![]() It takes a big man, or a company with high standards and ethics to admit when they are wrong. People are often like that, they take the easy way out. ![]() Than having to go figure out your own mistakes and admit that you screwed up. So you should really use your own judgement, and rely less on the software tools alone.įrankly, it's usually easier to blame the problem on someone else. Then of course, I should point out that not all malicious software is detected, and some of them that are detected as malicious are in fact legitimate (false positives). Since you already had the anti-virus installed, it would likely have picked up the trail on this supposed Trojan, had it really been a Trojan that is. To get a proper analysis of it you would have to run an anti-virus program on it. But there is also a chance that the very same file from Microsoft has been deliberately removed, and that the malicious program has not only the same name as the original, but is also stored in the same folder where the Microsoft file used to be. That's a good way to start inspecting the suspecious file. If you end up in some other directory or folder, and it's not under the Windows folder, then chances are you are dealing with a malicious program. If you end up at C:\Windows\System32 in Explorer, then you're good. If you open Task Manager, go to Details tab (Windows 8) or Process tab (Windows 7) and you see the process name "csrss.exe" you can right click on it (or each of them if there are several), and click "Open file location". One way to get an indication of whether or not this process is legit is to check the location of the file. So other malicious programs can use the same name to mask their true nature. Csrss is responsible for console windows, creating and/or deleting threads, and some parts of the 16-bit virtual MS-DOS environment.īut as always with Windows executable files, the name does not have to match the actual program. Csrss stands forclient/server run-time subsystem and is an essential subsystem that must be running at all times. This is the user-mode portion of the Win32 subsystem (with Win32.sys being the kernel-mode portion). Here is a Seven Forums post about it: Is csrss.exe a trojan? - Windows 7 Help Forums Here is a Microsoft community Q
0 Comments
Leave a Reply. |