Having Extreme Problems With Popup/Popupunder Ads

Discussion in 'malware problems & news' started by MelarianRi, Sep 30, 2006.

Thread Status:
Not open for further replies.
  1. MelarianRi

    MelarianRi Registered Member

    Joined:
    May 16, 2005
    Posts:
    22
    Location:
    USA, MA
    I went onto a site, the average anime site (xxx.advancedanime.com), visited by many people a day. I have been to this site in the past and so nothing seemed out of place, and then a few pop ups came up. I clicked X and continued about my ways. However, the pop-ups continued. I've run Lavasoft Ad-Aware, Spybot - Search & Destroy and the regular Yahoo! Anti Spy. Serveral objects keep coming up even after being erased.

    Network1.Popups
    WinBio32
    New.Net.Domain.Plu...
    YourEnhancement


    When I load up the computer, a couple ads pop up. I click X and they go away. Until I open the internet, then a few more pop up. I click the X till they go away. Then they stop. When I go to a new page, they come again. I close them, they stop. If anyone could please help me, I would be so beyond happy!

    I have deleted/Removed these several times and still, the pop ups continue. Can someone please help me or direct me to a part of the forums I would know?

    (I'm sorry if I posted this is the wrong section. I'm a bit shaky right now and I just need an answer fast. I get very nervous when it comes to Trojan's and Virus's...)

    Edit: I ran Trend Micro Housecall 6.5, it came up with a large number of things that should be fixed. I deleted all of them, but two couldn't be deleted.

    ADW_DSKBARB.A
    Aliasnames: Adware Softomate (NAI)
    Platform: Windows 98, ME, NT, 2000, XP, Server 2003
    First Occurence: Unspecified
    General Risk Rate: Medium

    General information about this spyware/grayware
    This adware arives on a system as a downloaded file of the malware detected as TROJ_VB.BAV.

    It is a .DLL file that adds a blank toolbar in the internet explorer browser. It may display pop-up advertisements.


    Then there is this...

    ADW_SURFSIDE.F
    Aliasnames: No more aliase names known
    Platform: Not specified
    First Occurence: Not specified
    General Risk Rate: Low

    Adware is software that displays advertising banners on Web Browsers such as Internet Explorer and Mozilla. While not catagorized as malware, many users consider adware invasive. Adware programs often create unwanted effects on a system, such as annoying pop-up ads and, in some instances, the degradation in either network connection or system preformance.

    Adware programs are typically installed as seperate programs that are bundled with certain free software. Many users inadvertently agree to installing adware by accepting the End User License Agreement (EULA) on the free software.

    Adware ar ealso often installed in tandem with spyware programs. Both programs feed off each others functionalities - spyware programs profile users' internet behavior, while adware programs display targeted ads the correspond to the gathered user profiles.



    edited to make link unclickable - Detox
     
    Last edited: Sep 30, 2006
  2. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    These objects are not being properly removed.
    They are spyware/adware.
    You could try Ewido's free scanner.
    http://www.ewido.net/en/
    The guard has a 14 day trial,but you don't have to install that.

    You are using a firewall and an antivirus program?
     
  3. MelarianRi

    MelarianRi Registered Member

    Joined:
    May 16, 2005
    Posts:
    22
    Location:
    USA, MA
    I believe I have E-Trust CA, I'm not sure. Detox gave the the site Trend Micro and I spent the last hour scanning my computer. There was a lot of files that came up that I wasn't sure about. I'm afraid to press clean because it keeps saying;

    "For some infections, "Delete" was selected to remove the infection. This will delete the infected file from the system. Important data may be lose."

    When things like that pop up, I get nervous...

    Edit:

    It didn't help... Even after detection and deletion...
     
    Last edited: Sep 30, 2006
  4. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    It's good that you have an antivirus.:thumb:

    With infections the "delete" option is common.
    Sometimes an infected file can't be cleaned or repaired.Of course it depends on what kind of file is infected.A temporary internet file doesn't matter much.
    Do you know the location of the infected files?
     
  5. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I went to the site and Antivir gave two pop ups of exploits.
     
  6. MelarianRi

    MelarianRi Registered Member

    Joined:
    May 16, 2005
    Posts:
    22
    Location:
    USA, MA
    What does that mean? (I'm not adware knowledgable)


    It didn't say... I edited my first post with somethings that may help locate it though.

    The two files that cant be deleted are files:
    c:\Program Files\Deskbar\deskbar.dll
    c:\Program Files\DeluxeCommunications\Dxc.exe
    c:\Program Files\DeluxeCommunications\DxcBho.dll
     
  7. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan

    I mean this site is not looking safe. Don,t go there again I will suggest.
     
  8. MelarianRi

    MelarianRi Registered Member

    Joined:
    May 16, 2005
    Posts:
    22
    Location:
    USA, MA
    Okay, thank you.
     
  9. MelarianRi

    MelarianRi Registered Member

    Joined:
    May 16, 2005
    Posts:
    22
    Location:
    USA, MA
    I'm heading to bed now, gosh forbdid I'm late for work or to tired. -.-

    Please continue to give suggestions, I appreciate all the help!
     
  10. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    I'm guessing that you have Windows XP.
    If so, go to Start>Control Panel click on Add or Remove Programs.Next click the box in the upper left corner "Change or Remove Programs".That should generate a list of programs.Look for Deluxe Communication and DeskBar.If they are listed remove(uninstall) them that way.

    This is what I found on Google for Deluxe Communications:
    "Deluxe Communications is an advertising network powered by contextual marketing ... For as little as one cent per unique visit,..."
    Looks like adware.
    Not real clear about DeskBar though.
     
  11. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,332
    Location:
    Netherlands
    I have written a bfu script to get rid of the deskbar infection.

    Please download Brute Force Uninstaller to your desktop.
    • Right click the BFU folder on your desktop, and choose Extract All
    • Click "Next"
    • In the box to choose where to extract the files to,
    • Click "Browse"
    • Click on the + sign next to "My Computer"
    • Click on "Local Disk (C:) or whatever your primary drive is
    • Click "Make New Folder"
    • Type in BFU
    • Click "Next", and Uncheck the "Show Extracted Files" box and then click "Finish".
    RIGHT-CLICK HERE and choose "Save As" (in IE it's "Save Target As") in order to download Deskbar Remover.
    Save it in the same folder you made earlier (c:\BFU).

    Then, please go to Start > My Computer and navigate to the C:\BFU folder.
    • Start the Brute Force Uninstaller by doubleclicking BFU.exe
    • Behind the scriptline to execute field click the folder icon http://metallica.geekstogo.com/foldericon.png and select deskbar.bfu
    • Press Execute and let it do it’s job. (You ought to see a progress bar if you did this correctly.) Don't be scared because your taskbar and desktop will disappear for a short while during this process.
    • Wait for the complete script execution box to pop up and press OK.
    • Press exit to terminate the BFU program.
    Reboot and let us know what problems are left to be dealt with.

    Regards,

    Pieter
     
  12. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    Heya MelarianRi - sorry I wasn't more help earlier but Pieter here is just the expert I had in mind ;-) Listen to him when you come back and things will be peachy soon :D
     
Loading...
Thread Status:
Not open for further replies.