Spyware, Viruses, & Security forum

General discussion


by wendy1234 / August 21, 2005 1:47 PM PDT

I have XP, run AVG and the definitions are up to date.
I even did a manual scan with AVG and it came up clean.
I tried to access many virus info site today and the response came up with "Page cannot be found"
I wanted to do an online scan which I like to do every so often for peace of mind. I could not accomplish this.
I did however manage to access MANY other websites that were not virus info related.

Not sure if this other problem is connected but a couple weeks ago I had a window come up whenever i started up my computer...."windows cannot find c:\windows\system32\irajakv\csrss.exe" make sure you typed the name correctly then try again. To search for a file click Start, search....
I then click ok (the only option) and another window pops up saying "could not load or run specified in registry. Make sure the file is on your computer or remove the reference to it iin the registry."
I click on ok (the only option) and then it repeats the messages again. I click ok and then I can continue onto whatever i wanted to do.

Also about the same time (couple weeks ago) I keep getting junk mail in my OE. I never got any junk mail before this and all i keep doing is block sender.

Anyone who has advise on this would be GREATLY appreciated.
Thank you in advance.

Discussion is locked
You are posting a reply to: Help
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Help
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Hi, Wendy. I'm not leading expert here (LOL) but...
by tobeach / August 21, 2005 3:34 PM PDT
In reply to: Help

I believe you DO have a trojan or virus. One of the key symptoms is contaminating your IE hosts file by entering virtually every AV site into host blocked url list.
Given that, first try going to the following site (if you can) and downloading Stinger. exe. If you can't get access can you have a friend dwnload to a floppy or even E-mail the dnloaded file exe to you?? Its is a stand alone special for a few current items and can be run right from floppy or desktop.:Stinger:
Meantime go to your IE Options>Security tab>Restricted Sites & click "sites". Look there to see if any Major AV sites are listed. If they are, you could manually delete some good sites to allow you access to those sites. Hopefully this will allow you onto the web to get further help from (likely) an Anti-trojan program you can download free trial of , update & run. You may be able to do housecalls online scan at this point if you've deleted TrendMicro(housecalls) & Vil. Nai.com(Stinger).
You will have to disable System Restore since its VERY likely its points are contaminated and will re-infect if used.
Many links to above in this link post to scumware revised:

I'm probably 1st to reply but others will come in soon. Meanwhile hopefully this will give you a headstart. Please report back. Carefully note the exact full name & exact full location of anything found.
I suspect your AVG has been corrupted so you may have to delete/ re-install once clean as several like this prevent install of AV/Spyware programs. Happy

Collapse -
Further thought: You may find helpfull to run scans in
by tobeach / August 21, 2005 4:26 PM PDT
In reply to: Help

safe mode( local not online scans) as an ongoing process may prevent complete removal. The Scumware post has directions on how to do this.
It also has a link to a GFI on line trojan scan (Active X type as is listed housecalls).
Later (when clean) you should also get & use Adaware SE & Spybot S&D (both free) to help prevent & remove many malwares. Spybot would prevent altering of hosts file.
Do you have your XP (or other) firewall active? A 3rd party, say Sygate PF (free) being 2 way would notify you if you got a trojan and it tried to call home for more ammo and let you block it. Happy

Collapse -
by Alan Copeland / August 21, 2005 10:03 PM PDT

Turn off System Restore and run a scan and then turn SR abck on.

Collapse -
Same problem
by Gerard / August 21, 2005 6:12 PM PDT
In reply to: Help

Hi We have had thew same problem and i have tried the the following
1. Updating AV and scanning - no success
2. Stinger - no success
3. Online virus scan - no success

We are starting to get very concerned and would greatly appreciate any help.

All AV web sites are blocked.

Collapse -
Re: Same problem
by Tufenuf / August 21, 2005 10:47 PM PDT
In reply to: Same problem

ger & wendy, Have you checked your hosts file (no extension)? Below, between the lines is what the generic Windows XP hosts file should look like. The hosts file is located in the C:\Windows\System32\drivers\etc folder

# Copyright (c) 1993-1999 Microsoft Corp.
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
# For example:
# rhino.acme.com # source server
# x.acme.com # x client host localhost

Many viruses add Antivirus & Anti Spyware sites to this file so you can't access them. If you see such sites listed below the localhost remove them but DO NOT Remove the localhost. You can open your hosts file (no extension) in Notepad and edit it then save the changes.


Collapse -
Took advise and seem to be clean now
by wendy1234 / August 23, 2005 10:44 AM PDT
In reply to: Help

I downloaded stinger.exe and had success.
I now can access all virus info sites with no problem.
First thing I did was go to Trendmirco and do a housecall. I came up clean.

Thank you for all your help. It was greatly appreciated.

I have Ad-aware SE and will run a scan daily from now on. My AVG updates everyday and scans every night as set to schedule.

My system restore is now back on.
I do have my XP firwall active but is that good enough protection.

Is there anything more I can do to keep these Trojans from infecting my computer?
Should I get "Sygate PF" and if so where do I go?

I do still have the problem I explained in my original message for help when starting up my computer...."windows cannot find c:\windows\system32\irajakv\csrss.exe" make sure you typed the name correctly then try again. To search for a file click Start, search....
I then click ok (the only option) and another window pops up saying "could not load or run specified in registry. Make sure the file is on your computer or remove the reference to it iin the registry."
I click on ok (the only option) and then it repeats the messages again. I click ok and then I can continue onto whatever i wanted to do.

Any suggestions on this would be appreciated.
Thanks again for all your support and advise.

Collapse -
if you cannot find this file
by dawillie / August 23, 2005 1:50 PM PDT

have a look in start>MSCONFIG>Start up tab.

if it is there uncheck it and solve the problem.

Collapse -
Hi, Wendy ! Glad to hear of major improvement....
by tobeach / August 23, 2005 4:18 PM PDT

The one program I really depend on to run parallel w/ AdawareSE is Spybot Search & Destroy. It searches differently with different target types It additionally
has many usefull extra features like a bad downloader blocker (stops many getting through) & a lock down to prevent browser hijackers from corrupting your hosts file(like you had) as well as a great "immunize" feature which blocks 6,762 (currently in XP) items, a start-up list where you can tick/untick (like config) along with some definitions of what those items are, Tea Timer feature locks your system settings to prevent trojan or other making changes with out your permission to change,etc, etc. I trust it even more than Adaware. It is also free and won't conflict. Link in Scumware Revised link I posted.
It updates about once every 2 weeks. Very Good.
Re:Firewall. I'm using XP ICF behing a router by D-link which also has firewall so I feel OK.
You could go with Sygate (a good one,free) the main diff is the XP blocks only incoming un- requested things but won't notify you if a trojan /or? has already gotten in and is now trying to call OUT to home. http://smb.sygate.com/home_small_office.htm
Best browsing protection you can have generally is to not us IE and instead get Sun Java (which you should have instead of MS by now) and then use an alternate browser like Mozilla Suite or their Browser only FireFox. As long as you don't add Active-X plug-ins, 95% of what's out there just sails on by!! I haven't had a single browser based attach in 3 years of using(knock on wood) and it leaves my Spybot & Adaware with basically nothing to do!! You can also keep your IE (using Sun Java) to for the odd thing if necessary (MS update site & Hotmail?).
I Googled your file and got no result which makes me suspect it's not a Windows file but possibly some other programs' item( or worse a virus file component now removed). Can you figure which (possibly a program you un-installed)?
You could also try a "Checkdisk /r"(estore) via "Run" whith your original XP disk in burner or your SP2 disk if you've installed sp2 (or path to sp2 file). This will restore all system files using disk or backup in computer to rewrite any corrupted or missing ones.
Hope this will leave you just visiting for curiosity/learning instead of for "The Horror" ! Happy

Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?