I have a webpage that interupts at very odd times (much like a popup) cept that it knocks me off online games, interupts my media player movies, opens at times when nothing is open (ex. messenger, IE, or any other apps)
The page is: www.da.ru/closed and even changes to http://softomate.da.ru other times.
I have used Panda (recently Downloaded)
Online Virus Scan, and Trojan Remover
ALL OF WHICH SAY I AM CLEAN...

IF anyone has heard of such a thing... could it be explained how I rid my PC of it?

Any suggestions are appreciated

Nope,

If panda says your clean, then your clean.

Trojan Remover is said to not be very good and only detects like 50% of trojans whereas Tauscan will detect like 94% so run a Tauscan just to be sure. It is probably nothing but hey it couldn't hurt.

clear your history, temp files and cookies

I tried the Tauscan..... nothing found

I tried the clear temp files, history, and cookies...... page came up again a couple of minutes after I done all of this.

This page acts like it has a mind of it's own. I am at the point of reinstalling windows, but I do not wish to go through all of the hassles of reactivating XP.

Someone at another message board suggested that it may be removed from my registry..
Is this possible, and where would it reside?

It sounds to me much like an adware or spyware program. They run unknown to the user and either popup ads or send info. about your computer to other places. Goto http://www.lavasoftusa.com/downloads.html and download ad-aware and run it.

how are you with using regedit?

well if it is a pop up why dont you look for a pop up stopper

I am not sure I am ready to try a POP UP stopper. There are some POP UP ads that I would like to see pop up (as crazy as this may seem) from different sites, time to time.

I am familiar with the registry, i have used it before.

And last but not least, I have allready ran AD-AWARE. added the removal file, ran it and no show NO ADS in my Registry.

Not virus. But you have been looking at porn. Down-load RegCleaner 4.3 and start searching for ".ru"'s to delete. Furthermore, I would suggest a down-load of StartCop. In the future, a little more self control.

Thank you all so much for all your input and comments.

It is appreciated very much...

This will be my last post. I tryed the last step, and cannot find a .ru in the registry anywhere. This page must have a way of hiding very well.I am about to reintall.

And to follow up mothball ... yes I looked a site for free passwords to porn ... thanks and I will use more self control in the future.

Dear internut37,
Do not re-install just yet. That may not solve your problem. Furthermore, the world seems to want to solve this type of problem by simply re-installing and this creates its own problems. More on that subject later.
You are about to delete this trojan the old-fashioned way, manually.
1- Open "Windows Explorer"
2- Click on "Drive C"
3- Click on "Programs" - this is pointless but as they say, "you never know". Look on the rightside of your screen at the programs that you computer recognizes and quickly run through them, using only your eyes, to see if anything looks strange, peculiar, or a little too neat (in some cases). If something does look out of the ordinary then:
a: Left click to highlight it.
b: Right click to open drop-down menu.
c: Click properties and read.
d: If you find a "ru" anywhere in the information given then delete the entry.
As I said, this is not the likly place to find the trojan but, it is the easier of its location.
Next.
1- Leave your Programs File and scroll down to the Windows File. Click to open it. You are now looking at somewhere between 500 - 2,000 objects.
2- First listed are the "Files" as denoted by the litte files icon. It probably is not in a "file" but read them anyway.
3- After the files is a very, very long list of "stuff" each with its own little icon. This is Mr. Trojan's neighborhood. View each one carefully. While you are at it, you might just as well delete anything else you see that you do not want on your computer. Just left click to highlight and right click for drop-down menu. There resides your delete key. Use it.
Couple of things to keep in mind:
1: If you delete a single entry that you find you infact do need, it is very, very easy to re-install that item via the program that calls for it.
2: The icons often give clues to un-usual entries.
3: VERY, VERY IMPORTANT: In fact I should hasve told you this earlier. It is not just ".ru" that you are looking for. Seek out ".de"-Germany and ".dk"-Denmark. They are often used to re-transmit trojans.
Would not be suprised that any country code otherthan U.S. and U.K. is being used.

So have fun, learn a little, and don't worry you are not going to destroy your computer.

Hey Mothball,

That was pretty good advise about toothpicking through the Windows Files. I did that out of curiousity, and was able to remove a few things that looked out of place. My puter is still running:-)))

Grateful

I had the same problem (after download & opening a "fast-downloader for Tekken" on iMesh) and solved it by deleting a file "winsvc32.exe" in the windows/system-directory.
Read eg: http://www.trend.com.tw/vinfo/virusencyclo/default5.asp?VName=WORM_KLEZ.D&VSect=T
or
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.d@mm.html .
Strange that my virusscanner didn't react!!!