Security news and information

SpywareSheriff, a new rogue antispyware application that is starting to infect a lot of users. This particular infection is harder to remove than other variants such as SpywareQuake and SpyFalcon. This is because it uses a lot of random names for the files. It is, though, easy to tell when you are infected with this malware.

When infected your Internet Explorer home page will be set to about:blank that opens the screen shown below. If you attempt to change your home page to another site, it will reset it to the one below.

Then when you click on the page, it will take you to the url http://antispylab.com/
You will also periodically get fake taskbar messages that state the following among others:

Title: ‘Alert! Trojan.Virus.Z.32.exe launch attempt detected…’
Message: ‘It is recommended that you run a full system scan now to
reveal other possible threats. Click here to download spyware
remover.’

Title: ‘Internet attack attempt detected…’
Message: ‘Somebody’s trying to infect your system with spyware or
harmful viruses. Run system scan now to secure your PC from Internet
attacks and hijacking attempts!
Click here to download spyware remover now…’

Title: ‘Alert!’
Message: ‘Trojan.Virus.Z.32.exe launch attempt detected and blocked!
It is recommended that you run a full system scan to reveal other
possible threats.
Click here to visit Security Center web site and protect your system
against spyware and harmful viruses…’

Title: ‘Credit card hijacking attempt detected…’
Message: ‘This is a result of harmful spyware activity.
Scan your PC now to reveal and remove malicious spyware.
Visit Windows Security site to download antispyware…’

Unfortunately at this time there is no self-help guide to remove this infection. If you are infected with it, please follow the steps in this topic:

Preparation Guide For Use Before Posting A Hijackthis Log

Tags: No Tags