Solved

csrss.exe appears and requests permition to install on startup

Posted on 2006-11-05
5
315 Views
Last Modified: 2011-08-18
Hello,

Everytime I turn my computer I get a message that an aplication CSRSS.EXE request permition to install. c:\windows\system32\1095. open file security alert.

I press cancell and disapears....how can I get rid of this problem.


Thanks for your help,


suplyair.-
0
Comment
Question by:suplyair
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 17875970
Let's look at your hijackthis log.

Please download HijackThis 1.99.1
http://www.cyberanswers.org/forum/uploads/HijackThis1991.exe
http://danborg.org/spy/hjt/alternativ.exe
Open Hijackthis, click "Do a system scan and save a logfile" don't fix anything yet.

Then upload the logs to any hosting sites,
or go to the below link and login using your Experts-Exchange username and password.
http://www.ee-stuff.com
Click on "Expert Area" tab
type or paste the link to your Question
"Browse" your pc to the location of your Hijackthis log and click "Upload"
Copy the resulting "url" and post it back here.

OR: paste the log to either of these sites:
1. http://www.rafb.net/paste/
then at the bottom left corner click "paste"
Copy the address/url and post it here.

2. or at --> http://www.hijackthis.de/ 
and click "Analyse", click "Save".  Then post the link to the saved list here.
0
 

Author Comment

by:suplyair
ID: 17877726
Hello,

Here is the link to the analiyse result...

http://www.hijackthis.de/logfiles/39ab3e44d18a4c79b4b63ec6633464d3.html

Could you please help me decide whick ones I should delete,


Thanks


suplyair.-
0
 
LVL 47

Accepted Solution

by:
rpggamergirl earned 125 total points
ID: 17877879
Run Hijackthis and put a check next to these entries, close all browsers and other windows and click "Fix Checked":
O4 - HKLM\..\Run: [Runtime] "C:\WINDOWS\system32\1095\csrss.exe" /run
O16 - DPF: {A1426AC5-8CE5-4A00-B71E-011D35709AC6} (Progetto1.int_ver34) - http://advnt01.com/dialer/int_ver34.CAB 
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0432e5d9486446e8dc16/netzip/RdxIE601_es.cab 


It is safe to fix any 04 entries (programs that you don't want to run at startup)
You have so many 016 entries, if you don't really visit these sites everyday you're better off fixing them because they all load when IE opens, any plugins will be downloaded again when you visit those sites or when the program you are running calls for it.



C:\WINDOWS\system32\1095\csrss.exe<--delete this file
C:\WINDOWS\system32\1095 <-- this is a very suspicious folder, rename it, or just delete it.
0
 

Author Comment

by:suplyair
ID: 17878533
Hello,

Worked perfect!


Thanks


suplyair.-
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 17878957
No problem!

Glad to know it's resolved.

Thanks!
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question