hacktool and trojanhorse virus in my computer...need urgent help from a good friend

Hi,

When i did full system scan with Norton, it;s showing hacktool virus in c:\windows\system\driver\crss.exe is infected with hacktool virus and c:\windows\system\driver\ntsrv.exe is infected with trojanhorse virus.

Can anyone help me to delete these viruses from my computer?

Waiting for reply...

Thanks....

 

Welcome to MajorGeeks.com, please follow the steps below:

http://www.majorgeeks.com/images/grenade.gif Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

• Make sure you check version numbers and get all updates.

http://www.majorgeeks.com/images/grenade.gif Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

http://www.majorgeeks.com/images/grenade.gifAfter doing ALL of the above and you still have a problem, make sure you have booted to normal mode and run the steps in the below thread to properly use HijackThis and attach the log:

http://www.majorgeeks.com/images/grenade.gif Downloading, Installing, and Running HijackThis

 

Thanks for helping me my friend..I turned off system restore and view hidden file..and finally i delete csrss.exe and ntsrv.exe from my driver folder..and computer is running fine and norton is not detecting those viruses..

I did right thing or not? Those file is needed to run windows properly? I don't know...If i need those file, what should I do?

Reply me...

Thanks...

 

If those were the ones Norton was detecting then it's ok to remove them. You did the right thing by removing them ASAP because they are a registered threat.

To confirm your completely clean, run the scan below...

Kaspersky Anti-Virus Online Scan

• Click on "Kaspersky Online Scanner"
  
• Click Accept to procede...
  
• If this popup displays, Install Kaspersky's ActiveX Control
  
• If this popup displays, Install the "kavwebscan_unicode.cab"
  
• After all updates are downloaded, click NEXT to continue...
  
• Click Scan Settings and select extended and make sure both boxes are checked at the bottom, Click OK to continue.
  
• Now click on My Computer and let it run!
  
• This scan may take a while but it is very thorough. After the scan is complete save the log as a txt file and attach it to your next post.

 

I did kaspersky virus scan online and they found 3 viruses and 6 infected files.here i am sending u saved log as an attachment.

thanks...

 

I would recommend deleting everything in the folder below...

C:\Documents and Settings\Raj Upadhyay\Shared

After you remove the above, you will be clean. Are you having any further problems?

 

I deleted all files from shared folder. restarted computer and again check online kaspersky as u suggested me before..after scan completed now i have one infected file left on my computer..i am attaching log2 for your review.

Another question : I am using norton antivirus professional 2003 and microsoft antispyware version 1.0.701 to protect my computer. Do u have any other better suggestion for my system protection?

thanks again for providing me help...

 

Disable System restore, reboot and then re-enable System Restore.

You should see this article on How to Protect yourself from malware!