Not trying to piss anyone off here as I enjoy this site but I have twice today picked up a malwear called Virtumundo. I cleaned it and had no problems until I came back to this site. So I cleaned it a again and to test it I came back to this site and I have found it again now.

Im on my work PC and we have minimal windows firewall so that on us but I thought I would mention this so admin here might be able to look into it. FYI

Not trying to piss anyone off here as I enjoy this site but I have twice today picked up a malwear called Virtumundo. I cleaned it and had no problems until I came back to this site. So I cleaned it a again and to test it I came back to this site and I have found it again now.

Im on my work PC and we have minimal windows firewall so that on us but I thought I would mention this so admin here might be able to look into it. FYI

Are you just accessing the forums? If so, I highly doubt the malware came from here. I've been here for several years, and have yet to encounter malware from the forums.

From the internet, I find:

--------------------------
VirtuMundo, also known as VirtualMundo and VirtuMonde, is a widely spread adware spyware that downloads from the Internet and shows large amount of unsolicited pop-up advertisements. The threat regularly contacts predetermined web sites to receive ads and additional instructions. VirtuMundo is bundled with some spywares and advertising-supported applications. It can also be manually installed. The threat automatically runs on every Windows startup.
--------------------------

There are removal instructions also. Just do a google or yahoo lookup. When you believe you had previously cleaned your PC, had you rebooted? Did you rescan your comp again, just to make sure it was clean?

Please try to be more specific as to why you think it is here, and which activities you think are triggering it, such as downloading a specific mod, etc.

Well the reason I felt like I got it from here is because my computor was acting fine until I visited this site tonight and then all the pop ups started. I logged on to another pc here at work and did a few things fine and then I visited this site and now the pop ups have started on that pc.

Im at work and do not have admin priviledges on these pc's so I cant download anything including anything that removes adware. We have this lame basic windows firewall and trend micro for scanning our pc's. Its finding the malwear but Im still having trouble getting rid of it.

I dont know???

Well the reason I felt like I got it from here is because my computor was acting fine until I visited this site tonight and then all the pop ups started. I logged on to another pc here at work and did a few things fine and then I visited this site and now the pop ups have started on that pc.

Im at work and do not have admin priviledges on these pc's so I cant download anything including anything that removes adware. We have this lame basic windows firewall and trend micro for scanning our pc's. Its finding the malwear but Im still having trouble getting rid of it.

I dont know???

You're going to have to get with your IT guy to get rid of it. A good choice would be a quick install of MBAM. He'll probably know what that is. I can't dismiss your claim because Norton has been alarming me to phishing attempts at this website since yesterday. Since you're at work, I'll assume you weren't trying to download an addon from here, so I'm going to have to point the finger at these damn ads again. Something (if anything can) needs to be done about this kind of thing. People are not going to want to come here if they keep being put at risk. Some of us are well protected and can shake it off, some, as seen in this case, are not, and can't.

Edit: Hate to tell you, but expect IT to ban this website after this :( They don't have a lot of choice..if they're a halfway decent department that is.

You're going to have to get with your IT guy to get rid of it. A good choice would be a quick install of MBAM. He'll probably know what that is. I can't dismiss your claim because Norton has been alarming me to phishing attempts at this website since yesterday. Since you're at work, I'll assume you weren't trying to download an addon from here, so I'm going to have to point the finger at these damn ads again. Something (if anything can) needs to be done about this kind of thing. People are not going to want to come here if they keep being put at risk. Some of us are well protected and can shake it off, some, as seen in this case, are not, and can't.

Edit: Hate to tell you, but expect IT to ban this website after this :( They don't have a lot of choice..if they're a halfway decent department that is.

A: I haven't seen the recent stats for Trend Micro, but it may detect and remove the majority of the infection, but VM is one of several that has a second part that will re-install the rest of VM if it is partially removed.

B: Says something about Windows, that you don't have admin priv's and can't install anything, yet get spyware? TrendMicro may not be able to remove the infection because of this very thing. VM likely exploits something to escalate its rights and has some files locked that you do not have rights to remove. This is something for your IT since it is not your computer, it is your employer's computer. As a tool provided to you to do your work, they are ultimately responsible for providing a working tool. You just need to use it responsibly.

C: There may be other security present on the network. A firewall won't keep out spyware anyway. Only a gateway scanner checking the web pages as they come in, or a spyware scanner on your computer will check things. You might also ask about Mozilla Firefox.

D: At home, I'd suggest giving Spybot a try as well. It, like some but few free others, has the ability to install and scan in safe mode, and also scan when the computer boots but before Windows fully starts, catching the infection when it can be removed.

Well the reason I felt like I got it from here is because my computor was acting fine until I visited this site tonight and then all the pop ups started. I logged on to another pc here at work and did a few things fine and then I visited this site and now the pop ups have started on that pc.

Im at work and do not have admin priviledges on these pc's so I cant download anything including anything that removes adware. We have this lame basic windows firewall and trend micro for scanning our pc's. Its finding the malwear but Im still having trouble getting rid of it.

I dont know???

What you are saying now is different than what you said earlier.

Earlier, you said you had gotten the malware, and then cleaned your comp, and came back here and got it again.

Now, you say you can't clean your comp.

I have yet to receive the warnings for here, which is certainly NOT conclusive as to whether this site is the source of your troubles. But, you say you are only visiting the forums (and, I presume not clicking on links others put into their posts which may be to malware affected sites).

The fact that you can't install things on your comp, yet the spyware showed up is a bit confusing....

You don't say if you have tried the removal instructions I mentioned earlier.

As an FYI, please don't post a topic if you're suspecting you're getting something hostile from the website. Instead, fire off a personal message to someone with a Blue name so they can take care of it, instead of spreading mass chaos throughout the forums.

What you are saying now is different than what you said earlier.

Earlier, you said you had gotten the malware, and then cleaned your comp, and came back here and got it again.

Now, you say you can't clean your comp.

I have yet to receive the warnings for here, which is certainly NOT conclusive as to whether this site is the source of your troubles. But, you say you are only visiting the forums (and, I presume not clicking on links others put into their posts which may be to malware affected sites).

The fact that you can't install things on your comp, yet the spyware showed up is a bit confusing....

You don't say if you have tried the removal instructions I mentioned earlier.

It can still be downloaded through the browser. The trouble is, this adware spreads itself all over gods creation, so if you don't remove all traces, it replicates. His IT needs to check their Java version because that's usually how it gets through. Old versions are exploitable. All that being said, I've been here 3 times today and my sandbox has picked up nothing. I am however still getting phishing attempt warnings from Norton.

As an update to this situation, Norton is no longer claiming that this website is phishing. I can only assume it was an ad that was here. As far as Boneshaker's issue, it really could have only been a drive-by download that was embedded in either a link he clicked or an ad placed. I can only say he was lucky to have been behind a limited user account. In any case, so far, the problems seem to have passed.