how can i remove this?

[Guest]

[Ghost57]

heres a scan from jotti on a fake csrss.exe i have and comodo dont find any virus in it and i need help
heres the log
 Service load:     
0%              100%
File:    csrss.exe
Status:    
INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5    77a9fd1cd6aa2ad137e53aaff18b77f3
Packers detected:    
PE_PATCH.UPX, UPX
Scanner results
Scan taken on 05 Jun 2007 03:45:38 (GMT)
A-Squared    
Found nothing
AntiVir    
Found TR/Agent.141606
ArcaVir    
Found nothing
Avast    
Found nothing
AVG Antivirus    
Found nothing
BitDefender    
Found nothing
ClamAV    
Found nothing
Dr.Web    
Found nothing
F-Prot Antivirus    
Found nothing
F-Secure Anti-Virus    
Found Trojan-Downloader.Win32.Agent.bl
Fortinet    
Found W32/Agent.BL!tr.dldr
Kaspersky Anti-Virus    
Found Trojan-Downloader.Win32.Agent.bl
NOD32    
Found nothing
Norman Virus Control    
Found nothing
Panda Antivirus    
Found Trj/Agent.FHZ
Rising Antivirus    
Found nothing
VirusBuster    
Found nothing
VBA32    
Found Trojan-Downloader.Win32.Agent.bl

so i need help with this

[Toggie]

Hi Ghost57, me again

Can I take it you downloaded CAVs and it didn't find the virus? Did you update the virus database before scanning?

Are you running any other AV programs, if so, which?

I found some info on removing Trojan-Downloader.Win32.Agent.bl:

1. Delete the original Trojan file (its location will depend on how the malicious program originally penetrated the victim machine).

2. Delete the file downloaded by the Trojan:

C:\ntldr.pif

From what I can make out, the other viruses found in your scan are just different names for the same virus.

Perform the steps above and run another scan.

Toggie

[Ghost57]

its fixed for now my other AV detected it and removed it after i scaned the fake csrss.exe thx for the help 

Edit: Also BoClean also detected and removed 3 trojans ill be runing a few scans to make sure its clean 

[Toggie]

Good news

[Tags:]