cssrss creating HQS Trojan at startup

Hi and welcome to TSF.
cssrss.exe is not a legit process. It is loaded by the W32/FORBOT-CE worm.
http://www.castlecops.com/s6114-cssrss_exe.html

I recommend you follow the instructions in the link below and post your logs in the hijack this section. An analyst will check your logs and advise you on cleaning your machine.

http://www.techsupportforum.com/sec...read-before-posting-malware-removal-help.html

csrss.exe in system32 and system32\dllcache is a legit process. It should be 6,144 bytes on most XP machines.

cssrss.exe is not legit, as grumpygit has pointed out.

There's quite possibly something else on the system alongside...but in addition to deleting the file, you need to remove the loading point(s).

If you require assistance, follow the instructs in the link grumpygit has already provided.

First of all thank you for your replies.
I've been trying to do as instructed and scan with Panda ActiveScan but
IE and Firefox keep getting aborted when I'm about 30% complete (going from C to D drive)
and when the browser process was aborted then all data is lost.

So far after C drive scan I get about 7 infected files (mostly from RP3x files) but not getting scan complete is really frustrating. Is it because I don't have enough RAM (I have 512 MB)?

How do I remedy this situation and at least get scan completion?

Finally got Active Scan to run to completion.
I also use the Disinfect function to disinfect several trojan downloader in RP32... etc.
I am doing the DSS scan now and will post all logs in the Hijack this forum.

Thanks again.