Hard Light Productions Forums

Off-Topic Discussion => General Discussion => Topic started by: MicroPsycho on June 13, 2005, 05:59:24 pm

Title: um...help...wtf is going on?
Post by: MicroPsycho on June 13, 2005, 05:59:24 pm
Her'es the situation, after browsing this forum and visiting a few webpages (the "I Love Egg" and "Halo: funny situations" links from the thread)  I was about to disconnect but then I saw an icon in my tray that looked like a ball of fire/sun and then "Spy Sheriff" pops up. not knowing what "Spy Sheriff" is and knowing not where it came from (I didn't download it, and no one else has access to my computer) I disconnected from the internet (56k...actually it's like 44.2k) immediately. I can't find an uninstall for "Spy Sheriff" so I promptly delete its folder in the Program Files, and then this happens:
(http://img216.echo.cx/img216/2821/desktop0cx1.jpg)
notice the arrow in the bottom right (I added that)
I then run adaware, spysweeper and Spydot S n D. they all found stuff and SnD needed to reboot so I did and hoped I would have control over my desktop when it finished.
Nope. and low and behold, spy sheriff is up and running!:mad:
(http://img216.echo.cx/img216/8990/spy17zh.jpg)
so then, even though I suspect this is some sort of spyware, I try to remove the threats it has found, but wait, it needs an activation key
(http://img150.echo.cx/img150/1476/spyactivate7vv.jpg)
...alright, let's get a free 3 day activation key, but no, there is no free, or even 3 day activation key, just licences for 7 days ($4.81, or some stupid number), 1 month, 6 months, 1 year and 3 years, what a f*cking joke! They have a website (http://www.spysheriff.com) too

Does anyone know if this is a legitimate program (I doubt it personally) but more importantly does anyone know how I can regain controll over my desktop and change the wallpaper as that function is locked in the display properties and Style XP can't change it, I think its going behind the blue spyware desktop.

Here are pics of what the other tabs on the spy sheriff show
Settings:
(http://img150.echo.cx/img150/1379/spyset6ee.jpg)

Updates...:
(http://img150.echo.cx/img150/3446/spyupdate0ba.jpg)

Help:
(http://img150.echo.cx/img150/4328/spyhelp3ut.jpg)
Title: um...help...wtf is going on?
Post by: MatthewPapa on June 13, 2005, 06:02:18 pm
Use firefox. All this stuff reminds me of my IE days.
Title: um...help...wtf is going on?
Post by: Solatar on June 13, 2005, 06:04:11 pm
Little late for that...

Search Google and try to find a way to delete it from the registry.
Title: um...help...wtf is going on?
Post by: MicroPsycho on June 13, 2005, 06:04:35 pm
that's the thing, I am using firefox
Title: um...help...wtf is going on?
Post by: Martinus on June 13, 2005, 06:05:38 pm
[color=66ff00]Are you using the POS firewall that comes with windows XP?
[/color]
Title: um...help...wtf is going on?
Post by: Bobboau on June 13, 2005, 06:07:29 pm
uhmmm... so, you have suddenly been cripled by very obvius spy ware, and low and behold, out of sheer luck something has caused this miraculus spyware removeal program to show up, but you need to send them money to use it.

are you seriously that nigheve? that 'spy sherif' is the spy ware.
reboot into safe mode and see if you can get any more traction with removeing it, I sudgest you try getting hijackthis if the normal rutes do not work under safe mode.
Title: Re: um...help...wtf is going on?
Post by: redsniper on June 13, 2005, 06:20:57 pm
Quote
Originally posted by MicroPsycho
Does anyone know if this is a legitimate program (I doubt it personally)
Title: um...help...wtf is going on?
Post by: MicroPsycho on June 13, 2005, 06:36:21 pm
Ya, I knew that the "Spy Sheriff" was the spyware but my other spyware removal programs didn't get it. But I've deleted its registry and I thinksits gone now, but I need to get my wallpaper back
Title: um...help...wtf is going on?
Post by: Styxx on June 13, 2005, 06:39:13 pm
Use HijackThis to remove it.
Title: um...help...wtf is going on?
Post by: Nuke on June 13, 2005, 07:20:58 pm
open reg cleaner, your task manager process tab, and your find files and folders, look at your processes and search for each file, go to its properties and see who wrote it, if its ms or one of your hardware speciffic apps, skip it, else find out what it is. if it doesnt come from a company whos stuff you use, check reg cleaners startup list for it. kill the process first, then wait to see if it comes back up, if it doesnt remove the entry from reg cleaners start up list. repeat untill all the stuff you dont need isnt ruinning.
Title: um...help...wtf is going on?
Post by: MicroPsycho on June 13, 2005, 07:45:42 pm
alright, I've narrowed the culprit to the wacked desktop as an html file in the windows folder entitled "desktop.html". with this file the display properties is unable to change the background (its all greyed out) with out this html file, I still can change the wallpaper but the stupid "System Stopped..." think is gone and I can change the colour of the screen
Title: um...help...wtf is going on?
Post by: Cobra on June 13, 2005, 07:49:55 pm
you go to Anchorpoint too? lol, that halo one was funny as hell. makes me wanna play halo... maybe i'll play it right now...

[EDIT] you should download Adaware. it picks up a lot of stuff Norton can't find. it deletes adware, viruses, and spyware.
Title: um...help...wtf is going on?
Post by: achtung on June 13, 2005, 08:22:10 pm
First download Ad-Aware Personal (http://www.download.com/Ad-Aware-SE-Personal-Edition/3000-8022_4-10399602.html?tag=lst-0-2)  since it's free and make sure to get the definition update (http://www.download.com/Ad-Aware-SE-Personal-Definition-File/3000-8022_4-10401688.html?tag=lst-0-3)

And try Spybot-Search & Destroy (http://www.download.com/Spybot-Search-Destroy/3000-8022_4-10401314.html?tag=lst-0-1) a very usefull free program.
Title: um...help...wtf is going on?
Post by: MicroPsycho on June 13, 2005, 08:38:18 pm
I have Adaware and Spy Bot S and D and i used them already
Title: um...help...wtf is going on?
Post by: achtung on June 13, 2005, 08:44:23 pm
I would just reinstall windows thats what I did once when I got really bad ad-ware.  Of course this may not be an option for you.
Title: um...help...wtf is going on?
Post by: Admiral Nelson on June 13, 2005, 08:54:12 pm
Links:

Link 1 (http://www.geekstogo.com/forum/index.php?showtopic=33567&st=0&p=166364&)

Link 2 (http://forum.majorgeeks.com/archive/index.php/t-64011.html)

I hate spyware creators!! :mad:
Title: um...help...wtf is going on?
Post by: MicroPsycho on June 13, 2005, 08:56:08 pm
I'll probably will end up re-install windows but unfortuneately, I need my computer and stuff on my computer until Friday...I'm thinking I'm missing some file that goes in the WINDOWS folder and enables images on the desktop
Title: um...help...wtf is going on?
Post by: MatthewPapa on June 13, 2005, 08:57:42 pm
Try microsoft's anti spyware app. Its pretty good, good enough to make me a convert from ad aware.
Title: um...help...wtf is going on?
Post by: Swamp_Thing on June 14, 2005, 12:29:01 am
You could make a registry search for any instances of "Spy Sheriff", and delete them (AFTER you´ve backed up your registry, note).
Also, do Control-Alt-Delet and search for it there, before you delete the registry entries. Some spyware is self-replicant, wich means that if you delete something but the program is still running, it will re-write the deletes files all over again.
So, basically:

Control-Alt-Delete, and stop the processes and aplications  that look suspicious.
Then delete any folders you find on your HDD.
Then run a search on the registry.
Then reboot.
Title: um...help...wtf is going on?
Post by: aldo_14 on June 14, 2005, 05:11:10 am
Quote
Originally posted by Bobboau
nigheve


I'd just like to say that is probably the best misspelling of 'naive' I've ever seen.  Kudos to you Bob, kudos.

:D
Title: um...help...wtf is going on?
Post by: Nico on June 14, 2005, 05:13:31 am
Quote
Originally posted by Maeglamor
[color=66ff00]Are you using the POS firewall that comes with windows XP?
[/color]


the POS firewall that comes with XP, disable it and see what happens :rolleyes:
Title: um...help...wtf is going on?
Post by: Primus on June 14, 2005, 05:28:37 am
Run anti-virus program too. AVG destroyed what Ad-Aware and SpyBot couldn't on my PC.
Title: um...help...wtf is going on?
Post by: karajorma on June 14, 2005, 08:58:53 am
Quote
Originally posted by Nico
the POS firewall that comes with XP, disable it and see what happens :rolleyes:


You just run a better one and absolutely nothing happens.
Title: um...help...wtf is going on?
Post by: Martinus on June 14, 2005, 09:03:56 am
Quote
Originally posted by Nico
the POS firewall that comes with XP, disable it and see what happens :rolleyes:

[color=66ff00]I was thinking more along the lines of 'use zonealarm' which is significantly superior in all concievable ways.
[/color]
Title: um...help...wtf is going on?
Post by: Sandwich on June 14, 2005, 10:39:17 am
Quote
Originally posted by MatthewPapa
Try microsoft's anti spyware app. Its pretty good, good enough to make me a convert from ad aware.


As much as this may seem strange, I too heartily recommend MS's anti-spyware app. All the reviews and this vs. that comparisons put it towards the top, significantly above the now-behind-the-times Spybot S&D and AdAware.
Title: um...help...wtf is going on?
Post by: Descenterace on June 14, 2005, 10:54:06 am
The reason MS' antispyware app works so well is that they have much experience of writing spyware themselves.

Such as "Windows XP Activation"...

Quote
Originally posted by karajorma


You just run a better one and absolutely nothing happens.


Or you set up a spare computer as a Linux firewall/router/proxy and you no longer need to worry about installing firewall software on 'Doze.
I do love iptables.
Title: um...help...wtf is going on?
Post by: pyro-manic on June 14, 2005, 03:39:11 pm
I suggest getting hold of the creator's email address, and emailing him a program that destroys his hard disk when he runs it (actually easy to get hold of...:nervous: ). Teach the bastards a lesson...

Failing that (ever-so-slightly illegal but very satisfying ;)) option, have you tried a System Restore?

A separate router/firewall box is the way to go, I think. Buy an el-cheapo barebones PC or dig out your old Athlon 700 and use that. I would, but I'm connected via one of those wireless gateway thingies that is an all-in-one router/firewall etc.
Title: um...help...wtf is going on?
Post by: Cobra on June 14, 2005, 03:40:35 pm
LOL. meh, I have norton firewall that doesn't do ****. i can't configure UDP or TCP ports. :ick:
Title: um...help...wtf is going on?
Post by: Clave on June 14, 2005, 05:24:26 pm
I just had a really horrible thought:  When Macs switch to Intel, and a few PC people switch to OSX, it will then be worthwhile for the spyware bandits to target OSX ------  noooooooo!!!! :shaking:
Title: um...help...wtf is going on?
Post by: karajorma on June 14, 2005, 05:30:59 pm
With it's Unix core I'd expect OSX to be a lot less vulnerable than Windows straight out of the box.

You've got some time for the mac community to pull it together and make sure the OS is as bulletproof as can be before the switch though.
Title: um...help...wtf is going on?
Post by: aldo_14 on June 14, 2005, 05:52:04 pm
Thing is... was some of OS X not designed to take the IBM processors specific architecture in mind?

I'm sure I remember something specific about using a different register system in the Mac processors; I think having dedicated 32bit registers and instructions whilst 'standard PC' processors were using adapted 16-bit regs (I think combining 2 for a 32 bit register and extending 16 bit instructions in multifarious ways).
Title: um...help...wtf is going on?
Post by: Clave on June 15, 2005, 04:22:17 am
It's 64bit, and I think they have been quietly working on this in the background...