SamK04
asked on
What is zrt_lookup.js from Google?
I have begun receiving a notification to "Open or save zrt_lookup.js from googleads.g.doubleclick.ne
Sam
Sam
ASKER
It's fairly steady and comes up about every third or fourth website.
I don't remember it before I installed that Comodo firewall.
I don't have a file by that name from a file search either.
I will review the links and check for infection but I run MS Security Essentials and Malwarebytes scans regularly.
I hope it's just something that provides another ad window on a webpage and would like to block it if possible.
Thanks
I don't remember it before I installed that Comodo firewall.
I don't have a file by that name from a file search either.
I will review the links and check for infection but I run MS Security Essentials and Malwarebytes scans regularly.
I hope it's just something that provides another ad window on a webpage and would like to block it if possible.
Thanks
Can you upload zrt_lookup.js to https://www.virustotal.com/ ?
SamK04--
From my post http:#a40361396
"Can you use System Restore to go back to a date before you got the messages? "
"That Trojan can be eliminated using the long procedure here
http://malwaretips.com/blogs/trojan-win32-urelas-w-removal/
(see the section "How to remove Trojan:Win32/Urelas.W virus (Removal Guide)") "
"You may want to post this question here
https://www.experts-exchange.com/Software/Anti-Virus/ "
While only a work around, do you have the IE Popup Blocker turned on? (IE Tools|Popup Blocker)
From my post http:#a40361396
"Can you use System Restore to go back to a date before you got the messages? "
"That Trojan can be eliminated using the long procedure here
http://malwaretips.com/blogs/trojan-win32-urelas-w-removal/
(see the section "How to remove Trojan:Win32/Urelas.W virus (Removal Guide)") "
"You may want to post this question here
https://www.experts-exchange.com/Software/Anti-Virus/ "
While only a work around, do you have the IE Popup Blocker turned on? (IE Tools|Popup Blocker)
ASKER
I have no system restore point to revert back to before the notifications began, but I did run the long list of scans and came up clean. I uploaded the file to virustotal and it came back ok also. Let me post this in the antivirus forum and see what else may come.
If I post somewhere else can someone advise how to grade this question?
If I post somewhere else can someone advise how to grade this question?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you, I took your advice and backed up, scanned and let it run. No problems since. Continued scans have turned up clean and all suggested malware scans earlier were helpful.....
Sam
Sam
SamK04--
Glad all is well. You are welcome.
Glad all is well. You are welcome.
First, some background.
This may be related to Google AdSense. Is this happening on a website you coded? Is this happening on one specific website or many?
There are many references to zrt_lookup.html but very few to zrt_lookup.js. A scan of the latter using many different antivirus scanners resulted in only one hit--related to a Trojan Win32/Urelas.W .
http://r.virscan.org/report/b0dd9c1a0a31bff01154ae614144422d
That Trojan can be eliminated using the long procedure here
http://malwaretips.com/blogs/trojan-win32-urelas-w-removal/
(see the section "How to remove Trojan:Win32/Urelas.W virus (Removal Guide)")
That is a lot of work for what may be an incorrect diagnosis.
I understand this started fairly recently. Can you use System Restore to go back to a date before you got the messages? Try that first.
Do you find a file named zrt_lookup.js on your PC? If so have Virus Total do a scan of it. https://www.virustotal.com/
You may want to post this question here
https://www.experts-exchange.com/Software/Anti-Virus/