The threat of SpySheriff

[nesredep egrob]

Some people will do almost anything for cash. Today my computer has been
infected with SpySheriff, a completely unwanted program pretending to discover
SPYware that other program do not see.

Just to impress, they have opted for a half dozen terrible threats which I
suspect is all in fantasy land. Now had it been 1 or two or maybe even 5 then I
would have had some worry but half a dozen sound like someone gathering eggs on
a farm. I suppose it is slightly better than the bakers dozen.

I wonder, how to keep these kind of people out of the computer. Just to let you
have a look and verify that you have the same threats on you computer, I have
set up a jpeg of the SCARY warning that arrived to tell the computer was
corrupted by these people.

You can see and download that picture at
http:\\www.members.ii.net\~borge\spysheriff

I have now googled the problem and see that Lavasoft who make the AdAware in
Sweden have managed to find somthing the get rid of the threat.
You get to download a file called defs.zip which you should place in the folder
called Lavasoft. That will after a bit of trouble and a re-boot get to work on
the Sheriff and boot him out.

Other things I have read is that my assumption was correct - it is a nuisance
but nothing as bad as it pretends to be. However it plants a large stop sign on
your desktop and is therefore hard to ignore.
Follow the instructions and you will get rid of the problem.

Borge

B.Pedersen Latitude -31,48.21 Longitude115,47.40 Time=GMT+8.00
If you are curious look here http://www.mapquest.com/maps/latlong.adp

 

[George Hester]

Your post is suspicious pal. Why don't you post a direct link to the image
like a jpg or a gif? Why the default folder and adp?

 

[nesredep egrob]

Your post is suspicious pal. Why don't you post a direct link to the image
like a jpg or a gif? Why the default folder and adp?

Sorry - that is the only way that I know how to post. In iinet we are members
and that leads us to the place where we have 30 MB of space where to put our
webpage which is /~borge. From there we can add other folders.
http://members.ii.net/~borge/sheriff


I know of no other way and if you look at iinet's site you will probably come to
the same conclusion. Even people like Olympus trust me so why should you not.
At the moment there is only the one photo there which you can click or not as
yopu feel fit to do.

Borge

 

[George Hester]

You can bring the image up all by itself. Watch:

http://www.google.com/intl/en/images/logo.gif

click that. This is clearly a link to a gif file. Sometimes even this can
be forged but not often.
I didn't trust you for a number of reasons. First you were making a warning
about something that really had nothing to do specifically with Windows
2000. 2nd you posted this same message in many newsgroups. Third you talked
about viewing an image but your link was NOT to an image file at least not
clearly. 4th this what you posted is a common ploy done by Spyware spammers.
I could go on.

I apologize if I seemed paranoid and ascribed behavior to you that was not
really intended. But as I don't know you I can only guess what your
intentions were and they seemed very close to what is commonly done by
Spammers and their ilk. Again I apologize.

 

[What's in a Name?]

infected with SpySheriff,
If you are curious look here

You should look here
http://www.spywarewarrior.com/rogue_anti-spyware.htm
-max

 

[nesredep egrob]

You can bring the image up all by itself. Watch:

http://www.google.com/intl/en/images/logo.gif

click that. This is clearly a link to a gif file. Sometimes even this can
be forged but not often.
I didn't trust you for a number of reasons. First you were making a warning
about something that really had nothing to do specifically with Windows
2000. 2nd you posted this same message in many newsgroups. Third you talked
about viewing an image but your link was NOT to an image file at least not
clearly. 4th this what you posted is a common ploy done by Spyware spammers.
I could go on.

I apologize if I seemed paranoid and ascribed behavior to you that was not
really intended. But as I don't know you I can only guess what your
intentions were and they seemed very close to what is commonly done by
Spammers and their ilk. Again I apologize.

So I see your google image - just how can I post to that and make my file appear
like that - I really cannot see that I have anything but my connection to ii
which was at one time iinet.net - trust me - I hate spammers.

I just thought I have now found out where it originated and managed to boot
without it and as I am writing this it has b..... picture has appeared again.
There are pointers though to a file from Apple iTunes Library which contains
references to that MALWARE which is a ploy to try and get money from you for
something which is not really a virus but just a ploy.

I got to that because I was given a 20GB iPOD and had to download some programs
from apple - that started the rot.

Borge

 

[nesredep egrob]

You should look here
http://www.spywarewarrior.com/rogue_anti-spyware.htm
-max

Thanks a lot. I have not seen that one and there is even a mention of SpySheriff
there.

Borge

 

[What's in a Name?]

Thanks a lot. I have not seen that one and there is even a mention of SpySheriff
there.

Borge

I have some good help sites and programs listed on my pages.
http://home.neo.rr.com/manna4u/tools.html
-max

 

[nesredep egrob]

It has cost me the best part of the week-end and I think I have found the origin
of the SpySheriff or at least the one I have on my computer. I am not going to
jump to any conclusion just yet but certain files have now been deleted and the
date of installation of those files tie up with the start of my trouble. When
and if you see it, you will be amazed that someone being so squekey clean could
have such trouble on their site.
If I still have a clean computer on Wednesday, I shall write to the
manufacturers and let them know first as that is the right thing to do and then
inform George Hester personally.

Borge

 

[George Hester]

I know the application you are talking about. It is a pest. Nothing more
need be said about it.