SpySheriff

Discussion in 'NZ Computing' started by Philip, Jun 10, 2006.

  1. Philip

    Philip Guest

    One of our two Windows machines (Dell Dimension 8400, Win XP SP2) has
    acquired a SpySheriff infection. AVG & Spybot report it as malware but
    don't seem able to clear it out.

    Google tells me it's resistant to being removed and can lead randomly to
    BSOD.

    A product from Canada called XoftSpy claims to be able to remove it but
    shows an unhealthy interest in my credit card, and has a website full of
    praise that is entirely self-referential.

    Any suggestions?

    Philip
     
    Philip, Jun 10, 2006
    #1
    1. Advertising

  2. On Sun, 11 Jun 2006 09:04:01 +1200, Philip wrote:

    > One of our two Windows machines (Dell Dimension 8400, Win XP SP2) has
    > acquired a SpySheriff infection. AVG & Spybot report it as malware but
    > don't seem able to clear it out.
    >
    > Google tells me it's resistant to being removed and can lead randomly to
    > BSOD.
    >
    > A product from Canada called XoftSpy claims to be able to remove it but
    > shows an unhealthy interest in my credit card, and has a website full of
    > praise that is entirely self-referential.
    >
    > Any suggestions?
    >
    > Philip


    ad-aware, ewido
     
    wogers nemesis, Jun 10, 2006
    #2
    1. Advertising

  3. Philip

    XPD Guest

    "Philip" <> wrote in message
    news:448b3595$...
    > One of our two Windows machines (Dell Dimension 8400, Win XP SP2) has
    > acquired a SpySheriff infection. AVG & Spybot report it as malware but
    > don't seem able to clear it out.
    >
    > Google tells me it's resistant to being removed and can lead randomly to
    > BSOD.
    >
    > A product from Canada called XoftSpy claims to be able to remove it but
    > shows an unhealthy interest in my credit card, and has a website full of
    > praise that is entirely self-referential.


    One of my clients purchased XoftSpy a while ago to remove some spyware......
    it didnt work. However, Xoft were in regular contact with him trying to
    assist. Cant remember the final outcome tho.
     
    XPD, Jun 10, 2006
    #3
  4. On Sun, 11 Jun 2006 09:04:01 +1200, someone purporting to be Philip didst
    scrawl:

    *SNIP*
    > Any suggestions?
    >

    The ultimate solution: reinstall.
    As a secondary option, install something that doesn't get infected with
    spyware :p

    --
    Matthew Poole
    "Don't use force. Get a bigger hammer."
     
    Matthew Poole, Jun 11, 2006
    #4
  5. Philip

    bambam Guest

    Philip <> wrote in news:448b3595$:

    > One of our two Windows machines (Dell Dimension 8400, Win XP SP2) has
    > acquired a SpySheriff infection. AVG & Spybot report it as malware but
    > don't seem able to clear it out.
    >
    > Google tells me it's resistant to being removed and can lead randomly to
    > BSOD.
    >
    > A product from Canada called XoftSpy claims to be able to remove it but
    > shows an unhealthy interest in my credit card, and has a website full of
    > praise that is entirely self-referential.
    >
    > Any suggestions?


    Have a look at SuperAntiSpyware-

    http://www.superantispyware.com/

    One of the program developers posts in alt.privacy spyware and the program
    has been getting some good feedback in there lately.
    I have the program on my computer and it seems quite nice. Can't vouch for
    it's effectiveness as I'm clean. ;)
    As for XoftSpy, it looks like it's clean now, but I wouldn't use it.

    http://www.spywarewarrior.com/rogue_anti-spyware.htm#xos_note

    --
    Calling Atheism a religion is like calling bald a hair color.
     
    bambam, Jun 11, 2006
    #5
  6. Philip

    Mark C Guest

    Philip <> wrote in
    news:448b3595$:

    > One of our two Windows machines (Dell Dimension 8400, Win XP
    > SP2) has acquired a SpySheriff infection. AVG & Spybot report it
    > as malware but don't seem able to clear it out.
    >
    > Google tells me it's resistant to being removed and can lead
    > randomly to BSOD.


    Manual removal instructions here might help:
    http://securityresponse.symantec.com/avcenter/venc/data/adware.spyshe
    riff.html

    Booting in Safe Mode is likely the key to getting it deleted
    manually.
     
    Mark C, Jun 11, 2006
    #6
  7. Philip

    SchoolTech Guest

    Philip wrote:
    > One of our two Windows machines (Dell Dimension 8400, Win XP SP2) has
    > acquired a SpySheriff infection. AVG & Spybot report it as malware but
    > don't seem able to clear it out.
    >
    > Google tells me it's resistant to being removed and can lead randomly to
    > BSOD.
    >
    > A product from Canada called XoftSpy claims to be able to remove it but
    > shows an unhealthy interest in my credit card, and has a website full of
    > praise that is entirely self-referential.
    >
    > Any suggestions?
    >
    > Philip


    Good luck
    I just reinstalled my PC to get rid of the related Brave_____ (can't
    quite remember at the moment) thing which hacks its way in.
     
    SchoolTech, Jun 11, 2006
    #7
  8. Philip

    SchoolTech Guest

    SchoolTech wrote:
    > Philip wrote:
    >> One of our two Windows machines (Dell Dimension 8400, Win XP SP2) has
    >> acquired a SpySheriff infection. AVG & Spybot report it as malware but
    >> don't seem able to clear it out.
    >>
    >> Google tells me it's resistant to being removed and can lead randomly
    >> to BSOD.
    >>
    >> A product from Canada called XoftSpy claims to be able to remove it
    >> but shows an unhealthy interest in my credit card, and has a website
    >> full of praise that is entirely self-referential.
    >>
    >> Any suggestions?
    >>
    >> Philip

    >
    > Good luck
    > I just reinstalled my PC to get rid of the related Brave_____ (can't
    > quite remember at the moment) thing which hacks its way in.


    Bravesentry - nasty thing that pops up messages saying "Windows security
    center has detected spyware in your PC" when you know full well that
    Windows Security Center doesn't do any such thing.

    Beware of tools promising "free" removal that give you a free scan but
    then demand a registration fee. As my computer was infected with several
    of these things and every time it started up they were automatically
    accessing porn sites and other nasty things which I had not authorised,
    I just bit the bullet and formatted the HDD then reinstalled Windows.

    Have a look in Google for opinions of XoftSpy - there seems to be a
    similar degree of scepticism in message boards about it.
     
    SchoolTech, Jun 12, 2006
    #8
  9. Philip

    . Guest

    In article <448bf64d$>,
    says...
    > Philip wrote:
    > > One of our two Windows machines (Dell Dimension 8400, Win XP SP2) has
    > > acquired a SpySheriff infection. AVG & Spybot report it as malware but
    > > don't seem able to clear it out.
    > >
    > > Google tells me it's resistant to being removed and can lead randomly to
    > > BSOD.
    > >
    > > A product from Canada called XoftSpy claims to be able to remove it but
    > > shows an unhealthy interest in my credit card, and has a website full of
    > > praise that is entirely self-referential.
    > >
    > > Any suggestions?
    > >
    > > Philip

    >
    > Good luck
    > I just reinstalled my PC to get rid of the related Brave_____ (can't
    > quite remember at the moment) thing which hacks its way in.
    >


    If you can find manual removal instructions for this type of scumware,
    then Barts PE (or Utimate Boot CD for Windows, a extended Barts PE) is
    very useful tool in removing this crap as it operates outside the
    Windows installation by being a live Windows CD (as some scumware can
    not even be removed from Safe mode).
     
    ., Jun 12, 2006
    #9
  10. Philip

    SchoolTech Guest

    .. wrote:
    > In article <448bf64d$>,
    > says...
    >> Philip wrote:
    >>> One of our two Windows machines (Dell Dimension 8400, Win XP SP2) has
    >>> acquired a SpySheriff infection. AVG & Spybot report it as malware but
    >>> don't seem able to clear it out.
    >>>
    >>> Google tells me it's resistant to being removed and can lead randomly to
    >>> BSOD.
    >>>
    >>> A product from Canada called XoftSpy claims to be able to remove it but
    >>> shows an unhealthy interest in my credit card, and has a website full of
    >>> praise that is entirely self-referential.
    >>>
    >>> Any suggestions?
    >>>
    >>> Philip

    >> Good luck
    >> I just reinstalled my PC to get rid of the related Brave_____ (can't
    >> quite remember at the moment) thing which hacks its way in.
    >>

    >
    > If you can find manual removal instructions for this type of scumware,
    > then Barts PE (or Utimate Boot CD for Windows, a extended Barts PE) is
    > very useful tool in removing this crap as it operates outside the
    > Windows installation by being a live Windows CD (as some scumware can
    > not even be removed from Safe mode).


    The problem is - working out how to get rid of it altogether
    I had this nasty one downloading files from traffall.biz, had been doing
    it for about a week and running stuff through porn sites behind my back
    as well, all recorded in our internet logs. Spent hours trying to get
    rid of it, I would be running Sysinternals Process Watcher (it disables
    access to Task Manager) and whoops, another process with a strange
    filename like 60AC.TMP would launch itself from somewhere. After
    checking everything I could think of I formatted and reinstalled, also
    gets rid of all the crap it downloaded. It only took a few hours to get
    everything working again from scratch.
     
    SchoolTech, Jun 17, 2006
    #10
  11. Philip

    TomC Guest

    If you are using AVG Free....dump it. it is substandard when it
    comes to trojans.
    I have done a lot of research & this is the best freebie,
    ANTIVIR http://www.free-av.com/
    It works well on old systems too! Spybot does not have a good
    reputation either for removing malware, but I use it for the
    'teatimer" which can prevent system files & registry from being
    altered without permission.

    Cheers Tom
    ......................................................

    SchoolTech wrote:
    > . wrote:
    >>>> One of our two Windows machines (Dell Dimension 8400, Win XP SP2)
    >>>> has acquired a SpySheriff infection. AVG & Spybot report it as
    >>>> malware but don't seem able to clear it out.
    >>>>
     
    TomC, Jun 18, 2006
    #11
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.

Share This Page