hello! few days ago my pc was exposed to one very annoying virus/es. it basically started to openning up new pages in my browser and at the end it started installing some garbagecleaner.exe. so my 1st thought process was to perform acan with malwarebytes. it found looooads of viruses but i didnt do that many scans in the past so...i deleted all of them. then i thought since i dont have anything that important on my pc i decided to run a clean reinstall of windows. i thought when i reset all files back to default it will minimize the risk.
then right after i changed almost every password i had. wasnt really sure if i am still safe so i tried to not log in from my pc anywhere.
2 days later everything seemed to be ok so i logged in to my facebook account...nothing strange yet so i went to work and about 2 hours later in work when i wanted to check facebook i got message my account was locked with saying someone from taiwan logged into my facebook so i quickly changed my password again.
Coincidence???? i dont think so. what i think there is some dodgy spying proccess running in backround. so i started searching for answers and then i found something. this process called csrss.exe. on one hand yes it is microsoft file but i was searching even more because in my processes in my task bar i have 2 csrss.exe running. and i found couple forums where they were saying something like if u see one process its okay but if there are 2 there is high chance one of them is virus
also there was nentioned that if csrss.exe is located anywhere else than system 32 folder it is virus. but both my processes showing asbthey are in system 32 folder under C:
can anyone help me? i ran numeruos tests and every test now is showing literally nothing like my pc was clean but i am certain it isnt.
then right after i changed almost every password i had. wasnt really sure if i am still safe so i tried to not log in from my pc anywhere.
2 days later everything seemed to be ok so i logged in to my facebook account...nothing strange yet so i went to work and about 2 hours later in work when i wanted to check facebook i got message my account was locked with saying someone from taiwan logged into my facebook so i quickly changed my password again.
Coincidence???? i dont think so. what i think there is some dodgy spying proccess running in backround. so i started searching for answers and then i found something. this process called csrss.exe. on one hand yes it is microsoft file but i was searching even more because in my processes in my task bar i have 2 csrss.exe running. and i found couple forums where they were saying something like if u see one process its okay but if there are 2 there is high chance one of them is virus
also there was nentioned that if csrss.exe is located anywhere else than system 32 folder it is virus. but both my processes showing asbthey are in system 32 folder under C:
can anyone help me? i ran numeruos tests and every test now is showing literally nothing like my pc was clean but i am certain it isnt.