A little something to cheer you up....
I hope you're not a female FReeper.....
Posted on 02/13/2006 12:18:25 AM PST by MetalHeadConservative35
annoying spyware/virus called adsheriff won't go away
Ive tried using AVG,AVAST,Adaware,Xoftspy, and my adminstrator account in safe mode, none work
ive even installed windows formatting my harddrive and it showed up first time i logged on after installing.
Pummel BTTT.
FWIW: I use Norton System Works with live update, it is indestructable and has alerted me to full blown attacks, not just spyware adware stuff.
Do you have more than one hard drive in your computer?
If not, then either something you're loading contains the virus or you have a hole in your router's firewall allowing someone from the outside to infect you. I'd recommend disconnecting the computer from the Internet and trying again. After you have it securely configured then connect it back.
Go to the bad programs home website and search around.
Many countries now have a law that the removal program has to be available for free and able to be downloaded from their site.
I have gotten rid of some of the worst for people that way.
I think they might have a computer that puts the restore software in a partitioned drive and it is all infected.
That makes sense. I hate when computer companies are so cheap that they stick the system backup in separate partition. That does you no good if the drive fails or otherwise gets compromised.
But I'd like to address another angle: Are you sure you actually have the malware in question, or might you just be getting a false positive from your virus scanner? What are your "symptoms", if any, aside from the virus scanner raising a flag?
i may have to just format all 3 hard drives..if that doesnt work..this machine is making a one-way-trip to the gun range...
Havoc, I agree with you that by process of elimination the MBR is a next place to look even though that is a real long shot as a source of the problem, but there is no indication that this program is anywhere that sophisticated:
"This is not a virus or a trojan. It is detected as a "potentially unwanted program." This is an anti-spyware application claiming to remove unwanted malicious spyware programs but requires paid registration before any issues found can be fixed or any many other features enabled (on access protections, etc.) It creates a shortcut in the Start Menu Startup folder to ensure it is launched and performs a scan at each system startup. In order to clean or delete any elements identified as threats, the software requires you purchase the full version."
The uninstall directions on their website are You can uninstall the program by clicking "Start->Programs->AdwareSheriff->Uninstall AdwareSheriff" menu item or use the "Start->Control Panel->Add/Remove Programs" capabilities.
It's hard to believe that this program immediately shows up after a reformat and a completely clean install. In other words, the install finishes, XP(this is XP, right?) asks if you want to activate and register, and right there or the very next boot, without doing anything else this program pops up. MetalHeadConservative35 is this the case, anf if so, have you ever used a dual-boot configuration? Another long shot, but that is all I can think of.
thanks for the help
I don't blame you! Get some sleep and let us know how it goes tomorrow.
Ad sheriff is terrible. It's basically extortion. It highjacks your pc and holds it hostage, all under the guise of getting rid of ad ware. It even puts this ridiculous banner on your desktop, then alters your desktop security profile so that you can't change it readily.
Try the removal instructions here. (At your own risk and back up your registry!)
http://www.2-spyware.com/remove-spysheriff.html
I am not really concerned over the program itself so much as by the behavior exhibited. But, I would agree that more information would be useful. At the same time, the drive apparently has already been reformatted. Replacing the MBR if there is any question doesn't take long and will rule that out as the problem. It also eliminates second guessing and diminishes the need for guessing in general.
No matter what something identifies itself as, I troubleshoot for the behavior, not the expected behavior. Things are not always what they advertise themselves to be.
:)
Get your rest. If your tired and stressed that's always good medicine. If you need help tomorrow, you can IM me. I have the day off and no plans. Will be glad to help if I can.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.