csrss.exe - Dangerous
%windir%\system\csrss.exe
Manual removal instructions:
Antivirus Report of %windir%\system\csrss.exe:
%windir%\system\csrss.exe
I-Worm.Netsky.ac
This worm spreads via the Internet as an attachment to infected messages, and via shared network resources.
Characteristics of infected messages:
Message header, body and attachment name (with .pif extension) are chosen at random from predefined list.
The worm uses a direct connection to the SMTP-server to send messages.
The wom copies itself to the Windows directory under the name csrss.exe
and registers this file in the system registry auto-run key:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\BagleAV
thus attempting to disguise itself as an antivirus working against Bagle.
Also, the worm attempts to delete registry keys created by I-Worm.Bagle.y
Automatic removal:
Use RegRun Startup Optimizer to delete this worm from your machine.
| %windir%\system\csrss.exe | Malware |
| %windir%\system\csrss.exe | Dangerous |
| %windir%\system\csrss.exe | High Risk |
This worm spreads via the Internet as an attachment to infected messages, and via shared network resources.
Characteristics of infected messages:
Message header, body and attachment name (with .pif extension) are chosen at random from predefined list.
The worm uses a direct connection to the SMTP-server to send messages.
The wom copies itself to the Windows directory under the name csrss.exe
and registers this file in the system registry auto-run key:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\BagleAV
thus attempting to disguise itself as an antivirus working against Bagle.
Also, the worm attempts to delete registry keys created by I-Worm.Bagle.y
Automatic removal:
Use RegRun Startup Optimizer to delete this worm from your machine.
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.