i've got a damn virus on my system i think, every 10 minutes i get a pop up telling me to click ok to install something to get rid of a virus called spyware.iemonster.b , but i never use IE i always use firefox..

if i clikc cancel it shuts my computer off, if i click the x, all is fine...

here is an attched screen cap of what i get..

i also get this...

Doesn't your antivirus software help you? Which one do you use?

Can't help you, but props for the Ghostbusters reference. ;)

Doesn't your antivirus software help you? Which one do you use?


i have windows live 1 care or whatever it's called...doesn't detect a flea's fart..

installed avg..nothing..

installed nod32 business edition...nothing..

Can't help you, but props for the Ghostbusters reference. ;)


thanks :D

Back-up your documents and reformat?

HijackThis (http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html)

You can try ESET online scanner (http://www.eset.com/onlinescan/) and/or Trend Micro Online scan (http://housecall65.trendmicro.com/) and see if they detect anything.

In the case where you actually know the specific files that could be infected, you can have them scanned on a file-by-file basis at VirusTotal (http://www.virustotal.com/). You have to select individual files to upload for it to scan, but it runs dozens of different scan engines on the file.

I'm no pro at these things, but I wish you good luck.

Once you have a virus or other malware, the only solution is to reformat. There is no removing everything, no getting back to normal without doing this.
Boot from your CD or DVD of Windows, and kiss your data goodbye.

Definitely sounds like some sort of hijack. The Trend Micro online scans for spyware and viruses typically picks them off.

Sounds like malware to me, I had a similar problem. Only the malware posted a blue warning screen as my wallpaper, and linked me to a website to download a anti-virus program. It even bypassed my internet access so it would automatically send me to that website.
Try downloading this Mal-warebytes (http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html) program and see if that helps.

Once you have a virus or other malware, the only solution is to reformat. There is no removing everything, no getting back to normal without doing this.
Boot from your CD or DVD of Windows, and kiss your data goodbye.

Actually the malware I had bypassed my system restore tool, so his only option might be to boot from a disk as you said. I hope some of the other options people have suggested work, and it doesn't come down to going scorched earth.

Grab Avast anti-virus and Spybot: Search and Destroy. Both of them are free and have really good pre-boot scans. See if they don't catch it.

fuck, i hate having to reformat, god damn you bill gates...i have reformatted twice in the past week already!

fuck windows, it's bullshit, i'm getting a mac

fuck, i hate having to reformat, god damn you bill gates...i have reformatted twice in the past week already!

fuck windows, it's bullshit, i'm getting a mac

I mean.. you kinda have to work to get a virus by going to pretty shady sites or downloading shady things.

Only time I've ever gotten viruses was downloading warez and not doing a pre-scan of it before installing...

But yeah, your gonna need to re-format.

www.ubuntu.com

I mean.. you kinda have to work to get a virus by going to pretty shady sites or downloading shady things.

Only time I've ever gotten viruses was downloading warez and not doing a pre-scan of it before installing...

But yeah, your gonna need to re-format.



the system i got the virus on, the only sites i surf on it are gmail, CoG, myspace and facebook...

the system i got the virus on, the only sites i surf on it are gmail, CoG, myspace and facebook...

If you're not a gamer, I highly recommend ubuntu linked above. Super easy install and does everything for you and it has a very easy to use interface. Its nice.

I have heard of myspace having pages that are hijacked and filled with crap.

If you're not a gamer, I highly recommend ubuntu linked above. Super easy install and does everything for you and it has a very easy to use interface. Its nice.

I have heard of myspace having pages that are hijacked and filled with crap.

Well, this is a gaming site. Personally, I dual boot, and use Ubuntu for everything but gaming.

Well, this is a gaming site. Personally, I dual boot, and use Ubuntu for everything but gaming.

Well, I specifically meant pc gamer, he could be just a 360 / ps3 gamer, or something. Dual booting is a good option though.

If you're not a gamer, I highly recommend ubuntu linked above. Super easy install and does everything for you and it has a very easy to use interface. Its nice.

I have heard of myspace having pages that are hijacked and filled with crap.


well i'd like to try ubuntu, but Adobe audition and Photoshop are requirements for me to use, as aside from my daily job, i do audio and graphics on the side.


so far i have seen nothing that proves that those programs will run under ubuntu.

well i'd like to try ubuntu, but Adobe audition and Photoshop are requirements for me to use, as aside from my daily job, i do audio and graphics on the side.


so far i have seen nothing that proves that those programs will run under ubuntu.

I haven't tried it, but I bet they would work through WINE or Crossfire. My roommate, who used to use a ton of Photoshop, has learned to do magic with GIMP.

You can try ESET online scanner (http://www.eset.com/onlinescan/) and/or Trend Micro Online scan (http://housecall65.trendmicro.com/) and see if they detect anything.

In the case where you actually know the specific files that could be infected, you can have them scanned on a file-by-file basis at VirusTotal (http://www.virustotal.com/). You have to select individual files to upload for it to scan, but it runs dozens of different scan engines on the file.

I'm no pro at these things, but I wish you good luck.


whatever this is, is blocking me from connecting to trendmicro and eset sites

http://www.download.com/Security-Task-Manager/3000-2094_4-10246545.html?tag=mncol&cdlPid=10893530


Small download + install


Run it

See if it finds any curious Process.


If it does, then report back!

http://www.download.com/Security-Task-Manager/3000-2094_4-10246545.html?tag=mncol&cdlPid=10893530


Small download + install


Run it

See if it finds any curious Process.


If it does, then report back!


i tried hijack this, and it found a few bugs..they are now gone...

i also tried the mal-ware removal program, and it found 5,000 traces of malware and reg changes, and those have now been fixed.

i've identified the damn SOB's as msupdate.exe located in my system32 folder, along with mknl.exe

when i try to end the process in the task manager, they pop back up..

For individual file scans, I suggest this alternative (http://virusscan.jotti.org/).

Try a Combofix (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)and Smitfraudfix (http://www.geekstogo.com/forum/How-to-use-SmitFraudFix-t109268.html).

fixed..and no need to reformat!!!

fixed..and no need to reformat!!!

How? May help someone in the future.

what i did was use the malware scanner to find the files msupdate,exe and mknl.exe, stop the process from running then deleted the files.

Try a Combofix (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)and Smitfraudfix (http://www.geekstogo.com/forum/How-to-use-SmitFraudFix-t109268.html).

I got a virus last week that constantly restarted explorer.exe, so I coudln't even check to see what got installed or what was running.

Those two right there, cleaned my pc completely.

No more clicking on suspicious nfo files for me... :o

I got a virus last week that constantly restarted explorer.exe, so I coudln't even check to see what got installed or what was running.

Those two right there, cleaned my pc completely.

No more clicking on suspicious nfo files for me... :o

A lot of my pc repair biz is from cleanups. My routine is usually uninstalling stuff I know to be bad, then using Combofix, Smitfraudfix, occasionally SDfix, and of late MalwareBytes program. I then do program updates/installs of AVG and Spybot. Then I do a restore cleanup. And this is very important, turn off system restore, then restart your pc. On boot, turn system restore back on. This will remove any malware that is hiding out in your restore pts, by deleting all of them. After that I defrag, and give the machine back.

There has been some really, really nasty things going around the last few moths. In the very beginning the only way I was able to completely clean some of these systems was to back-up the clients important (clean) files and format because nothing else worked, not fun in the slightest. Thankfully I stumbled onto Malwarebytes Anti-Malware and Super Antispyware between those two programs and AVG I have a PC completely clean in about 4 hours(a couple scans of each).

I don't know if this matters but every system that has had this major of a malware infection that I have only had SP 2 installed and were quite far behind on their updates.



A lot of my pc repair biz is from cleanups. My routine is usually uninstalling stuff I know to be bad, then using Combofix, Smitfraudfix, occasionally SDfix, and of late MalwareBytes program. I then do program updates/installs of AVG and Spybot. Then I do a restore cleanup. And this is very important, turn off system restore, then restart your pc. On boot, turn system restore back on. This will remove any malware that is hiding out in your restore pts, by deleting all of them. After that I defrag, and give the machine back.


Do you normally charge by the hour for these clean ups or jut one flat flee?

I'll look into those other programs as well, thanks for the tip.

fixed..and no need to reformat!!!
I present to you how zombie networks are formed.

You HAVE to reformat, all you did was remove the threats and problems that could be found/are known. The only way to be truly safe again, is to reformat the drive.

I present to you how zombie networks are formed.

You HAVE to reformat, all you did was remove the threats and problems that could be found/are known. The only way to be truly safe again, is to reformat the drive.

fuck it, i can't afford to do it, MS has already started charging me to activate XP pro, i'm 4 months behind on work for my web design clients, i already lost 80% my portfolio/audio demos during my lest reformat...

Do you normally charge by the hour for these clean ups or jut one flat flee?

I'll look into those other programs as well, thanks for the tip.

I charge a flat fee of $75. Sadly biz is slow, most of the time people just want me to fix minor things, and I charge them for it, but it in no way keeps me afloat.