csrss.exe - Dangerous

%windir%\system\csrss.exe

Manual removal instructions:

Antivirus Report of %windir%\system\csrss.exe:
%windir%\system\csrss.exe Malware
%windir%\system\csrss.exeDangerous
%windir%\system\csrss.exeHigh Risk
%windir%\system\csrss.exe
I-Worm.Netsky.ac
This worm spreads via the Internet as an attachment to infected messages, and via shared network resources.

Characteristics of infected messages:
Message header, body and attachment name (with .pif extension) are chosen at random from predefined list.
The worm uses a direct connection to the SMTP-server to send messages.

The wom copies itself to the Windows directory under the name csrss.exe
and registers this file in the system registry auto-run key:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\BagleAV
thus attempting to disguise itself as an antivirus working against Bagle.

Also, the worm attempts to delete registry keys created by I-Worm.Bagle.y

Automatic removal:
Use RegRun Startup Optimizer to delete this worm from your machine.

Remove csrss.exe now!

Dmitry Sokolov:

I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.

Since that time I work every day to fix the issues that antiviruses cannot.

If your antivirus have not helped you solve the problem, you should try UnHackMe.

We are a small company and you can ask me directly, if you have any questions.

Testimonials

You can read UnHackMe testimonials here.