Detected Spyware! System error #384 |
||||||
|
||||||
This is a bogus error screen that replaces your browser's home
page. The message Reads: Detected Spyware! System error #384 Your IP address is XX.XXX.XX.XX. Using this address a remote
computer has
gained access to your computer and probably is collecting the information
about the sites you've visited and the files contained in the folder
Temporary Internet Files. Attention! Ask for help of install the software
for deleting secret information about the sites you visited. You computer is full of evidences! More than likely, this message is just the tip of the iceberg. Using
simple intrusion detection tools you will see that your system
has scores of viruses, trojans, worms and other malware
installed
on
it.
The message
is trying
to get
you to
purchase some scamware. There are actually a few relatively easy ways for removing this
malware: USE FREE (LEGITIMATE) ANTI-SPYWARE COMPLETELY RE-INSTALL WINDOWS (self explanatory, and complete
overkill unless you have rootkit on your system or something
crazy like that.) *Note: You will need access to the Internet to get the tools if you don't
already have them. 1) Download HijackThis from HERE. Once downloaded, run a scan and "fix" the following items by selecting
them and clicking the fix button. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
c:\secure32.html Since you almost definitely have more than a dozen
malware applications on your system, check out my
malware removal
page and the extremely capable people at Geeks
to Go. Adaware and Spybot Search and Destroy will not remove (or even
find) the more advanced malware such as: Some malware require special attention. Also beware that Hijackthis, although
extremely affective is extremily dangerous if you try and FIX a bunch of
stuff that you are not sure about. I suggest only taking the advice of
the experts: Geeks
to Go When my test system was hit with with the "detect spyware system error"
message some malicious system change in the registry from the malware would
not allow me to connect to the Internet an download Spybot Search & Destroy
or
Adaware,
so I had
to resort to guerilla tactics, Windows System Restore. System Restore allows you to undo harmful changes to your system configurations.
This includes software conflicts and malware that edits the registry
(most do). You will NOT LOSE ANY work (i.e. Word documents, saved/downloaded
files ect). System Restore only reverts your operating systems configuration
to an earlier date. *The only down side to this is that it will affect
applications that have been installed if you installed it after the day
that you choose to Restore to. The first step is to boot into Safemode: Reboot your computer and HIT the “F8” Funtion
Key like crazy. If it doesn’t, work try again. The system should
ask you what mode you want to boot in. You want “Safe Mode” or “Safe
Mode with Networking” MORE ON SAFE
MODE Once in Safe Mode and you get to this screen... Select "NO". This will bring you to the System Restore program: The step 2 will allow you to choose the date on
which you wish to revert to. I would suggest the day just prior to the
malware affecting
your system. If you go back too far it may undo some software installs
and/or upgrades that you have have forgotten about. The last step is: Do yourself a favor and use Internet Explorer as little as possible. I
suggest Firefox:
It is faster and more secure then IE.
|
||||||
