1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Need Help, Not Sure if Virus...

Discussion in 'Bits & Bytes' started by ethics, Dec 8, 2002.

  1. ethics

    ethics Pomp-Dumpster Staff Member

    This is something that I didn't think would happen to me but alas!

    Now, ZAP stops this, and this doesn't occur when ZAP is on (which is 99.9% of the time) -- and why everyone needs a soft firewall--but when I turn it off to test something, at certain time intervals I get an IE pop up (regardless whether IE was started or running at the time) with porn.

    Not sure what infected it, but Adaware is UNaware. Norton Anti-Virus is clueless even with the current sig files.

    Any help would be appreciated.
  2. Coot

    Coot Passed Away January 7, 2010

    Leon, I found this page from the slashdot link Techie posted in Rick's. If you scroll down to the bottom, you'll see a reference to software being developed that will detect your connection and create a popup. I don't know if this is what's going on or not. You may also wish to check your registry as it could have been modified with a script from something else you downloaded...like say a DivX codec ;)
  3. rowd

    rowd Spark Maker

    try this little prog. This is a fast simple batch file that will delete index.dat files,history,temp,cookies,ms office recent files,and shell icon cache.
  4. midranger4

    midranger4 Banned

    Ethics are you certain they are IE pop ups? Might they be *messages* generated by the messenger service(not to be confused with Microsoft Messenger) internal to windows?

    Spammers have recently begun taking this approach as a browser need not be active to deliver one of these pop ups.

    The easiest way to stop such spam is to disable the messenger service internal to windows. In XP it is very simple to accomplish as much. Other operating systems have different methods of disabling this function that was designed to send a message across a LAN to a fellow user.

    I will edit this post and supply a hyperlink to the subject and fixes as discussed in the Security forums at BBR.

    Here be the link, its a long thread but the info you seek is in the beginning of the thread : http://www.dslreports.com/forum/remark,4699774~root=security,1~mode=flat
  5. ethics

    ethics Pomp-Dumpster Staff Member

    It's IE alright. Thanks for the suggestions, gonna try them all, one by one.
  6. ethics

    ethics Pomp-Dumpster Staff Member

    Nope. Did the Bear thingie, did the cleanup of other areas, and took down ZAP... Lo and behold, about 10 minutes in to the session, I get "Kerrie's Web Cam" photos.

    Kerrie needs to eat some more because she looks pretty anoraxic... But I digress.

    Any other suggestions?

    I find this very serious and very alarming that none of my safeties (other than ZAP) were able to pick this up.
  7. LissaKay

    LissaKay Oh ... Really???

    Download, install and run this little gem: SpyBot Search and Destroy ... I bet it will come up with a nasty or two that AdAware missed.
  8. ethics

    ethics Pomp-Dumpster Staff Member

    Doing it now. THANKS! :)
  9. ethics

    ethics Pomp-Dumpster Staff Member

    Well Well Well...

    I think that did it... I hope. :)
  10. ethics

    ethics Pomp-Dumpster Staff Member

    It's a shame Adaware was clueless on that stuff. Oh and I donated 5 bucks to the co...

    And 20 to everyone who helped out. :)
  11. bruzzes

    bruzzes Truthslayer

    Holy shit!

    You sure got all the crap! LOL!

    I use spybot in tandem with ad-aware.
    Also use jv16 Reg cleaner and spider

    All of them keep me squeaky clean.
    Although one of them deletes my Help and Support Center, all I have to do is type in:

    helpctr -regserver

    in the Run Box to get it back.
  12. Coot

    Coot Passed Away January 7, 2010

    Comet Cursors is a particularly nasty little bastich. Have you uninstalled the cursors as well?
  13. ethics

    ethics Pomp-Dumpster Staff Member

    Yes, I removed all that crap.

    This is my 12 year old's PC btw, which makes me pissed as hell not at her but at something she might have picked up. I schedule some time with her PC to see what's what and how kids browse and what they can still pick up. ZAP is my friend and I told her that if the permission thing pops up call me over. I think she probably hit NO on that nasty bugger and continued on her way, which is fine but left me confused and frustrated.

    Thank God for ZAP for not popping those babies up and thanks to the SpyBot program that found all that crap.
  14. Sunriser13

    Sunriser13 Knee Deep in Paradise

    I'm looking at what S&D is showing you, and I know darn well AdAware should have caught some of that, especially Comet Cursor and the cookies! Are you deleting all the garbage that AAW catches, and do you have the latest updates?

    I don't depend solely on AdAware, either, using SpyBot S&D alongside it. But wow, you've got some nasties there...
  15. ethics

    ethics Pomp-Dumpster Staff Member


    I am thinking I got more serious problems though since something (perhaps one of those -- there were 67 there) disabled Adaware?

    Yes, I have the new sigs and ref files. It should have picked it up, but ran it twice and nada. A few cookies with doubleclick and that's that.
  16. limeygit

    limeygit Assume Sarcasm...

    Tell Gretcha to pay attention to Daddy in the future ;)
  17. ethics

    ethics Pomp-Dumpster Staff Member

    LOL! That's not her name, Limey, but a Russian word for Buckwheat. ;)
  18. limeygit

    limeygit Assume Sarcasm...

    OK, I am a little confused why you have a windows profile named for the Russian word for Buckwheat, but assuming some strange tale of 'Our Gangs' popularity in communist Russia, and his position as a cultural hero akin to Marx, I am backing away from this thread slowly...
  19. ethics

    ethics Pomp-Dumpster Staff Member


    There's actually a story about Buckwheat.

    Every kid that was born in my time, and before, I guess, grew up on two things.

    Gretchka(Buckwheat) and Manaya (Farina) kasha. It was cheap, abundant, and kept bellies full. Every kid there jokes about it today even though we are still addicted to the damn things. ;)
  20. Sunriser13

    Sunriser13 Knee Deep in Paradise

    In researching some of your problems, Leon, it appears that RapidBlaster may be the culprit as far as the popups are concerned. What follows is from a cached page at Google... the symptoms sure sound like yours.

Share This Page