find one, under MOUNTPOINTS2 where WORMS usually imprint their AUTORUN.INF instructions.
Be carefull in choosing a drive then using the RIGHT CLICK bcoz EXPLORE, OPEN, AUTOPLAY are already their trigger in spreading.
As of Now, Im doing it manually since I've got nothing, no available anti virus online for now. WE ARE ON OUR OWN, unless any of you guys got some AV for this, please....
Posted by: Cyberwolf at February 8, 2009 5:59 PMthere are 2 other csrss.exe that can be found on your computer once you are infected by this virus. One is on C:\Documents and Settings\user\csrss.exe and the other is on C:\Program files\Microsoft Fronpage\csrss.exe and together with is is a .reg file (18something) and a time.dat. These too are also products of the virus
Posted by: docdoom16 at February 12, 2009 6:38 PMcsrss.exe is a windows program. But when you see two csrss.exe in your task manager, it could be a virus. Avast anti-virus can remove this virus.
Or
Manually delete:
1. Boot in Safe Mode, this limits the program that are running in the background.
2. Goto Start - run, then type MSCONFIG.
3. Goto Startup, then find and uncheck any RP09.exe or csrss.exe that you will see. Don't be afraid of csrss.exe. The original csrss.exe of windows is loaded in different location.
4. Right click "My Computer", then select explore.
5. Click "C:" from the left pane. Then delete "autorun.inf", "ñiäw" folder and an exe file with a filename of your computer name and an icon of folder. ex. if your computer name is andrew, delete the file "andrew.exe".
6. Delete also "RP09.exe" from the following directory:
C:\program files\Microsoft Frontpage\ (as well as the reg file).
C:\Documents and Settings.
C:\System Volume Information.
7. restart you computer...
:)
Posted by: JB at February 16, 2009 10:59 PMcsrss.exe is not always a virus... it can be normal to have it running multiple times. if your not sure open up do this
1. hit windows key+r
Posted by: Dwight Rimmelzwaan at February 20, 2009 12:07 AM2. type in cmd
3. hit enter
4. type in tasklist
5. find and write down the PID of both processes
6. now type in tasklist /v
7. find both csrss.exe and see who authorised it. If it is a virus one of the two is not authorised by "NT AUTHORITY\SYSTEM"
8. remember the PID of the virus and type in tasklist /fi "pid eq (your virus pid)"
9. Now you should see just one process. remember the mem usage (at me 4.652 K) and hit ctrl+shift+esc
10. find your virus and kill the processnow find it and delete it :D
I have a pop up window on my desktop: Windos - No Disk Exception Processing Messag c0000013 Parametes 75b6bf9c 4 75b6bf9c 75b6bf9c. Could this be a problem with the crss.exe file?
Posted by: sge at March 7, 2009 5:54 AMSo, I have a huge problem with csrss.exe eating my CPU up to 99%, and I don't have the virus, I only have csrss.exe in the right place (SYSTEM). I started a new profile on my computer and intended to erase the previous one to check if that could help, but before I had the chance to do this, csrss.exe took over the new profile too, which is why I sincerely doubt it will do any good to erase the first profile. I also installed a "hotfix" that would fix a problem with csrss.exe that starts when right-clicking something, when I was unsure that it might be the problem (since the description of my problem was exactly the same: 100% CPU). HEEELP! :-/ Thanx!
Posted by: Power at March 10, 2009 3:45 AMLooking at another page I found the help I needed, and I post it here so that it might help someone else. I updated the graphics. As simple as that. All problems gone!
Posted by: Power at March 11, 2009 3:28 PMhi!
to remove RP09.exe
1. run command prompt
2. type cd\
3. type ATTRIB -H -S -R /S /D..it would few minutes if your drive have many files and folders..
4. manually delete autorun.inf, syste~1, niaw folder.. just type "del autorun.inf" etc...
5. run regedit.exe using command prompt or RUN command.
6. Press Ctrl + F.
7. Find syste~1\_resto~1\RP09.exe
8. delete it.
6.
thats it..
Posted by: silent at March 31, 2009 9:44 PM