Question:
Trojan horse how to remove help please ASAP!!!?
?
2010-08-28 19:43:39 UTC
i have just found a Trojan horse on me computer, its under the alias in task manager csrss.exe - and no this is not the actual Client Server Run time Process with windows, i cannot end the process nor view its properties or anything, so i don't know where it is on my computer, i have virus scanned with Malwarebytes, AVG, AVIRA, used ccleaner for registry issues, spybot, all which have found nothing, also constantly when i browse the net sus websites automatically pop up in a new tab with key words i have recently searched with before, how can i remove this. please help, all i want to do is play CoD lol =(
Nine answers:
Ed G
2010-08-28 20:17:21 UTC
If you are using IE try resetting it. Open IE, go to tools, internet options, Advance tab, then at bottom click on reset Internet Explorer.

If you still have the issue and think your are infected there are two things you can do. First look in device manager click on view, then check show hidden drivers. Now expand Non-plug and Play drivers. Look for TDSS, tidserv, if there you are infected with the TDSS trojan. You can disable it, then try scanning with Malwarebytes, But there is a tool for removal called TDSSkiller.

The other thing you can try is the anti rootkit tool called gmer. Make sure you read the instructions at the web site, It's a powerful tool if it finds anything, make sure the item is bad before you remove it. A mistake with gmer can make your computer unbootable.

http://www.gmer.net/
2010-08-30 04:37:54 UTC
Hi there,



Try to remove it manually

Disable the System Restore feature on your computer. If this is still turned on, the system will restore any deleted files, including those infected by the Trojan horse. This can be done by going into the My Computer file and looking for the Performance option. Then select File System, Troubleshooting and Disable System Restore.



Turn on the computer and run it in safe mode. Restart the computer and when the words begin appearing on the screen, press the F8 key. This takes you to a new screen, where you'll select the safe mode option. Let the computer start as it regularly would before you continue.



Go into the Control Panel by clicking on the "Start" button at the bottom left-hand side of the screen and looking for the Control Panel. Select the Add or Remove Programs icon. The computer should then show a list of all programs existing on your system.



Look for programs that include Spyware or adware on your computer and select the Remove program option. Many users have found it helpful to look for programs that they didn't install and those that were installed when they downloaded a game or other program onto their computer.



Open the Windows System folder and delete all files that include the Trojan virus extension. Go through the list twice to make sure you removed all virus files. Then restart the computer in normal mode and check the folder again. If all the files are gone, you'll be ready to move on. If there are any remaining, remove them and restart the computer.



Hope this helps,

Good Luck!

Olivia
Christy
2016-08-22 18:50:39 UTC
2
Digital Solutions
2010-08-28 19:49:49 UTC
Csrss stands for Client/Server Run-Time Subsystem, and is an essential subsystem that must be running at all times. Csrss is responsible for console windows, creating and/or deleting threads, and implementing some portions of the 16-bit virtual MS-DOS environment.

Note: The csrss.exe file is located in the folder C:\Windows\System32. In other cases, csrss.exe is a virus, spyware, trojan or worm! Check this with Security Task Manager.



Removal:



1.) System Restore.



2.) If the process still exists. OS Restore.



Email me if you need further assistance.
?
2010-08-28 22:33:12 UTC
Have you tried fighting the Trojan horse in Safe Mode With Networking? That might keep csrss from running.



To get into Safe Mode with Networking:



1. Log out and reboot your machine.

2. When the machine starts the reboot sequence, press the F8 key repeatedly.

3. Select Safe Mode with Networking from the resulting menu.

4. Login. If the malware has changed your password, try logging in as Administrator. By default, Administrator has no password.

5. The machine will continue booting, but the Windows desktop will look different.

6. When you're finished doing what you need to do, log out and reboot back into normal mode.



Good luck.
Dylan
2010-08-28 19:49:15 UTC
It's not a trojan. You are not able to end the process etc because it is needed to run your computer. If Malwarebytes Anti-malware found nothing then your computer is fine. You can als run Advanced System Care to check for more security issues.
?
2010-08-28 21:05:49 UTC
A Trojan horse, or trojan for short, is a term used to describe malware that appears, to the user, to perform a desirable function but, in fact, facilitates unauthorized access to the user's computer system. The term comes from the Trojan Horse story in Greek mythology. Trojan horses are not self-replicating which distinguishes them from viruses and worms. Additionally, they require interaction with a hacker to fulfil their purpose. The hacker need not be the individual responsible for distributing the Trojan horse. It is possible for hackers to scan computers on a network using a port scanner in the hope of finding one with a Trojan horse installe.

http://trojan-horses-remover.com
2010-08-28 19:48:05 UTC
Honestly, I would just convert the system over to a linux based one so that everything is easier. 97% of the world's viruses are made for Windows and only 1% is made for Linux. CrapCleaner is not going to get rid of a Trojan, nor is any other virus scanner/remover you download from the internet. The only thing you can do is either change over the operating system by obtaining a copy of Linux or take it to a computer specialist and have them remove it for you and put Windows back on it when they are done. I.E. costing you a **** ton of money. Just move over to Linux.
kratos
2010-08-29 20:54:33 UTC
LOLOLOL omg no one knows what the hell they are talking about! Holy **** you have no idea what the csrss.exe command is do you??? pheew this made my WEEK! thnx :D :D


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Continue reading on narkive:
Loading...