I got this virus recently....it made my desktop background black adn it says "your computer is in danger..." (so on) and this thing pops up and says that my computer is in danger....I ran AVG FREE and it fixed and found all the trojan horses or whatever and deleted them...but the problem persists!!
2006-08-04 16:01:04 · 20 answers · asked by doubledee90 3 in Computers & Internet ➔ Other - Computers
Sounds like you may have Spy Sherrif on your system...is there an icon in the lower right corner where your clock is that once you hover the mouse over it indicates that it is some type of update for Spy Sherrif. Are you getting "your computer is infected with spyware etc...click to update your version of Spy Sherrif?" or indicating that you need to install a certain program to rid yourself of the spyware and it offers a link which is Spy Sherrif's site...encouraging you to install everything thiey've dumped onto your system unasked..
This is a trojan that is a pain in the rear...I've had to remove it from two of our 6 computers so far, fortunately, we've increased our security on the home network and we are doing quite well now in fending off such intruders.
Here are some programs that are known to remove this intruder:
http://www.adwarereport.com/mt/archives/000008.html
http://www.adwarereport.com/mt/archives/000006.html
http://www.adwarereport.com/mt/archives/000212.html
This site offers a download option for each of these programs which should eradicate this trojan as well as any other intruder on your system. Keep at least one of these to run regularly to ensure your system stays clean and schedule it to run every night or early morning whenever you aren't using the system...
Also, whenever you do a virus scan and want to be certain you've gotten just about everything from the system (this should be done with the spyware scans as well), Close down the computer, restart, hit F8 for Safe Mode, may be F12 for some machines. Enter safe mode (you won't need the options for CD Drive, network etc). Bring up your spyware program(s) and run them from within safe mode. Do the same with the virus scanner...you'll eradicate more because you have less resources running and this assists in a deeper more thorough scanning and results..
Here are some pointers you can try if the above doesn't eradicate everything (even tho it likely will):
Kill the following processes (if you have WinXP, Press Ctrl-Alt-Delete all at the same time...your Taskmanager will pop up or a Security pop up window will show up with a few options to choose, you want the Task Manager button (WinXP Pro).
1950.exe , newdial.exe , spysheriff.exe , uninstall.exe , winstall.exe
Delete these registry entries (Start-Run, to enter the Registry Editor where you will locate the following and delete them. No other entries in this Registry should be touched. The registry can incapacitate your system if the wrong things are played with:)
SOFTWARE\spysheriff
SOFTWARE\Microsoft\Windows\CurrentVersion\uninstall\spysheriff
Remove the following files (you can go through My Computer for this or do a search for each using the search feature in windows.)
1950.exe , Desktop.html , newdial.exe , spysheriff.exe , uninstall.exe , winstall.exe .
SpySheriff.lnk in Desktop\
Remove the following directories )Start-My Computer-C drive-Programs and look for the following folder):
Program Files\spysheriff
Also, try this manual option as wel however it requires another program called HIJACK THIS which is a bit more involved, but just incase:
http://www.adwarereport.com/mt/archives/000253.html
Good luck with this...I'm almost certain this will solve your problem.
2006-08-04 16:34:44 · answer #1 · answered by dustiiart 5 · 1⤊ 1⤋
It's going to take more than a few messages on this board to fix the issue. You'll likely need someone skilled in registry entry and able to access the recovery console (assuming you're on XP).
You have to disable the files launching into memory ~ once they're in there they cannot be deleted as they're in use. If they attach to the WinLogon portion of your registry you'll have to use the recovery console (from the xp install disk) to go in through a DOS-like console and delete the offending files so they can't load and re-propagate.
NOTE: Even safe-mode will not bypass winlogon startups.
2006-08-04 16:06:08 · answer #2 · answered by Z33K Zmorphod 3 · 0⤊ 0⤋
Do you have a firewall? If you don't you should activate it. I have WinAntiVirus Pro 2006, and it'sreally good. It blocks popups, and if it detects a virus, it automatically gets rid of it. Try restarting your computer. If the problem persists, you need to buy a better virus scanner. Trojans are really dangerous.
2006-08-04 16:05:03 · answer #3 · answered by Romaneasca 3 · 0⤊ 0⤋
Try this one mate.
tip 1 Go to symantec.com. then go in search write the virusname+virus removal tool. search it u will get a list of virus removal tool. from that please download that virus removal tool and clean that virus. And even if its there then u realy want to remove the virus then go an buy one any legal antivirus software e.g norton antivirus 2006 etc.and scan the comp. Avg free not bad but if u want a little stronger protection against virus then go for profesnall edition
tips 2.
right click my compurter go system restore turnoff system restore .restart the comp.
Also u can clean up the history from internet expolere
2006-08-04 16:07:44 · answer #4 · answered by .. 3 · 0⤊ 0⤋
I answer this question here every week. I need to make a web page.
You need to go to Safe Mode. Restart the PC while holding F8.
Go to RegEdit and remove the files that are a problem.
Use a program called HighJackThis.
Clean the computer with "Disk CleanUp" Empty the TEMP folder in your folder settings (you'll need ot enable hidden files to see it).
2006-08-04 16:05:43 · answer #5 · answered by Anonymous · 0⤊ 0⤋
Maybe it has some kind of self-portection program that keeps it safe. I'm afraid you have to fix this problem in safe mode. Please try the following;
-Update your AVG in normal mode( there's nothing better than do that daily);
-Scan your system in Safe mode;
-If it still exists( some system file may be damaged or there are more than one OS currently in your PC) please try to scan your PC in DOS. You can do this by create a AVG Rescue Disk and scan your system in DOS mode( it's safer, I've already created one, but please make sure your AVG has updateed before you create it).
I hope these can really help you.
Good Luck!
Please don't hesitate to contact me for any futher information.
2006-08-04 16:24:26 · answer #6 · answered by Anonymous · 0⤊ 0⤋
As a former worker of Norton, I can provide a instantly reply. Yes, it is going to repair "a few", additionally it is effortless to milk Norton Anti-Virus itself by way of tricking the consumer in believing they're updated and "blank". While running there I observed many methods to leverage the goods themselves, introduced it to the awareness of higher leadership as good because the director and was once advised to depart it on my own. There's your reply. That is why I stop and retain exploits and make it public potential so providers are compelled to repair them. As of now, it is nonetheless very effortless to circumvent, and overwrite the settings within the modern day variant to factor all updates in the direction of a malicious server; aka whilst you "get updates", your updates possibly coming from a different server. Symantec has different pleasant merchandise, Norton A/V isn't considered one of them.
2016-08-28 12:30:32 · answer #7 · answered by ? 4 · 0⤊ 0⤋
you have to go into your registry and delete or repair the malicious entries, but be careful you can screw things up by deleting registry items. be sure to back it up if you decide to try, if you dont know how to back it up, don't try.
You can do
Start>Run type Regedit
Go to HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System
you will see a registry key that say something like WallpaperActive=1 or something similar
you can also download a registry fix from the site below
2006-08-04 16:14:36 · answer #8 · answered by jugglaman 4 · 0⤊ 0⤋
the problem is that the viruses go in all different kinds of folders and there is no way u can delete the virus in one scan. u need to give your computer to a compuer man or somthing.
2006-08-04 16:05:16 · answer #9 · answered by taylor 2 · 0⤊ 0⤋
press ctrl+alt+del see which program is running that shouldnt be. end the process. go to the directory that file is in. and delete it. STOP LOOKING UP PORN. if you dont want viruses get your porn from an XXX video store or go to the corner store and buy a hustler magazine for 3 dollars.
2006-08-04 16:07:49 · answer #10 · answered by pevehead 4 · 0⤊ 0⤋