[access-uk] Re: Removing a Trojan

• From: "roger.south" <roger.south@xxxxxxxxxx>
• To: <access-uk@xxxxxxxxxxxxx>
• Date: Sat, 4 Mar 2006 14:07:38 -0000

Hi Ray

Different applications. Your article was for c s r s s mine is for 
c s r r s. One of the sites I found warned me on the similarity.

Roger

  ----- Original Message ----- 
  From: Ray's Home 
  To: access-uk@xxxxxxxxxxxxx 
  Sent: Saturday, March 04, 2006 9:32 AM
  Subject: [access-uk] Re: Removing a Trojan


  I'll start by stating my lack of exspertise here Roger, but the first thing 
that came up when I just did a search was a Microsoft article  which says, in 
part:

  csrss.exe is the main executable for the Microsoft Client/Server Runtime 
Server 

  I found this at:

  http://www.liutilities.com/products/wintaskspro/processlibrary/csrss/

  I'm not saying that what you have got isn't a trogen, simply that it might 
not be.  I'm sure others will come uup with THE answer.

  By the way, I've tried Trogen Hunter and it used to play up something awful 
with my internet access so I uninstalled it.

  HTH.


  Ray

  Personal emails:  Email me at
  mailto:ray-48@xxxxxxxx

    ----- Original Message ----- 
    From: roger.south 
    To: access-uk@xxxxxxxxxxxxx 
    Sent: Saturday, March 04, 2006 8:35 AM
    Subject: [access-uk] Removing a Trojan


    Hi All

    A few days ago my firewall told me an application named csrrs.exe was 
asking to access the internet. I have not heard of this before so did a search 
on Google to find it's a well known trojan worm. I permanently denied access 
and set about removing it. I can't seem to find a removal tool on the web. I 
then did searches only to come up with blanks. AVG Pro, Panda, Spybot, AdAware, 
CClean, Registry Mechanic and Housecall all fail to find it. A search on my XP 
Home also proves negative. But I had call to go to msconfig to check what was 
running at start-up and there it is large as life and twice as natural. The 
location was given as:

    SOFTWARE\Microsoft\Windows\CurrentVersion\Run



    I guess this to be a registry location so went to regedit and did a Find. 
It seems to be everywhere in there. I could remove it manually but the registry 
makes me very nervous and weak at the knees so I'm looking for any knowledge 
you guys may have as to if I'm doing the right thing here, please.



    Many thanks 



    Roger 

• References:
  • [access-uk] Removing a Trojan
    • From: roger.south
  • [access-uk] Re: Removing a Trojan
    • From: Ray's Home

Other related posts:

• » [access-uk] Removing a Trojan
• » [access-uk] Re: Removing a Trojan
• » [access-uk] Re: Removing a Trojan
• » [access-uk] Re: Removing a Trojan
• » [access-uk] Re: Removing a Trojan
• » [access-uk] Re: Removing a Trojan

1. Home
2. access-uk
3. Archive
4. 03-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---