Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Newbie - Spy Sheriff And Smitfraud Probs

  • Please log in to reply
1 reply to this topic

#1 baldyman666


  • Members
  • 9 posts
  • Location:yeovil england
  • Local time:10:29 AM

Posted 01 February 2006 - 03:17 PM

Hiya - have posted my introduction and i have tried to get this prob in the right place

I have the spy-sheriff malware bug. like others i dont know how, as i have never been any where near spy sherriff. It sits in the right hand corner of my toolbar as a red ball with a cross in it and a pop up appears every 10 seconds telling me my pc is infected and by clicking on the pop up it will download the software i require ( i believe it is called faketrojan ???).

pop ups appear - internet is slower and it cuts the connection frequently - crashes programs - keyboard functionality fails intermittently-allows more spywhere in at a rapid rate

i dont have other symptoms though like i belive others have (taking over desk top backgrounds - taking access over -

i ran spybot and it picked up some spyware of varying threats but i think sheriff had hijacked spybot as it would crash when it came to removing what it had found.

i de-installed spybot thinking maybe it was infected.

Then i downloaded microsoft antispy beta off the updates site. when i ran this, it found and named the bug as spy-sheriff. i deleted the sheriff and rebooted.

on returning to windows,microsoft anti spy pop-up (green bar) appears and tells me that it is accepting
winstall.exe (treating it as new software)

so i installed spy doctor - this seemed more in depth. i ran it and it did find 24 infections including winstall and faketrojan.
spyware doctor then comes up with :

one or more active infections were removed from memory. to ennsure system stability, spyware doctor must now restart windows. please save your...blah blah..and reboot

i did this ...and before it re-entered windows it did another scan and came up with no infections.
GREAT i thought..until when i re-entered windows low and behold that little red cross in the taskbar said i had an infection and c:winstall was back. winstall was alowed in again by microsoft antispy so i removed that
and am now only running spy doctor. this is where i waved a white flag as clearly spydoctor had cleaned my memory and it still came back.

i repeated the procedure with spy doctor believing micrsoft antispy had been modified by spy sheriff.
oh and avg reports no viruses.

im at my wits end with this!!!!

oh and spydoctor found smitfraud too - is this one bad???
have downloaded smitrem.exe but to scared to use it as im NOT a pro at this.

i have downloaded hijack this and will put a link to this here (if i can figure it out) as i believe that is what you need. along with sys spec.

thanx for your time

:thumbsup: hijack this post

all leave is to be cancelled by order of the josh

BC AdBot (Login to Remove)


#2 tg1911


    Lord Spam Magnet

  • Members
  • 19,274 posts
  • Gender:Male
  • Location:SW Louisiana
  • Local time:09:29 AM

Posted 01 February 2006 - 04:16 PM

You should wait until your HJT log has been examined.
You shouldn't make any changes to your system, until your log has been verified as clean.
Any changes you make, could skew the results of your posted HJT log.

oh and spydoctor found smitfraud too - is this one bad???

SmitFraud alias FAKEALE-C TROJAN!
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users