All | 43 Folders | Accessibility | BoingBoing | Books | Computer Related | Family | Films | General | Hacking | Hobbies | Humor | Java | Links | Omni | OpenSolaris | Puzzles and Games

« I Want A Linux/Unix... | Main | Vacation Next Week »
20070215 Thursday February 15, 2007

Infected!

One of our Windows Xp machines was infected with SpySheriff tonight. I suppose I should consider myself lucky. This is the first (known) such infection that I've suffered since running Windows. I started in about 1998.

SpySheriff is a rogue anti-spyware application that uses fake alerts and false positives as a goad into scaring you into purchasing their software. This software is usually installed by Trojans that issue fake security alerts in your Windows taskbar stating that you are infected with a variety of malware. When you click on this warning, SpySheriff will be download and installed and start scanning your system. The malware will also change your Windows desktop to a black background with a warning message stating that your computer is in danger.

I luckily found a great web page that showed me how to remove it. I'm still not convinced everything is tickety boo. That computer is still experiencing random crashes. I'm going to try repairing the disk again. If it still crashes after that, I'll just reinstall Windows Xp.

Geez, what a pain in the arse. That'll teach me for using Windows. If it wasn't that Duncan wanted to play his latest favorite game Professor Fizzwizzle, I wouldn't have been in this mess.

I see there is a Mac version of the game. I think it's time to get him a Mac laptop. It'll probably be a family laptop shuffle. Duncan will get my wife's iBook; Lynea will get my Powerbook and I'll buy a new Mac Book or Mac Book Pro (haven't decided which yet). But probably not until after Leopard is out.

And there will be one less Windows machine.

[]

[]

( Feb 15 2007, 07:16:00 PM PST ) [Listen] Permalink Comments [9]

Comments:

Their site claims to have a GNU/Linux version.

Posted by Anonymous on February 15, 2007 at 10:07 PM PST #

But did you notice that they have a Linux version of Professor Fizzwizzle?

Posted by Joe Buck on February 16, 2007 at 01:00 AM PST #

Yes I did notice. Duncan's school uses Mac's though and there are some things he uses there (and will be using over the next few years), that I don't believe are available on Linux.

But you raise a good point. I also know that Ubuntu works nicely on PPC too (I currently have it running on the Powerbook as an alternate boot).

Posted by Rich Burridge on February 16, 2007 at 02:00 AM PST #

Well, to be honest I dont trust a PC that has been infected withg something. So standard operating procedure when maintaing PC's for friends and family is a complete reInstall with only a data backup and a complete format of the harddisk from a linux live CD. On my own PC I've been 'lucky' so far. (mainly due to knowing what you do, running a restricted account and no IE) I actually had some of them using linux, until they asked for skype :( (google for the mess skype is on linux).

Posted by Elroy on February 16, 2007 at 03:07 AM PST #

Both Professor FizzWizzle and Fizzball work very well on Ubuntu, bought them both. In case you'd actually prefer Linux. :)

Posted by Stoffe on February 16, 2007 at 04:44 AM PST #

Why wouldn't you just run Windows guestOS in VmWare on Linux host OS?

Posted by 68.163.140.10 on February 16, 2007 at 05:38 AM PST #

Still thinking about the Linux choice. We have a couple Ubuntu systems in-house. I'd prefer to put the game on whatever laptop Duncan is using and currently it's running Windows. As mentioned before, a Mac is probably going to be our best choice for his school work.

The VMWare (or Parallels) option is a good idea. I'm now thinking about that one too.

Thankyou both.

Posted by Rich Burridge on February 16, 2007 at 07:30 AM PST #

sfc /purgecache sfc /scannow Have your WinXP disk handy. This will find altered system files and replace them with copies off the CD.

Posted by ryan on February 16, 2007 at 05:52 PM PST #

Thanks ryan. Does this differ from:

Booting for WinXP CD, repairing the existing WinXP O/S on C: and then reinstalling the O/S from CD?

I did exactly that and I was still get popups from "standard" Windows applications saying they were having problems reading certain addresses (large hexadecimal addresses).

From the latter I've assumed I was still affected (i.e. had bad/corrupted files/libraries).

Posted by Rich Burridge on February 16, 2007 at 05:58 PM PST #

Post a Comment:

Comments are closed for this entry.