I think i have this virus on my personal laptop and I don't know what to do. I'm not very tech savvy so I'm looking for the best assistance possible. I've seen other virus threads and I really don't know how to reformat and I don't have the ability to transfer files over to another comp.

Here is what happened. I searched for something on google. I navigated to google images where I click on a picture. Suddenly, Java started loading and the firefox yellow install bar popped up on my browser. I closed the window and nothing happened so I continued surfing. 5 minutes later Ad-aware started popping up saying it's quarantined some temp csrss.exe files. I tried searching for a solution on google. Tried to go to a virus messageboard and google redirected me to a discover magazine article. I googled for smthg more specific like youtube and cnn, and both times I was redirected to random websites instead of youtube or cnn.

I restarted my computer and it says that csrss.exe isn't loading correctly. From what I understand, csrss.exe is a standard windows component. So what gives? I have vista. PLS BE TO HELP ME!

9/24/2011 11:11:53 PM

Sounds like a job for Malwarebytes.

9/24/2011 11:26:33 PM

http://www.safer-networking.org/index2.html

Download Spybot, do a run tell me what it says. Sounds like an av.exe type virus.

Also, don't click random images on google if you don't know what you're doing.

Also open up task manager, show all processes and see if av.exe is on there.

What probably happened was a virus edited your crss.exe files so that they were malicious, probably edited the startup registry as well.

[Edited on September 25, 2011 at 1:23 AM. Reason : ]

9/25/2011 1:20:06 AM

I ran hitman pro and it took care of the job. Found this thread after searching for "redirect" in tww.

http://www.thewolfweb.com/message_topic.aspx?topic=604572

9/25/2011 2:12:52 AM

What was it?

9/25/2011 2:32:33 AM

Use NoScript, problem solved: https://code.google.com/p/jansal/wiki/NoScript

9/25/2011 6:29:51 PM

Sorry not sure what it was. There were 3 trojans/malwares the scan designated and I deleted/repaired them as quick as I could. 1 was really weird. It was called smthg like 0.43875292398743.exe .

9/25/2011 7:27:16 PM

The issue has been all over the tech press: http://www.pcworld.com/article/227352/attackers_using_google_image_search_to_distribute_malware.html

9/25/2011 8:15:50 PM

Quote :

"I have vista."

There's your problem

9/26/2011 1:06:41 PM