Hey all,
I downloaded a song a while back, which actually turned out to be a video file, with an extremely small footprint (8mb give or take). I thought that was great, until it started playing everytime I logged onto XP. So I got a bit suspicous and deleted the file, but still windows media player opens and goes to the windowsmedia.com page.
I later heard that people found a way to embed stuff into the format So I tracked the registry key that is starting windows media player to:
c:\windows\csrss.exe
If I right click for properties, it tells me this is Windows media player, and also has the windows media player icon. This file is 72kb. So i looked up csrss.exe and found its a critical windows component, but should be in
c:\windows\system32\csrss.exe
which is there and is 4kb, the properties for that say Microsoft Corporation etc.
If I right click the csrss.exe that's in the wrong place, and virus scan it, it appears clean, this is with Norton Antivirus 2003 with all virus definitions updated.
Im not sure what to do now, does anyone know anything about this or what I can do to get rid of it? (im reluctant to delete it just yet, incase it messes up my system)
Matt
I downloaded a song a while back, which actually turned out to be a video file, with an extremely small footprint (8mb give or take). I thought that was great, until it started playing everytime I logged onto XP. So I got a bit suspicous and deleted the file, but still windows media player opens and goes to the windowsmedia.com page.
I later heard that people found a way to embed stuff into the format So I tracked the registry key that is starting windows media player to:
c:\windows\csrss.exe
If I right click for properties, it tells me this is Windows media player, and also has the windows media player icon. This file is 72kb. So i looked up csrss.exe and found its a critical windows component, but should be in
c:\windows\system32\csrss.exe
which is there and is 4kb, the properties for that say Microsoft Corporation etc.
If I right click the csrss.exe that's in the wrong place, and virus scan it, it appears clean, this is with Norton Antivirus 2003 with all virus definitions updated.
Im not sure what to do now, does anyone know anything about this or what I can do to get rid of it? (im reluctant to delete it just yet, incase it messes up my system)
Matt