Urgent help needed! Programming knowledge/command console knowledge needed!

Recommended Videos
jonnopon3000

jonnopon3000

New member
Feb 25, 2009
900
0
0
Ok someone has managed to get some kind of keylogger into my computer.

He is an idiot and has told me loads about it because he doesn't know I know it is here.

He told me that it disguises itself behind the csrss.exe system process that runs constantly in task manager.
To end it, you press end task, it restarts the csrss.exe system file, and then gives you a 10 min window to stop the keylogger restarting.
He said to stop it restarting you go to cmd.exe and run a command line called hidden attribute system admin, but won't tell me further. Once you have run it o nthe csrss.exe file, turn off the restart function.

I trust his information-he has no clue I know i have it and thinks I am curious as to stop it working because I want to make one myself (which i dont-i wanted him to tell me so i had to say something right?).

I need information on the command line hidden attribute

I googled, and I have found out about the attribute command line, but it is useless to me as the keylogger is hidden.

to get the attributes of the csrss file i need to type into the console:

attrib C:\Windows\system32\csrss.exe

Does anyone know how to change this into a command that gives me the hidden attribute?


Please please help me...if i google all the time and find out myself something could go wrong.

Thread title changed to saner, less disruptive one. Please do not use all-caps and multiple explaination marks - Mod
 
Jedamethis

Jedamethis

New member
Jul 24, 2009
6,953
0
0
ask him to get rid of the keylogger or you'll rip his face off
If he refuses, rip his face off hope he does't refuse
 
xitel

xitel

Assume That I Hate You.
Aug 13, 2008
4,618
0
0
APPCRASH said:
Just beat the crap out of him until he fixes it.

/command
run.heabutt.exe
Click to expand...
That's honestly what I'd do. If your friend put a damn keylogger on your computer you beat the hell out of him until he takes it off and then beat him up some more, then stop being friends with him.
 
Delmar Wynn

Delmar Wynn

New member
Nov 12, 2002
116
0
0
What is csrss.exe? Is csrss.exe spyware or a virus?

This is the user-mode portion of the Win32 subsystem; Win32.sys is the kernel-mode portion. Csrss stands for Client/Server Run-Time Subsystem, and is an essential subsystem that must be running at all times. Csrss is responsible for console windows, creating and/or deleting threads, and implementing some portions of the 16-bit virtual MS-DOS environment.
Click to expand...
Chances of it being a virus in the C:\windows\system32 is unlikely.

If you feel that you really have a virus or keylogger I would recommend that you go out and buy a virus protection software.

or

Get AVG free version or run a microtrend house call check on your computer.
Get a Spyware detection software such as Search & Destroy or any of the other free ones.
 
Baby Tea

Baby Tea

Just Ask Frankie
Sep 18, 2008
4,687
0
0
How do you know you have the keylogger?
Couldn't it be just as possible that the guy is freaking you out?
 
walls of cetepedes

walls of cetepedes

New member
Jul 12, 2009
2,907
0
0
Baby Tea said:
How do you know you have the keylogger?
Couldn't it be just as possible that the guy is freaking you out?
Click to expand...
That's exactly what I thought. My 'friend' tried something similar with me, so I stole his PS3 controllers until he convinced me there wasn't anything there.

I still broke the controllers, though.
 
AkJay

AkJay

New member
Feb 22, 2009
3,555
0
0
I'M SORRY BUT I REFUSE TO HELP PEOPLE WHO MAKE THREAD TITLES IN ALL CAPS TO GET ATTENTION!!!!!!!!!!
 
hamster mk 4

hamster mk 4

New member
Apr 29, 2008
818
0
0
I usualy system restore to a day I know hasn't been tainted. If that doesn't work I check the task manager for programs I don't trust and wipe them out of the System32 folder or where ever they hide. If worst comes to worst I reinstall the OS.
 
jonnopon3000

jonnopon3000

New member
Feb 25, 2009
900
0
0
Delmar Wynn said:
What is csrss.exe? Is csrss.exe spyware or a virus?

This is the user-mode portion of the Win32 subsystem; Win32.sys is the kernel-mode portion. Csrss stands for Client/Server Run-Time Subsystem, and is an essential subsystem that must be running at all times. Csrss is responsible for console windows, creating and/or deleting threads, and implementing some portions of the 16-bit virtual MS-DOS environment.
Click to expand...
Chances of it being a virus in the C:\windows\system32 is unlikely.

If you feel that you really have a virus or keylogger I would recommend that you go out and buy a virus protection software.

or

Get AVG free version or run a microtrend house call check on your computer.
Get a Spyware detection software such as Search & Destroy or any of the other free ones.
Click to expand...
I have very good virus protection software. I have managed to loacate the hidden process, but know not of how to end it.

Baby Tea said:
How do you know you have the keylogger?
Couldn't it be just as possible that the guy is freaking you out?
Click to expand...
This guy doesn't mess around-plus, the instance of a second csrss.exe process in the admin version of the task manager is usually indication of malicious software. I have found a second.
 
Weaver

Weaver

Overcaffeinated
Apr 28, 2008
8,977
0
0
sounds like he's just feeding you a load of bullshit.
Keyloggers are really easy to make though (in windows).
 
Sub_par

Sub_par

New member
Jul 4, 2008
110
0
0
i suggest avast! anti-virus, free, works well, should be able to solve the problem if there is indeed a keylogger
 
Delmar Wynn

Delmar Wynn

New member
Nov 12, 2002
116
0
0
You missed the part about it has to be running and honestly I think the guy is messing with you.

If you really feel that you have a problem, then I would suggest you Format and Reboot! Oh and sacrifice the goat. That always helps!
 
j0z

j0z

New member
Apr 23, 2009
1,762
0
0
*sigh*
jonnopon, why do you still talk with that guy?
Get AntiVir and Spybot Search & Destroy, run them.
And how did he get it on your system THIS time?
Mother Yeti said:
Sacrifice a goat to Ba'al.

Also find new friends.
Click to expand...
Also, this
 
SageSteven

SageSteven

New member
Feb 18, 2009
28
0
0
If the "keylogger" is there and possibly dangerous. A simple, but not a guaranty, way to remove it is to use a anti-spyware program like maleware bytes. If it's dangerous, it should come up on the list of bad programs and you might be able to remove it.

Also, doing very little research on the process. csrss.exe is an system file that may or may not be a virus/keylogger. Here is a link with some information.

http://www.neuber.com/taskmanager/process/csrss.exe.html

Failing that, beat your friend with a small child until he fixes the problem he created.
 
jonnopon3000

jonnopon3000

New member
Feb 25, 2009
900
0
0
I think I will system restore to 3 days ago. Safe distance while not losing any files that I can't get back
 
You must log in or register to reply here.
Top Bottom