Csglet.exe

[bucko]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Hello everyone. new to pc banter but hope someone can help. Anyone know
what this is. Cant find it on google. No results on
http://www.liutilities.com either. Have Spyware Doctor 3.1 and have
removed all spy/ad ware. Checked all this on task manager but this
csglet.exe still exists. Norton popped up with the csglet.exe trying to
access internet which I blocked until I know what it is.


--
BUCKO

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Do a search of your disk for this file.
The following may give you a clue to what it does.

1) Location of the file (is it in a named directory or in
C:\Windows\system32 ?)
2) Right-click the file and select properties. Some files have a version tab
that gives you information.
3) Type MSCONFIG in the Run box and look at all your startup items

Good luck


"BUCKO" wrote:

>
> Hello everyone. new to pc banter but hope someone can help. Anyone know
> what this is. Cant find it on google. No results on
> http://www.liutilities.com either. Have Spyware Doctor 3.1 and have
> removed all spy/ad ware. Checked all this on task manager but this
> csglet.exe still exists. Norton popped up with the csglet.exe trying to
> access internet which I blocked until I know what it is.
>
>
> --
> BUCKO
>

 

[Malke]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

BUCKO wrote:

>
> Hello everyone. new to pc banter but hope someone can help. Anyone
> know what this is. Cant find it on google. No results on
> http://www.liutilities.com either. Have Spyware Doctor 3.1 and have
> removed all spy/ad ware. Checked all this on task manager but this
> csglet.exe still exists. Norton popped up with the csglet.exe trying
> to access internet which I blocked until I know what it is.
>
>
"PC Banter" is apparently one of those sites that is siphoning off the
MS newsgroups from Usenet and presenting them as their own
messageboard. Not very nice and certainly not very upfront. So you
might want to reconsider posting there. Here is information about
Usenet and how to use newsgroups directly:

http://www.elephantboycomputers.com/page3.html#12-09-02 - a brief
explanation of newsgroups
http://michaelstevenstech.com/outlookexpressnewreader.htm
http://rickrogers.org/setupoe.htm
http://support.microsoft.com/default.aspx?scid=/support/news/howto/default.asp
- Set Up Newsreader
http://www.dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html
http://aumha.org/nntp.htm - list of MS newsgroups
microsoft.public.test.here - MS group to test if your newsreader is
working properly
http://www.mailmsg.com/SPAM_munging.htm - how to munge email address
http://www.blakjak.demon.co.uk/mul_crss.htm - multiposting vs.
crossposting

As for your problem, whenever you have some program trying to access the
Internet and Google produces no hits, it's suspect. Run through the
following general malware removal steps, doing everything with updated
tools in Safe Mode:

First delete all Temporary and Temporary Internet Files. Then:

1) Scan in Safe Mode with current version (not earlier than 2004)
antivirus using updated definitions.

Before you remove malware, get LSPFix or WinSockFix for XP - see links
below.

2) Remove spyware with Spybot Search & Destroy and Ad-aware. These
programs are free, so use them both since they complement each other.
There is a new version of CWShredder from Intermute. I would not
install the other Intermute programs, however. Alternately, there are
CoolWebSearch malware removal steps at SilentRunners.

Be sure to update these programs before running, and it is a good idea
to do virus/spyware scans in Safe Mode. Make sure you are able to see
all hidden files and extensions (View tab in Folder Options).

If the malware remains even after you used Ad-aware and Spybot, you can
scan with HijackThis. HijackThis is an excellent tool to discover and
disable hijackers, but it requires expert skill. See below for
HijackThis links, including sites where you can post your HJT logs. A
combination of HijackThis and About:Buster works well in removing the
About:Blank homepage hijacker. Again, this is an expert tool and
novices should get help with it.

3) If you are running Windows ME or XP, you should disable/enable System
Restore after the system is clean because malware will be in the
Restore Points. With ME, you must disable System Restore completely.
With XP, you can delete all but the most recent (presumably clean)
System Restore point from the More Options section of Disk Cleanup
(Run>cleanmgr).

4) Make sure you've visited Windows Update and applied all security
patches. Do not install driver updates from Windows Update.

5) Run a firewall.

Links to help with malware:

Software/Methods:
http://www.safer-networking.org - Spybot Search & Destroy
http://www.lavasoftusa.com - Ad-aware
http://www.tomcoyote.com/hjt/ - HijackThis
http://www.intermute.com/spysubtract/cwshredder_download.html
http://www.silentrunners.org/sr_cwsremoval.html. - SilentRunners
http://www.cexx.org/lspfix.htm - Repair Winsock 2 settings after
removing spyware
http://www.spychecker.com/program/winsockxpfix.html - WinsockXPFix.exe

HijackThis:
http://www.aumha.org/a/hjttutor.htm - HijackThis tutorial by Jim
Eshelman
http://aumha.net - forums
http://spywarewarrior.com/viewforum.php?f=5 - Spyware Warrior HijackThis
forum
http://www.wilderssecurity.com/
http://forums.tomcoyote.org/

General:
http://aumha.net - look under "Security" for various forums
http://rgharper.mvps.org/cleanit.htm
http://mvps.org/winhelp2002/unwanted.htm
http://www.aumha.org/a/parasite.htm - The Parasite Fight
http://www.spywarewarrior.com/rogue_anti-spyware.htm

Malke
--
MS MVP - Windows Shell/User
www.elephantboycomputers.com
In Memoriam - MVP Alex Nichol
The world is diminished without him.