SPY SHERIFF- -AAARRGGGHHH!!!

Computer builds, hardware and software discussion or troubleshooting, including peripherals. Essentially a general place to talk about desktop computers.
Locked
User avatar
richardj
Posts: 1382
Joined: Fri Sep 10, 2004 11:02 pm

SPY SHERIFF- -AAARRGGGHHH!!!

Post by richardj »

YES---LUCKY ME!

I have been infected by Spy Sheriff

It puts a big flashing red circle in your taskbar & keeps poping up-

YOU HAVE BEEN INFECTED-----------------click here to order

ITS THE WORSE YET!!

I hade to run a gazzillion antispy programs to clean it-a local PC Tech said usually you have to reformat.

Even after my programs said it was gone, I'd be idle on the internet & my activity lite on my DSL modem was going insane..

The firewall kept saying 'system' wants to access the internet. :no no no:

It turns out that this spyware puts 2 .exe programs in the C: folder----

Sysevent.evt & Secevent.evt

So, even in safe mode if you delete these another couple of files called appevent.evt & country.exe in Systems folder reinstalls them on the next reboot.

You can't delete them in Windows without shutting the processes down 1 by 1 & then try to delete them.

TERRIBLE---JUST TERRIBLE!!


LOOK HERE FOR MORE INFO :banghead:

Archived topic from Iceteks, old topic ID:4263, old post ID:34430
User avatar
Red Squirrel
Posts: 29209
Joined: Wed Dec 18, 2002 12:14 am
Location: Northern Ontario
Contact:

SPY SHERIFF- -AAARRGGGHHH!!!

Post by Red Squirrel »

lol and how did you manage to get that on your PC?

Archived topic from Iceteks, old topic ID:4263, old post ID:34431
Honk if you love Jesus, text if you want to meet Him!
User avatar
richardj
Posts: 1382
Joined: Fri Sep 10, 2004 11:02 pm

SPY SHERIFF- -AAARRGGGHHH!!!

Post by richardj »

Red Squirrel wrote: lol and how did you manage to get that on your PC?
cRACK SITES :P :rolleyes: :no no no: <_>

Spysheriff Clones

The company that developed Spysheriff has known that people have become more aware of Spysheriff being malware and has created several Spysheriff clones that have different names and styles than Spysheriff, but share the same interface and similar behaviors of Spysheriff. Below is a list of names of Spysheriff clones.

* Pest Trap
* SpywareNo
* SpyDemolisher
* SpyFalcon
* BraveSentry

also Smit.fraud.c THIS IS WHAT I HAD ALONG WITH Spy Sheriff :pissed off:

PLUS you have to manually edit the registry. :angry:

Now I'm running 3 spyware programs (as they each find something the other 1 didn't ) plus antivirus

Archived topic from Iceteks, old topic ID:4263, old post ID:34432
User avatar
Death
Posts: 7919
Joined: Thu Sep 30, 2004 10:12 pm

SPY SHERIFF- -AAARRGGGHHH!!!

Post by Death »

Ooooh that's nasty when they re-activate on reboot because you've overlooked a file. I'll have to keep my eye out for that one.

Archived topic from Iceteks, old topic ID:4263, old post ID:34435
User avatar
Red Squirrel
Posts: 29209
Joined: Wed Dec 18, 2002 12:14 am
Location: Northern Ontario
Contact:

SPY SHERIFF- -AAARRGGGHHH!!!

Post by Red Squirrel »

From working on customer PCs I've seen it all, the worse are the 2 process ones, where if you terminate 1 process, the other reactivates it AND re-adds all the info in the registry. So the only way to kill it is to deactivate BOTH processes at the SAME time, remove BOTH from starting up (usually very hidden, not nesesarily set at system startup, perhaps browser startup or some kind of script action for a menu). Usually ends up safe mode is only way. a bad nt "feature" is the ability for processes to tell you "access denied" if you try to terminate them, which of course is usually the case with these nasties.

Archived topic from Iceteks, old topic ID:4263, old post ID:34437
Honk if you love Jesus, text if you want to meet Him!
User avatar
richardj
Posts: 1382
Joined: Fri Sep 10, 2004 11:02 pm

SPY SHERIFF- -AAARRGGGHHH!!!

Post by richardj »

Heres a list of files it can install:

EXE Files
crack.exe
install.exe
kernels8.exe
netst32.exe
netstat2.exe
netstat32.exe
runapl[1].exe
spysheriff.exe
spysheriff.exe-06c9bfd9.pf
spytrooper.exe
spywareno.exe
ss_setup.exe
startguard.exe
tool2.exe
tool4.exe
tool5.exe
uninstall.exe
us.exe
vxh8jkdq2.exe
winctrl32.exe
winstall.exe

DLL Files

access98.dll
dcom_14.dll
dxfi32.dll
heur000.dll
heur001.dll
heur002.dll
heur003.dll
iesecurity.dll
lbxfm32.dll
mpatrol.dll
procmon.dll
toolbar.dll
wmeayl32.dll

Other Files

3a6.tmp
base.avd
base001.avd
base002.avd
c.tmp
found.wav
notfound.wav
removed.wav
spysheriff.dvm
spysheriff.lnk :cry:

MORE INFO

Archived topic from Iceteks, old topic ID:4263, old post ID:34451
User avatar
Death
Posts: 7919
Joined: Thu Sep 30, 2004 10:12 pm

SPY SHERIFF- -AAARRGGGHHH!!!

Post by Death »

Oh that's evil


Archived topic from Iceteks, old topic ID:4263, old post ID:34452
User avatar
Wren
Posts: 2881
Joined: Sat Jan 25, 2003 7:36 pm

SPY SHERIFF- -AAARRGGGHHH!!!

Post by Wren »

Yep, sometimes it's easier to do a reinstall than try to find all the junk and get rid of it. :angry:

Archived topic from Iceteks, old topic ID:4263, old post ID:34453
Anonymous

SPY SHERIFF- -AAARRGGGHHH!!!

Post by Anonymous »

i have the same problem!! but i don't know what to do!!
i had tryed to install spy doctor and doesn't work!!! then i had installed pest trap, but i can't find the crack for activate the programme and remore all the viruses!!!!! if someone could help... it would be very cool!!!...
thanks
cya

Archived topic from Iceteks, old topic ID:4263, old post ID:34896
User avatar
richardj
Posts: 1382
Joined: Fri Sep 10, 2004 11:02 pm

SPY SHERIFF- -AAARRGGGHHH!!!

Post by richardj »

click

Archived topic from Iceteks, old topic ID:4263, old post ID:34928
Locked