PSX5Central
Non Gaming Discussions => Off-Topic => Topic started by: Cerberus on October 08, 2004, 03:31:49 AM
-
Everytime I click a link on a web page, a pop up window opens up saying "tired of pop ups? your system has adware installed". I close it, and then my firewall tells me that msxmidi.exe is trying to access the internet. It\'s classed as high risk.
The warning message keeps coming up over and over.
When I run my antivirus software & adaware, it finds threats each time, when I delete them, as soon as I repeat the scan, they are there again.
WTF is causing this? and wtf is msxmidi.exe?
Furthermore, how the hell do I stop it?
-
http://www.pestpatrol.com/pestinfo/m/msxmidi.asp
"Hijacker: Any software that resets your browser\'s settings to point to other sites. Hijacks may reroute your info and address requests through an unseen site, capturing that info. In such hijacks, your browser may behave normally, but be slower.
Dropper: In viruses and trojans, the dropper is the part of the program that installs the hostile code onto the system."
-
they come back, because they run as services
regedit is your friend
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run
-
Can someone give me detailed directions as how to fix this please?
I need step by step stuff, as I\'ve never come across anything like this before.
-
go into your start menu, then click run
type regedit in the run box
go to the folder mm is guiding you to, then delete the suspect item
-
I want to make sure I\'m not deleting something I shouldn\'t be by mistake here, so can someone tell me which one it is? I\'m assuming it\'s the last one, but I don\'t want to risk it without knowing for sure.
By deleting this one thing, will that solve all the problems with pop-ups & trojans and stuff??
-
Cerberus have you tried CWShredder. I had something similar that Ad-aware and spybot couldn\'t deal with. CWShredder did.
-
link?
-
http://www.spywareinfo.com/~merijn/files/cwshredder.zip
-
that link doesn\'t work
-
Strange, it works for me. Anyway here a some other links to try:
http://www.zerosrealm.com/downloads/CWShredder.zip
http://www.lurkhere.com/~nicefiles/CWShredLast.exe
-
I downloaded it, ran it. It found something, I got rid of it, and almost instantly, another pop up came up with links to porn sites.
What the **** is happening??????
This is starting to **** me off big time now, it\'s now sending me to sites where it tries to flood my HD with trojans.
This is seriously ****ed up.
-
nm, one link in the page not working
-
Originally posted by Cerberus
I downloaded it, ran it. It found something, I got rid of it, and almost instantly, another pop up came up with links to porn sites.
What the **** is happening??????
This is starting to **** me off big time now, it\'s now sending me to sites where it tries to flood my HD with trojans.
This is seriously ****ed up.
You must close all windows when you run it Cerberus. That includes all IE windows and connections. I also found that I had to run Ad-aware and spybot after CWShredder to clear my problem fully.
-
run it from safe mode also
then run sbybot s&d, then adaware
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects
is another place spyware hangs out
-
I\'ve run adaware, spybot s&d, and they found nothing, but now every time I start my pc, I get the following boxes come up.
Has this fixed the problem? How do I get rid of the boxes coming up everytime I restart my comp?
I\'ve run my antivirus software, and nothing was found.
How can I be absolutely sure that the problem is now fixed, as so far (touch wood) no pop ups have appeared?
-
crap, I forgot to add the attachment.
-
anything in start - all programs - startup?
have you done a registry search for msxmidi? search file explorer? is it a running service? checked msconfig?
-
Originally posted by mm
anything in start - all programs - startup?
have you done a registry search for msxmidi? search file explorer? is it a running service? checked msconfig?
No offense to Cerebus - but if he is freaking out on this forum, I doubt it occured to him to do registerty searchs and MSCONFIG.
Just my observation.:)
-
In startup, just something called Exif Launcher, I did a search for msxmidi in the registry, and the following came up.
Just out of curiosity, is the msxmidi.exe filed used for anything legitimate? If deleted, will certain things cease to function correctly?
-
Originally posted by Living-In-Clip
No offense to Cerebus - but if he is freaking out on this forum, I doubt it occured to him to do registerty searchs and MSCONFIG.
Just my observation.:)
Well, thankf for that contribution, but like I said, nothing like this has ever happened to me before, so I\'m a n00b at it I guess.
-
msxmidi is hardly legit
did you even google it?
-
No.
-
then doooo it
-
I did. I deleted the file, now I\'m getting this error message periodically.
What is causing this now?
-
sysfader is a transition effect, basically makes your menus and such fade out... I personally wouldn\'t use that in the first place (bogs your system down and uses up to 15% of your CPU cycles). Looks like you may have deleted something you shouldn\'t, or have more that needs to be removed. I take it your computer is still functional?
-
reinstall your os and use Firefox instead :)
Or use XP with SP2 if you can\'t let go of Internet Explorer
-
Originally posted by JBean
I take it your computer is still functional?
Yeah, pretty much.
Someone gave me a link to a free virus scanner called AVG, and every other time I run it, it keeps finding thigs called A0137535.exe, A0137536.exe & so on.
I\'ve no idea what they are, and I did a search for them, but nothing came up. Are these real viruses, or is it just finding slightly suspect files?
If they are just files it is finding as a bit suspicious, are they files that have been placed on my hd externally, or are they ready existant files that have become corrupted?
-
spend an hour saving files you wanna keep to CD, then reinstall your OS, deleting your your HD when it prompts you to. It is much less of a headache, I just did it.