Remove SpySheriff. Removal instructions

How do you unlock the background wall paper that has been locked to the spysherif add? The change background option has been locked out, how do I unlock it?

I am having the same trouble with my display background......how do you unlock it?

I am having the same trouble with my display background......how do I unlock it?

I deleted SpySheriff within an hour from my computer but I do not see where I can contact them to get a refund? They claim satisfaction guarenteed money back?
Natlcondis@aol.com

I shot the sheriff!!! and it was all thanks to this website and spydoctor, i love u guys at 2-spyware u saved my pc and prevented my nervous breakdown, ure my gods!!!

To unlock your desktop wallpaper go to the registry folder:
HKEY_CURRENT_USERSoftwareMicrosoft WindowsCurrentVersionPoliciesActiveDesktop

The ActiveDesktop folder holds various keys that can lock out desktop settings. Just delete the folder and restart. The values will be recreated to their default state. Which will unlock your wallpaper.

Microsoft AntiSpyware (WinXP) recognizes and removes most of SpySheriff

just wondering if you guys know anything about getting a refund, or if it actually takes your money??

Company: SpySheriff Development Team
Street address: Tooley 73a
City: London
Zip: EC1Y 1BL
Country: United Kingdom
so far i have found these contact details... i think they should be giving more than just a refund however and deserve to be closed down.

Tried to unlock my desktop using procedure from Guest on 01/04/2006 suggestion and desktop is still locked. Removed ActiveDesktop Folder as he suggested but it was NOT re-created. Now what do I do ??

Spysheriff has deactivated my task manager,cannot access it by right click on mouse on the taskbar,pop up banner says it has been deactivated by system administrator.Can access in safe mode but do not know how to activate from there.Can anyone provide a resolution?

I got rid off the ennoying wallpaperthing!
Indeed go to the register like guest on 6/01 said,
go to

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem

and delete the key named "Wallpaper"
Then you can unlock the things...
Good luck!

when i try to open up the the file it says that my memory if full when i know that is not true. this virus if screwing me over. how do i get rid of it.

I have got rid of all problems you discussed in your article. However, I keep getting messages on desktop (right lower corner) from norton that it is scanning message 1 of 1 repeatably. It seems that spysheriff has done something to outlook express in the send area.

Jerry Nance

You need to be careful. I did not buy spysheriff----visited a site and it was downloaded on me before I knew it. When I went to my desktop-- there it was already installed.

Jerry Nance

I got hit with the SpySherrif. Thankfully the System Restore saved me.
Randy

I was hit by Spy Sherriff and for the first time in my life, got online to see of there is a class action lawsuit against this company. I am not a lawsuit oriented consumer but getting this software off has caused me to lose about six work hours in the past two days. Their intrusion must be illegal. Maureen

I think i got spysheriff from APACHE WEB SERVER. Please excersise caution when installing this software/service. -flippo

Spybot can remove most of Spy Sheriff except the part that gives you a bogus warning message on Internet Explorer. You have to delete C:WindowsPrefetch after using Spybot.

I have the toolbar from Sheriff, does anyone know how I can get rid off it?
Phil

Anyone know how to get rid of pesttrap?

whenever i restart my computer i have a bunch of different popups, i have ran spyware check on atleast 3 programs and they all find it, but still feels like somthing is wrong.the background is still there

how do i re-activate my task manager?

Recently, a computer of mine was infected by spysheriff. The task manager was disabled like mentioned in this article. I went to find the wallpaper in HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem suggested by Guest. 09/01/2006. There was also a file named disabletaskmgr. I tried deleting it and the task manager was able to start without interference. I restarted the computer and the file was back. I repeated the operation and it was successful. I found out that it has opened many internet tasks behind the desktop which made my computer slow. Why does this file disabletaskmgr keep returning and how can I prevent it returning?

Also, at the time of infection a few of my desktop icons were mutated and names such as zxczxc and asfds were all that were left of their original names. The picture also turned into a white paper-like background with a screen with other icons on it. Another discovery was that there was a small button in the bottom right hand corner of the system tray which when pressed upon appeared to create spysheriff. It will not leave and it dont know why, but once when disabletaskmg" was deleted it disappeard when my cursor was placed over it.

Can anyone help me fix my problems?

I removed most of SpySheriff successfully using the instructions above. The HKEY_CLASSES_ROOT items were not present on my computer though. The wallpaper is still locked so I will try the suggestion below. But now my computer keeps trying to access the internet. Norton Antivirus informs me msmsg.exe, and another couple of Windows executables are trying to connect automatically. They are fairly persistent so I have to keep blocking them with Norton. Any ideas?

(Same person as 2 spaces below)

I have scanned my computer with spyware doctor and removed the files with the infections in it. But my background now starts up with the Active desktop recovery. I have deleted the mutated icons. In the tray, the icons volume and safely remove hardware were gone. It also says that the button that was used to install sypsheriff was still there under taskbar/start menu properties. The desktop icons also have a box around their names of the colour desktop display properties.

How can I fix active desktop recovery for every startup, stop this strange colour around icon names and get rid of the "Your computer is infected" button.

Before you get spysheriff log off to another user and make a copy of your ntuser.dat file
if you get spysheriff go back to that user and remove the ntuser.dat file rename copy ntuser.dat to nturser.dat and make a new copy as a backup...
clean up program filesspy sheriff by using the uninstall spysheriff .exe in the folder
this will prevent the wallpaper like infected screen from being a problem to remove.

Thanks guys!!! :D
I got infected last night and thanks to your site I am back to normal.

-Steve

This is a Very Serious Threat. I tried all of the removal tips on this and several other sites. It just got worse every time, until it crippled my system even in Safe Mode. Had to rebuild it from scratch. These guys should be prosecuted to the fullest extent of the law.

EEK!! I got it too!
Windows is crazy!(beyond its normal insanity, I mean)
When I open the task manager, I see that the cpu usage is ALWAYS at 100%.
Suddenly an red (X) icon appeared on the system tray, saying that windows has detected infection by spyware, and that I should should click there to get rid of that.
...and I thought "wow! I never heard that windows had such a detection system! Cool!"
But then, came that instantaneous html page. saying my ip and browser...
------------------------------------------- pirate_sephiroth@hotmail.com ---------------------------------------------

I got tricked into buying it in december, It was wiping me out, I started up the the new windows onecare live set up system last week but that didi not help, then we put in the
Windows Defender Beta 2 and that took care of my problem,
Does anyone have an address can cancle my suscription for the spysheriff program I purchaced so the dont take money out of my acout next year . The beta program compleatly dealeated all traces of the sheriff from my computer and I cant find a place to cancle.
rpappas@frontiernet.net

Okay, so I took care of all the components of SpySheriff that I could find. Then, the locked desktop properties issues arose (the wallpaper thing that 1/9 was speaking about). I ended up following what a previous comment said by deleting the ActiveDesktop folder in my registry and it did not restore itself. Is this going to be an issue at a later date or should I not worry about it?

I cannot start my firewall after removing spy sheriff is there something I have missed

I also got spy sheriff, removed it whit XoftSpy, which was no problem for the great program. But there is one thing i can´t get rid of. I can´t change my desktop bakround, it seames to be locked on my standard backround. Anyone how have sollowd this issue?

Hey!
I had a SpySheriff and I've one question.
Does SpySheriff is entering a concern with huge virus programmers corporations? I mean that SpySheriff is downloaded with hundreds of trojans and viruses from web, from WMF file.
Thanks, answer on my mail: progg@wp.pl

Ps. I'm from Poland and I used www.translate.pl for translating my problem. Sorry for "new words" :-).

help me please how to restore my original background!!!!!
i removed everything and the background still f-cked up.
thanks!
bone
bone@bonenet.hu

I recently had to recover from a Spysherrif attack
After I had it removed from my system, I still couldn't change my wallpaper, and Windows Firewall wasn't working. This is what I did to fix it.

To get your wallpaper back, try this

Delete the following registry key
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "Wallpaper"=SZ:C:WINDOWSdesktop.html

Even if the key does not have a value set, remove the key anyway. This worked for me. Make sure to restart your computer after you delete the registry key.

To get Windows firewall back, go to this site. Worked like a charm for me.
http://windowsxp.mvps.org/sharedaccess.htm

Thanks for the help with dealing with this problem. I probably would have spent days trying to fix this. You guys rock!!

I believe I got this SpySheriff through a hidden executable in MySpace when I tried to delete an email. When I clicked the DELETE button, I was taken to another page... and thus begins my tale. Hidden behind open windows was the .exe running and having a merry time, unnoticed by me until I was getting ready to log my PC off. I am going to try your removal methods as others have failed - I can't even download fixes from my PC right now.. it is blocking internet access, I can't access my System Restore.. everything is locked up tight (just like the #^%$#(%^$# who created this should be!). I am hoping this does it, as I don't want to re-format the hard drive. *sheesh*

it's disabling me from downloading the automatic removals and i can't modify it in the registry files.

So, I've been trying everything that is suggested, removing the malicious processes, files, registry values, everything, but it's locked the entire computer up tight! is there anything else I can try?

Regarding Spysheriff... if it disguises itself as a spyware remover, then how do I know that this isn't just like spysheriff?

This virus is a real SOB. After you get rid of the files make sure you clean the Registry entries by goingo RUN, regedit, then go to edit and FIND. Type spysheriff, I found mine spysheriff under a folder in the Registry under SearchAgent.

Heh, SpySheriff's website looks so appealing.

kay it's not working for me...
spysheriff is one step ahead of me.. i dont even have the run... button so i used search and found it and stuff but it just doesn't work AHHH
i need spy sheriff gone.. are there any other methods?

I sucessfully removed spysheriff from my computer by system restore.

I want to remove this from my computer but that doesn't get out

how can I remove it from my computer? I try, but that doesn't go away.

Search under files and folders for this: heur000/dll. Delete this file also. I used SpyBot to find and fix my spyware issues yesterday.

Confused!
I was doing a casual search for spyware programs and was stunned to see all the warnings about spy sheriff.
I have been using Spy Sheriff for over a year and have to say that i have never had problems with the program (I thought) My system runs smoothly and Spy Sheriff has always kept spyware off my computer. NOW I AM WORIED! Reading others experiences and removal problems I decided to uninstall it, which I did very easily. It never effected my desktop settings nor my system restore. (I run WIN XP SP2 Zone Alarm, & Fixit Utilities. My Spysheriff program was downloaded from the Spy Sherriff website and is a fully working programme.
HELP.Am I being naieve? I thought I was reasonably experienced with computers but now I'm confused over the whole issue
Comments, thoughts anyone?

I got it yesterday from running an exe file from a warez site..
It killed my antivirus, the windows firewall and also removed my wallpaper..
I have eventually removed spy sherif, installed an antispyware and fixed my antivirus.

But still... the firewal (due to an unknown error windows cannot display the fiwall settings)
Destop wallpaper also messed up.

Those are small things, the true problem it caused is diferent. Ever since I got it my pc started to upload data with my full bandwith. I couldn't stop it, more than 600MB uploaded. I tried to kill all processes but the uploading continued.
I simply reformated my c: drive. Clean now.
Some people told me my pc was being used to send out ddos or mass spam...

I can't even start up Windows XP normally!
WTF!
I tried going to safe mode and made it and I deleted all the
SpySheriff files but I need to modify the registry
BTW I'm typing this on another computer
HELP!
chickenultra@gmail.com

Please help me. I have this stupid SpySheriff and it will not let me on the internet period. So I cannot use any of these great sounding "removal downloads". How do I get rid of it without downloading something? Is there something I could buy at a store? Thank you for any help.

hi! I would like to be a spy
i wish i was a spykids
you don't know me because i am not english people i am thai people
my name is phleung noppawan satnawet
you can call me phleung
i went to be a spy

hello ! sorry for my delay to reply to you ! because now i am in
guangzhou fair ,so some information is not detailed afther next week i will go back
and will contact with you !
best rgs
grace

How To Remover Hu ~~ can help newbie