• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

I need help with a virus

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
felinusz

felinusz

Senior Overclocking Magus
Joined
Feb 26, 2003
Location
Taiwan
I seem to have picked up a computer virus that I cannot get rid of.

I have Nortan Anti-Virus Professional installed and fully updated, and have run a system check - nothing came up.


Nothing happens when my machine isn't connected to the internet, but once connected, sketchy "error messages" pop up on my screen at frequent intervals, telling me to go to questionable websites and download patches for Windows :rolleyes:.

I have uploaded pictures of two of the error messages below.
In addition, I found the process for the program that sends the error messages, csrss.exe located in the system32 folder in the Windows install folder. However, I cannot end this process or delete the program - I get an error message.

These messages, when running, also lag the entire system a great deal - they need to be closed which is extremely irritating.


I would really, really appreciate any help or advice, I'm quite poorly informed and experienced when it comes to computer viruses and dealing with them :(
 

Attachments

  • message.JPG
    message.JPG
    30.5 KB · Views: 49
  • message2.JPG
    message2.JPG
    19.7 KB · Views: 38
  • process.JPG
    process.JPG
    76.1 KB · Views: 43
Sounds more like adware then a virus. Since its only working when connected to the net with adds. Is that the only side effect your seeing? It could also be the sites you frequently visit use adds by that company. Any way try the basics like Bazooka, Spybot,Adware, MS Antispyware. Also try panda online scanner. Dont delete anything it finds in the norton folders though. Since some antivirus will say say that other ones are viruses by mistake you may run into this.
 
That last pic you highlighted in the last to was a real process. It is actually using less RAM than mine was at the time of writing.
what service is

Most viruses don't do the popup thing. I am leaning towards Techi's diagnosis. Most adware is poorly coded and can give errors when it tries to do its thing.

Try this to get rid of the offending crap.
http://www.ocforums.com/showthread.php?t=379516
 
try this. Go to start -> run and type services.msc Scroll all the way down and find the messenger service and disable it. That might stop them.
 
Thanks a lot guys, I'll try cleaning the system with all of those programs. Yikes, that many different adware/spyware cleaners should certainly do the trick :)
 
It awfully looks like the messenger service. Just do what TalRW said.
Im guessing your using XP.
 
Yep, you were right - I just "Disabled" that service, and it looks like the messages are gone :). Thanks :)

I'll still run through with all of the spyware removers for good measure.
 
felinusz said:
Yep, you were right - I just "Disabled" that service, and it looks like the messages are gone :). Thanks :)

I'll still run through with all of the spyware removers for good measure.
Click to expand...

Probably not a bad idea ;)
 
It's the Messenger service. Even if you have a good firewall, I found out that the Messenger service pop-ups can still get through!

The solution is to disable the Messenger service.

Thus, not a virus.
 
This is crazy.

Ad-Aware found 67 questionable processes/files, which it removed. Afterwards, CWSShredder found one CoolWebSearch varient which it removed. After that, X-Cleaner found one malicious file, and one more CWS varient.

How did my machine get all of this junk? I don't download a lot of stuff, and haven't even used this machine online much at all!


Guys, thanks again for the advice, with all of this medicine installed I feel much more secure.
 
RJARRRPCGP said:
It's the Messenger service. Even if you have a good firewall, I found out that the Messenger service pop-ups can still get through!

The solution is to disable the Messenger service.

Thus, not a virus.
Click to expand...

But he still probably has spyware if he's never done a scan before, and it can't hurt anything to check.

felinusz:
The Internet has become a dangerous place! It's incredibly easy to become infected by malware. Regular scans with updated versions of a few different programs can prevent/fix most issues.

I recommend running SpywareBlaster as a preventative measure, switching to FireFox or Opera web browsers, and weekly scans with updated AdAware, Spyware Doctor or SpySweeper definitions.
 
You must log in or register to reply here.

Similar threads

C
G-Helper on Asus Prime Z690-P WiFi Desktop?
Replies
9
Views
733
Crash1
C
xarzu
How do I ensure I properly get text alerts on my Android phone?
Replies
3
Views
296
Zuzzz
Zuzzz
R1S8K
Gaming crashing more often with whea_uncorrectable_error
2 3
Replies
50
Views
2K
EarthDog
EarthDog
AngelfireUk83
Win 11 Issue With Mapped Drive
Replies
9
Views
745
AngelfireUk83
AngelfireUk83
BugFreak
Error 5303 when accessing Office apps
Replies
0
Views
663
BugFreak
BugFreak
Back