Fake warning popup w/ Windows Explorer

By PureLife
Oct 7, 2008
  1. A few days ago I went to the Control Panel to adjust my sound settings, but on the way I was hit with a poorly-spelled warning message that said something like, "Attention, ! Dangerous files have infected your computer and may have corrupted Windows registry" or something like that. It told me to go to a website and download some software to remove the infections and presented me with "yes" and "no" buttons. However, pressing either one (I couldn't close it any other way) opened a tab in Opera with some website made to look like a Windows Explorer window. Needless to say I got the heck outta there.

    I also tried using Internet Explorer and was bombarded with the same popup and many worse as soon as I opened it. Fortunately I only use IE when something doesn't work with Opera.

    I scanned with AVG and followed all of the 8 directions in the thread stickied at the top. A couple scanning programs found infections and cleared them. Attached are the logs.

    Anyone else had this problem? I'm afraid to check and see if the popup warning is gone or not.

    Attached Files:

  2. BillAllen55

    BillAllen55 TS Maniac Posts: 368

    Try This website

    I would suggest you try this website.
    Read the directions it gives specific direction how to 'parse' your files - it will then return to you information that when you run your mouse over the colored entries it will then give direction as to what to do with the evaluation when returning to the hijackthis! program.
    This gives you the chance to look over your hijackthis! logs and in an preliminary manner evaluate what you have going on with your OS.
    Please know this is not the last word in highjackthis! logs evaluation but may give an insight as to what you have going on. I ran your logs through this evaluation and found something interesting files.

  3. PureLife

    PureLife TS Rookie Topic Starter

    I should mention that the symptoms appear to have vanished. I can open IE or Windows Explorer without fear.
  4. BillAllen55

    BillAllen55 TS Maniac Posts: 368

    As a follow up there is a program that will run in safe mode only that is called sdfix
    this will scan your computer fully to check for any types of insidious spyware trojan
    files that may remain after the 8-step process. This is the webpage for that program:

    Please read and carefully follow the directions. Paying careful attention to the fact that one must run the program in safe mode 'without' the help of shortcuts listed on the desktop.
    Good luck!

  5. gt3911

    gt3911 TS Rookie Posts: 19

    Hi PureLife,

    Your Acrobat reader is out of date, you should update this.

    Nothing is personally jumping out at me now, you seem clean.

    You might want to clean up some programs via add remove programs in your control pannel, you seem to have alot of tool bars and junk i imagine you probably dont use / need.

    You can tell HJT to remove

    O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)


    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    Sounds to me as though you've removed the problem sucesfully though.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...