Fake warning popup w/ Windows Explorer

Status
Not open for further replies.
P

PureLife

A few days ago I went to the Control Panel to adjust my sound settings, but on the way I was hit with a poorly-spelled warning message that said something like, "Attention, ! Dangerous files have infected your computer and may have corrupted Windows registry" or something like that. It told me to go to a website and download some software to remove the infections and presented me with "yes" and "no" buttons. However, pressing either one (I couldn't close it any other way) opened a tab in Opera with some website made to look like a Windows Explorer window. Needless to say I got the heck outta there.

I also tried using Internet Explorer and was bombarded with the same popup and many worse as soon as I opened it. Fortunately I only use IE when something doesn't work with Opera.

I scanned with AVG and followed all of the 8 directions in the thread stickied at the top. A couple scanning programs found infections and cleared them. Attached are the logs.

Anyone else had this problem? I'm afraid to check and see if the popup warning is gone or not.
 

Attachments

  • hijackthis.log
    12.8 KB · Views: 10
Try This website

I would suggest you try this website. http://hjt.networktechs.com/
Read the directions it gives specific direction how to 'parse' your files - it will then return to you information that when you run your mouse over the colored entries it will then give direction as to what to do with the evaluation when returning to the hijackthis! program.
This gives you the chance to look over your hijackthis! logs and in an preliminary manner evaluate what you have going on with your OS.
Please know this is not the last word in highjackthis! logs evaluation but may give an insight as to what you have going on. I ran your logs through this evaluation and found something interesting files.

Regards.
 
As a follow up there is a program that will run in safe mode only that is called sdfix
this will scan your computer fully to check for any types of insidious spyware trojan
files that may remain after the 8-step process. This is the webpage for that program:
http://downloads.andymanchesta.com/RemovalTools/SDFix_ReadMe.htm

Please read and carefully follow the directions. Paying careful attention to the fact that one must run the program in safe mode 'without' the help of shortcuts listed on the desktop.
Good luck!

Regards.
 
Hi PureLife,

Your Acrobat reader is out of date, you should update this.

Nothing is personally jumping out at me now, you seem clean.

You might want to clean up some programs via add remove programs in your control pannel, you seem to have alot of tool bars and junk i imagine you probably dont use / need.

You can tell HJT to remove

O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)

and

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Sounds to me as though you've removed the problem sucesfully though.
 
Status
Not open for further replies.

Similar threads

M
Virus warning popup
Replies
1
Views
539
Mark Fuller
M
midian182
Beware: Fake LastPass app sneaks onto Apple's App Store
Replies
3
Views
244
m4a4
m4a4
midian182
Microsoft rolls out fix for Windows 11 File Explorer bug after 15-month wait
Replies
9
Views
341
zamroni111
Z

Latest posts

Back