Background message "Warning! Spyware detected
Solved/Closed
Related:
- What is the risk of turning off messages about virus protection
- Goose virus - Download - Other
- Ntuser.dat virus - Guide
- K9 web protection - Download - Networks
- How to turn off location in viber messages - Guide
- Attrib - r-h-s /s /d *.* virus ✓ - Windows Forum
84 responses
I appear to have been infected with this problem. I could not find the link to which you refer. I went to the web site you listed, and did a search for the string of letters and numbers you mention to identify the entry that was supposed to contain the needed fix. My search for that string did not yield any result. Can you confirm that you had a correct listing to find the fix, or can you copy the instructions and send them to me by email? I am desperate, and have worked on this problem for over a week without success. I simply cannot get the bogus message to disappear.
hey ebomb! thanks so much for the info! it worked..... However I am still having problems with my internet explorer and firefox.
For example whenever I search something on google, if I click on any of the links that my search brings up, I will be taken to a different page. Theses pages are always some stupid advertising for random antivirus or anti-spyware software. I cant seem to get rid of this problem. If anyone can help me fix this, I would greatly appreciate it!
For example whenever I search something on google, if I click on any of the links that my search brings up, I will be taken to a different page. Theses pages are always some stupid advertising for random antivirus or anti-spyware software. I cant seem to get rid of this problem. If anyone can help me fix this, I would greatly appreciate it!
Ebom is the greatest !!!.
Worked for me too, thanks.
Also delete Rich Video Codec in IE
Thanks again
Worked for me too, thanks.
Also delete Rich Video Codec in IE
Thanks again
Hi people,
Ive been havin problems with this one just now.. its very vague as per how I got it, my fiance tells me she didnt do anything out of the ordinairy..
Anyway, I caught the bugger in a very early stadium, where it hasnt altered my security settings.
I have had this one with various workstations at work and I can tell you that it isnt over by doing the steps Ebomb provided.
Although when you get it in the early stage (be sure that the screensaver didnt enable itself yet) you can remove it with those steps.
When you did them (In safe mode!! with the network cable unplugged!!) do NOT reboot until you have checked the following:
Before you do anything, Start > Run > regedit [Enter]
look for ScreenSaveActive and put that to 0 (it disables the screensaver)
Check Msconfig (start > Run > Msconfig [Enter] ) and go to the startup tab, check if theres anything that you dont trust.. or turn off everything for safety
Check your screensaver file
Go to c:\Windows\system32\drivers\etc and edit the hosts file in notepad (open with notepad)
See if theres anything else but 127.0.0.1 in there.. if there is anything else, delete everything unless you have put it there
Check your entire registry for those 3 letters (for example e2s) plus scr (search for *e2s.scr) and change that into ribbons.scr (default windows screensaver)
and do the same for .bmp
Delete all your cache and cookies, AND your system restore points and turn on security in IE/firefox
If you still have problems, I suggest installing a premium antivirus package or bringing the machine to an expert, if you dont want to pay for it, re-install windows after backing up everything :)
Ive been havin problems with this one just now.. its very vague as per how I got it, my fiance tells me she didnt do anything out of the ordinairy..
Anyway, I caught the bugger in a very early stadium, where it hasnt altered my security settings.
I have had this one with various workstations at work and I can tell you that it isnt over by doing the steps Ebomb provided.
Although when you get it in the early stage (be sure that the screensaver didnt enable itself yet) you can remove it with those steps.
When you did them (In safe mode!! with the network cable unplugged!!) do NOT reboot until you have checked the following:
Before you do anything, Start > Run > regedit [Enter]
look for ScreenSaveActive and put that to 0 (it disables the screensaver)
Check Msconfig (start > Run > Msconfig [Enter] ) and go to the startup tab, check if theres anything that you dont trust.. or turn off everything for safety
Check your screensaver file
Go to c:\Windows\system32\drivers\etc and edit the hosts file in notepad (open with notepad)
See if theres anything else but 127.0.0.1 in there.. if there is anything else, delete everything unless you have put it there
Check your entire registry for those 3 letters (for example e2s) plus scr (search for *e2s.scr) and change that into ribbons.scr (default windows screensaver)
and do the same for .bmp
Delete all your cache and cookies, AND your system restore points and turn on security in IE/firefox
If you still have problems, I suggest installing a premium antivirus package or bringing the machine to an expert, if you dont want to pay for it, re-install windows after backing up everything :)
Hi VitiatR,
This is another form of the virus that I havent encountered yet. Try to follow my instructions in the later on message on this thread, and specifically the hijackthis steps (put it on a usb stick on a non-infected computer)
Look for suspicious files and delete them on startup (very important to remove network cable before you do this) and also delete them out of the prefetch directory (look for the same filename with .pf instead of .exe)
Then reboot and try again.
This is another form of the virus that I havent encountered yet. Try to follow my instructions in the later on message on this thread, and specifically the hijackthis steps (put it on a usb stick on a non-infected computer)
Look for suspicious files and delete them on startup (very important to remove network cable before you do this) and also delete them out of the prefetch directory (look for the same filename with .pf instead of .exe)
Then reboot and try again.
https://www.malwarebytes.com/ THEY HAVE A FREE SOFTWARE it help me to remove the background "warning..etc.. in just 6 minutes of scanning.
Aug 23, 2008 at 11:35 PM
The characters that E-bomb referenced were randomly generated by the trojan virus. It will be different for every one. Do a Windows Search of *.bmp files, and fine the file that is your background image. It should be a somewhat random sequence of letters and numbers. It is this sequence that you should use.