LinkBack URL
About LinkBacks
SpySheriff - A Warning - Do not download!
SpySheriff
SpySheriff is malware that disguises itself as an anti-spyware program, in order to trick the owner of the infected computer to buy the program, by repeatedly informing them of false threats to their system. SpySheriff often goes unnoticed by actual anti-spyware programs, and is difficult to remove from an infected computer.
"Another version of SpySheriff"
The popup advertisement that leads to the infection. SpySheriff can not be simply deleted, as it reinstalls itself through hidden components on the computer. Trying to remove it with the Add/Remove programs feature has similar results, or may result in a system crash. A blue screen of death will occur and possibly make the computer lose all memory, or render it completely useless.
The program will stop the computer from connecting to the internet or a limited internet connection, and will display an error message reading "The system has been stopped to protect you from Spyware."
The desktop background can also replaced with a blue screen of death, or a notice reading: "SPYWARE INFECTION! Your system is infected with spyware. Windows recommends that you use a spyware removal tool to prevent loss of data. Using this PC before having it cleaned of spyware threats is highly discouraged."
SpySheriff has been known to create another user account, at the administrator level, to block access to programs and utilities for other users. If logged in as an administrator, it is sometimes possible to delete the SpySheriff account.
It also acts to stop any attempt to do a System restore by preventing the calendar and restore points from loading. This prevents the user from being able to revert their computer to an earlier usable state. A System restore is however often possible after booting in Safe mode.
It blocks several websites, including the ones that have downloadable anti-spyware software, and locks the user's Internet Explorer options.
SpySheriff clones
The company that developed SpySheriff, knowing that people have become aware of SpySheriff being malware, has created several SpySheriff clones that have different names and styles than SpySheriff, but share the same interface and similar behaviors of SpySheriff. Adware Sheriff, Pest Trap, SpywareNo, Spylocked, SpywareQuake, SpyTrooper, Spydawn, AntiVirGear, Brave Sentry, "SpywareStrike", SpyShredder, Alpha Cleaner and "SpyAxe" are the best known of these.
Removal
SpySheriff is very difficult to remove directly. Attempting to remove it using the "Add/Remove Programs" control panel may sometimes work. However, SpySheriff has a tendency to reinstall itself due to hidden components. The simplest solution is to try genuine spyware removal tools in the hopes that it can be cleaned, but there are also possibilities for manual removal.
Since System Restore is locked by SpySheriff, it is very hard to remove it through it, however, using System Restore in Safe Mode might work, but there is a possible chance that the SpySheriff's components may be inside the System Restore folders.
Tools called SmitFraudFix and SmitRem are said to get rid of SpySheriff they work by deleting all of SpySheriff's components and if the desktop wallpaper had been changed, the removal tool replaces it with a plain blue screen. Ad-Aware and Vundo-Fix can remove SpySheriff components by removing trojans associated with the program.
HijackThis is sometimes recommended to remove registry entries by SpySheriff. Sometimes the only way to completely remove the virus is by saving all documents on a hard drive and re-installing Windows/reformating if the above removal solutions do not seem to work.
Using programs such as avast!, Spyware Doctor and McAfee Security Center can prevent this infection from entering the computer.
From Wikipedia, the free encyclopedia
----------------------------------------------------------------------------------
How to remove SpySheriff
SpySheriff is a mock antispyware application that uses fake security alerts to dupe users into purchasing the program.
SpySheriff is typically installed through a security hole in MS Windows that automatically downloads a Trojan to your PC. The Trojan then issues bogus security alerts in the Windows taskbar. When you click on a fake security warning, SpySheriff is downloaded and installed to the system.
SpySheriff also locks the Windows desktop to a black background with a warning message stating that "your computer is at risk."
How to Remove SpySheriff (Removal Instructions)
Below are simplified steps to guide you through the removal process.
1. Begin by rebooting your computer into Safe Mode (with Networking support). Click: Start -> Shutdown -> Restart; once the computer restarts, press the "F8" key multiple times until a Startup Menu appears. Choose Safe Mode with Networking.
2. Once in Safe Mode, uninstall Spy Sheriff by going to Start -> Control Panel -> Add/Remove Programs, select "SpySheriff" and click Remove. Note: do not reboot your computer yet or SpySheriff will reinstall itself.
3. Click here to get Adaware SE (free); when installing, make sure to update the signature files of Adaware.
4. Run Adaware SE and do a "Full System scan" and an ADS scan. An ADS scan will require you to select a drive (select the C: drive.)
5. Click here to get Spybot Search & Destroy; this will clear the remaining bits of Spy Sheriff. Download the updates once you have installed the software on your system. When complete, do a full system scan.
6. Boot back into Normal mode and check if Spy Sheriff has been removed. If it has not, I would suggest running both Spybot and Adaware again to make sure you didn't miss any steps.
7. Visit the Windows Update web site and acquire any updates for your computer. This will help to ensure your system does not get infected again with Spy Sheriff.
That's it!
Source: infopackets.com
Africa's Largest Online Marketplace
An Item has been added to cartx
1 item added to your cart
Cart Summary
Items in Cart:
Reply With Quote
Originally Posted by SUNMASTER
Bookmarks