Intelligent Computing. Computer help at your fingertips!

    Follow me on
 facebook
I compute on facebook
www.ICompute.info is Intelligent computing. Located in Coos Bay Oregon. Local On-Site service is QuickTech. Servicing PC and Mac.
(541) 260-2839
Home
Articles
Networking help
Windows Help
Computer Shopping

I love helping people help themselves. If an article helped you consider giving a few dollars. Thanks.


 
 #

Your Best Outlet

 It's okay to save Money

On-Site
Computer service-
Coos Bay, North Bend, Lakeside, Hauser, Coquille, Myrtle Point, Bandon, Reedsport, Coos River, Allegany, Fairview and others. Call for more information.

 

Windows Warning Message!
Warning!
Spyware Detected on your computer!
Install an antivirus or spyware remover to clean your computer.

 
   Warning! spyware detected on your computer, is actually spyware.

At this point it fits my definition of MALWARE. Malicious software that is difficult to remove.
   I recently had 4 computers on the bench that all had the above message all at the same time. There were other infections that these computers had, but the Warning! Spyware detected on your computer message was the one common message on all of these computers and the reason these customers had brought their computers in to be service. Two days later I had another come in for the same issue and two additional calls that sounded like the same warning. It seems like there may be some timing issue with this but I'm not sure of this.
 The message you may be seeing is not really a warning message, its a changed desktop background. This new desktop can not be removed normally. The four most common symptoms include:

1. The warning similar to the above.

2. There is no way to change the desktop in display settings.

3. Most of the Start menu items are missing.

4. Warnings from the lower right  corner of your screen about spyware or virus activity.
    You may also see a warning directly next to the clock.

Several of these computers had Norton's on them but the Norton's seemed to be installed after the infections so I cant say that the Norton's can't remove the issue to some extent but I can say that it doesn't seem to remove  %100 of the problem.

Here's how I got rid of the problem.

First download a copy of smitfraudfix, I got mine from majorgeeks this last time.

I also downloaded the current ATF-Cleaner

Next, download a copy of combofix. I got my current version from bleepingcomputer.

Make sure you have an up to date antivirus.

   I moved these removal programs to the infected computer with one of my flash drives and then restarted the computer putting it into safe mode by tapping the F8 key then choosing Safe Mode.

  When you first get this "Warning! Spyware detected on your computer!" message you will notice that most of your start menu items are missing. Things like My Computer and My Documents don't seem to be there any more. If you need to restore the My Computer choice in the start menu so you can transfer the antispyware programs, here's how to get it back:

Right click your mouse on the Start menu button

then left click properties (in XP)

then click on Customize

then click advanced

Now you will see a list of start menu programs in the middle of a window.

Scroll down to my computer and select Display as a link.

Click OK and then Apply and then OK and now when you click on the start menu you should see a choice for "My computer".

This step for restoring the "My Computer" is for those computers that don't automatically bring up a menu to open the flash drive that has your scanning programs on it when you plug it into your computer.


   Now run the smitfraudfix using the number 2 choice. While scanning, the software may ask you about running an additional scan, click "Y" and hit enter.

   If the software tells you it needs to restart your computer to finish scanning, click Y and hit enter. Your computer should reboot and most of the malware problem should be fixed.

   Now run the number 5 to clean any DNS hijacks.

   After the search is finished, click "Q" and then click enter.

   This should lead you back out of the program and back to the desktop.

   Now run the ATF cleaner making sure to select all choices given. This step shouldn't take very long.

   Close the ATF program and run the Combofix program. If you have a previously downloaded version of the Combofix program make sure to download the most current version. The software is updated on a regular basis. If you are not familiar with, or want to know more about Combofix, there is a link to the Combofix guide on one of the first pages of the program when you start to run it.

   After running the Combofix program I updated the antivirus software on these machines and then ran a scan. The Computers with the Norton's 360 v.2 found a couple of unwanted files and removed them. After rebooting several times and being on line for hours I did not have any issues with the infected computers.

   If you wanted to double check with another antispyware to make sure you have gotten rid of whatever version of this malware you had, you could run an up to date version of Malwarebytes. This program seems to work very well. I make sure I update it before running my scan and I change my scan to the "Perform Full Scan" mode so I know it will find anything that may be lurking in hidden folders.

Hope this helps...

  

   
 
 

If this helped give with the PayPal Make a Donation button.

Please leave a comment with your Donation. Thanks... Dale
This recently added counter saves unique visitors. It does not count return visitors.