[Resolved] WinPatrol Website Popup
#1
Posted 14 October 2009 - 02:04 PM
Register to Remove
#2
Posted 19 October 2009 - 06:41 PM
My name is Tomk. I would be glad to take a look at your log and help you with solving any malware problems. Logs can take a while to research, so please be patient and I'd be grateful if you would note the following:
- I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
- The fixes are specific to your problem and should only be used for the issues on this machine.
- Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
- It's often worth reading through these instructions and printing them for ease of reference.
- If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
- Please reply to this thread. Do not start a new topic.
What did Malwarebytes' find?
Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
- Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
- Scroll down to where it says "JRE 6 Update 16".
- Click the "Download" button to the right.
- Select your Platform: "Windows".
- Select your Language: "Multi-language".
- Read the License Agreement, and then check the box that says: "Accept License Agreement".
- Click Continue and the page will refresh.
- Click on the link to download Windows Offline Installation and save the file to your desktop.
- Close any programs you may have running - especially your web browser.
- Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
- Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
- Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
- Repeat as many times as necessary to remove each Java versions.
- Reboot your computer once all Java components are removed.
- Then from your desktop double-click on jre-6u16-windows-i586-p.exe to install the newest version.
Go into the Control Panel and double-click the Java Icon.
- Under Temporary Internet Files, click the Settings... button
- click the Delete Files button.
- There are two options in the window to clear the cache - Leave both Checked
- Applications and Applets
Trace and Log Files
- Applications and Applets
- Click OK on Delete Temporary Files Window
Note: This deletes ALL the Downloaded Applications and Applets from the CACHE. - Click OK to leave the Temporary Files Settings
- Click OK to leave the Java Control Panel.
Download Rooter.exe to your desktop
- Then doubleclick it to start the tool
- A Notepad file containing the report will open, also found at %systemdrive%\Rooter.txt. Post that here
------------------------------------------------------------
Microsoft MVP 2010-2014
#3
Posted 19 October 2009 - 07:57 PM
#4
Posted 19 October 2009 - 08:09 PM
I'm not seeing anything either.
Let's try an online scan.
Please go to Kaspersky website and perform an online antivirus scan.
- Read through the requirements and privacy statement and click on Accept button.
- It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
- When the downloads have finished, click on Settings.
- Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
- Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Mail databases
- Spyware, Adware, Dialers, and other potentially dangerous programs
- Click on My Computer under Scan.
- Once the scan is complete, it will display the results. Click on View Scan Report.
- You will see a list of infected items there. Click on Save Report As....
- Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
- Please post this log in your next reply.
------------------------------------------------------------
Microsoft MVP 2010-2014
#5
Posted 20 October 2009 - 01:27 AM
#6
Posted 20 October 2009 - 07:38 AM
There is and always will be someone else who needs help. We do what we can so... my top priority is whomever I'm helping at the time.My problem is not really a problem it seems, so if there is anyone that needs your help more than I need it. I can wait
Let's try these issues one at a time. What exactly is WinPatrol telling you?
------------------------------------------------------------
Microsoft MVP 2010-2014
#7
Posted 20 October 2009 - 09:56 AM
"A change has been detected in Background page displayed on your Desktop
Your new page is http://vthumb.ak.fbc...1177515_734.jpg
If this is ok, then click yes or press enter,
Click No and we'll restore your page to the default
About:Home"
I always click No but it keeps popping up :S
thanks
#8
Posted 20 October 2009 - 10:33 AM
Go to start -> control panel -> Display properties -> Desktop -> Customize Desktop... -> Web tab, then uncheck and delete everything you find in there (except for "My current home page"),
Also remove the checkmark from the the Lock Desktop Items box if it is checked.
Apply.
Apply and Exit Display properties.
Then let me know what happens.
------------------------------------------------------------
Microsoft MVP 2010-2014
#9
Posted 20 October 2009 - 01:23 PM
#10
Posted 20 October 2009 - 07:06 PM
Cool.
Log looks good
You need to create a new Clean restore point:
Click Start Menu > Run > copy and paste
%SystemRoot%\System32\restore\rstrui.exe
Press OK. Choose Create a Restore Point then click Next. Name it (something you'll remember) and click Create, when the confirmation screen shows the restore point has been created click Close.
Remove all previous Restore Points
Click Start Menu > Run > copy and paste
cleanmgr
You may be asked to choose drive. Choose C: At top, click on More Options tab. Click Clean up... button in the System Restore box. Click on Yes button. When finished, click on Cancel button to exit.
Double-click My Computer.
Click the Tools menu, and then click Folder Options.
Click the View tab.
Check "Hide file extensions for known file types."
Under the "Hidden files" folder, Uncheck "Show hidden files and folders."
Check "Hide protected operating system files."
Click Apply, and then click OK.
Now to remove most of the tools that we have used in fixing your machine:
- Make sure you have an Internet Connection.
- Download OTC to your desktop and run it
- A list of tool components used in the cleanup of malware will be downloaded.
- If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
- Click Yes to begin the cleanup process and remove these components, including this application.
- You will be asked to reboot the machine to finish the cleanup process. If you are asked to reboot the machine choose Yes.
Go ahead and delete any tools that may be left.
The following is my standard advice for the future. Use what you can and pat yourself on the back for what you're already doing.
Please take time to read Preventing Malware - Tools and Practices for Safe Computing. Very important information for your consideration is contained therein.
I would also suggest you read this:
So how did I get infected in the first place?
by Tony Klein
Also: "How to prevent malware"
by miekiemoes
Please respond back that you understand the above and let me know if you have any questions. Otherwise, this thread will be closed Resolved.
------------------------------------------------------------
Microsoft MVP 2010-2014
#11
Posted 21 October 2009 - 02:13 PM
#12
Posted 21 October 2009 - 04:02 PM
------------------------------------------------------------
Microsoft MVP 2010-2014
#13
Posted 21 October 2009 - 04:03 PM
------------------------------------------------------------
Microsoft MVP 2010-2014
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users