I'm reformatting my friend's virus-riddled computer... for the second time tonight. After the first reformat, I connected to the campus network to download basic things. Of course, I immediately got the sasser worm, but no big deal, I could handle that, right? Only in the midst of dealing with that, I ran across another CPU munching process. It was crrss.exe. I did a quick google search, and all it pulled up was two sites in German. It doesn't seem that the process exists. In addition, I found ntfs64.exe and windowsfix.exe, both not doing anything, but both also apparently nonexistent processes. Has anyone else seen these? Have any clue what it could be? Also, at the beginning of startup, I get some strange messages written in a command prompt box. Image here: http://www.demonique.net/messages.jpg Help, anyone?

Since you are going to format again then before you connect it back to the network you should load up firewall and antivirus as well as SP2 The unknown processes could just be something put there by the campus network administrators. By the way your link doesn't work. Give a man a fish and you feed him for a day. Teach him to fish and his wife will never forgive you.

remember before connecting to the net ,at least turn on the windows firewall. preferably install zone alarm, and an antivirus program.

I am running CSRSS.exe now. (and have seen it running on every XP machine Ive ever run) I am not familiar with ntfs64.exe and windowsfix.exe, I suspect these will be safe to disable. (you're not running 64 bit XP, are you?) RichGu Win XP Pro - SP2 P4 3.2 Prescott / Intel D865 Perl mobo 768 MBs PC3200 DDR

You may also have a virus in the CMOS which no amount of formatting will remove. I'd suggest taking the left cover off the system & find the jumper for clearing the CMOS before having another go at installing the OS. Unfortunately the onboard anti virus protection designed to stop virus's infecting the CMOS is usually turned off in the bios by default because it slows the boot time down by 5 to 10 seconds-& well-people don't like waiting for their system to boot.. Once you clear the CMOS you'll need to go into the bios & load the setup defaults & perhaps turn the bios anti virus on to stop the CMOS from being re-infected again.

Afraid I know know what these processes are but as you've discovered, connecting an unprotected PC to the internet is digital suicide. The projected survival time of such a machine is reckoned to be around 20 minutes! See here: (and note this was in August 2004) http://news.com.com/2100-7349_3-5313402.html or Google for "survival time for unprotected pc" Before you connect you ABSOLUTELY MUST install at least an anti virus programme and update it with the latest definitions which you can usually download as file to apply offline.

BTW, did you mean csrss.exe.exe and NOT crrss.exe ?