Virus Description: SpySheriff Trojan

SpySheriff virus description
Technical details:
Categories: Trojan,Adware,Ransomware

SpySheriff Folders: [%PROGRAMS%]\SpySheriff [%PROGRAM_FILES%]\spysheriff [%PROGRAM_FILES%]\Daily Weather Forecast [%PROGRAMS%]\spysheriff

SpySheriff Files: [%APPDATA%]\Install.dat [%DESKTOP%]\SpySheriff.lnk [%PROGRAM_FILES%]\PestTrap\base.avd [%PROGRAM_FILES%]\PestTrap\base001.avd [%PROGRAM_FILES%]\PestTrap\heur002.dll [%PROGRAM_FILES%]\SpySheriff\base001.avd [%SYSTEM%]\service.exe [%WINDOWS%]\Downloaded Program Files\UWAS6_0001_N69M0903NetInstaller.exe [%PROFILE%]\cmd.exe [%PROFILE%]\start [%PROGRAMS%]\SpySheriff\SpySheriff.lnk [%PROGRAM_FILES%]\SpySheriff\base.avd [%PROGRAM_FILES%]\SpySheriff\base002.avd [%PROGRAM_FILES%]\SpySheriff\found.wav [%PROGRAM_FILES%]\SpySheriff\heur000.dll [%PROGRAM_FILES%]\SpySheriff\heur001.dll [%PROGRAM_FILES%]\SpySheriff\heur002.dll [%PROGRAM_FILES%]\SpySheriff\heur003.dll [%PROGRAM_FILES%]\SpySheriff\notfound.wav [%PROGRAM_FILES%]\SpySheriff\removed.wav [%PROGRAM_FILES%]\SpySheriff\SpySheriff.dvm [%PROGRAM_FILES%]\SpySheriff\SpySheriff.exe [%PROGRAM_FILES%]\SpySheriff\Uninstall.exe [%WINDOWS%]\desktop.html [%DESKTOP%]\spysheriff.lnk [%APPDATA%]\Install.dat [%DESKTOP%]\SpySheriff.lnk [%PROGRAM_FILES%]\PestTrap\base.avd [%PROGRAM_FILES%]\PestTrap\base001.avd [%PROGRAM_FILES%]\PestTrap\heur002.dll [%PROGRAM_FILES%]\SpySheriff\base001.avd [%SYSTEM%]\service.exe [%WINDOWS%]\Downloaded Program Files\UWAS6_0001_N69M0903NetInstaller.exe [%PROFILE%]\cmd.exe [%PROFILE%]\start [%PROGRAMS%]\SpySheriff\SpySheriff.lnk [%PROGRAM_FILES%]\SpySheriff\base.avd [%PROGRAM_FILES%]\SpySheriff\base002.avd [%PROGRAM_FILES%]\SpySheriff\found.wav [%PROGRAM_FILES%]\SpySheriff\heur000.dll [%PROGRAM_FILES%]\SpySheriff\heur001.dll [%PROGRAM_FILES%]\SpySheriff\heur002.dll [%PROGRAM_FILES%]\SpySheriff\heur003.dll [%PROGRAM_FILES%]\SpySheriff\notfound.wav [%PROGRAM_FILES%]\SpySheriff\removed.wav [%PROGRAM_FILES%]\SpySheriff\SpySheriff.dvm [%PROGRAM_FILES%]\SpySheriff\SpySheriff.exe [%PROGRAM_FILES%]\SpySheriff\Uninstall.exe [%WINDOWS%]\desktop.html [%DESKTOP%]\spysheriff.lnk

SpySheriff Registry Keys: HKEY_CLASSES_ROOT\clsid\{202b0efd-2cb9-039b-2b11-a3579d6d56a3} HKEY_CLASSES_ROOT\clsid\{7c43e35c-a398-7c5f-b1ba-7e87073be150} HKEY_CLASSES_ROOT\clsid\{9cb4ce93-8cc7-9e03-1037-2dd837e3a52e} HKEY_CURRENT_USER\Software\SNO2 HKEY_CURRENT_USER\SOFTWARE\SpySheriff HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spy sheriff HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\menuorder\start menu2\programs\spysheiff HKEY_CURRENT_USER\software\sno2 HKEY_CURRENT_USER\software\spysheriff HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spysheriff

SpySheriff Registry Values: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

SpySheriff indications of infection

This symptoms of SpySheriff detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Annoy Trojan Removal instruction
Removing HMToolbar Toolbar

Virus Description

SpySheriff Trojan

SpySheriff indications of infection

No comments:

Blog Archive

Virus Description

SpySheriff Trojan

SpySheriff indications of infection

No comments:

Subscribe To

Blog Archive