Help W/ SpySheriff & W2.Spybot.Worm

[mslyric]

Both SpySheriff & W2.Spybot.Worm have been found on my computer.

The spysheriff just recently came up in a scan after I had tried the removal process for the w2.spybot.worm.

I have disabled sys restore
update def. & did a full scan, then deleted all infected files
deleted any values related to those files that were added to the registry.
and also looked for 0 byte files which I did not find any.

i restarted and the w2.spybot.worm showed up again in another file. So I ran another scan which is when the SpySheriff was found.
I deleted the file through AVG. But Believe I am still infected.

 

[kitty500cat]

Hello and welcome to TechSpot.

You should reenable system restore and have it set a new restore point so that, if anything goes wrong during cleaning, you have something to look back on. Don't disable system restore again until your system is clean.

Very important: Before deciding whether to clean or reformat your system, read this thread and decide what you want to do.

If, after reading the above thread, you decide to clean your system, read the Viruses/spyware/malware, preliminary removal instructions. Follow all the instructions exactly, then post fresh HJT, ComboFix, and AVG Antispyware logs as attachments into this thread. Also post here the results of the AVG Antirootkit scan.

Regards

This thread is for the use of mslyric only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.

 

[Tedster]

the FAQs tell you how to remove spysherriff.

 

[howard_hopkinso]

Hello and welcome to Techspot.

Follow the instructions given by kitty500cat exactly, then post the requested logfiles.

Regards Howard :wave: :wave:

This thread is for the use of mslyric only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[mslyric]

I have completed all the steps in the link above. I believe that I am free of viruses/spyware/ect.
Turns out I was really infected. Below is what all was found and removed.

Dropper.VB.lu
Trojan.Proxcra.K.A
Hijacker.Befins.b
Downloader.Small.itv


I have the latest log from hijackthis attached to the post.
I haven't saved any logs from the other programs. Should I do another scan with AVG AS and post that log?

 

[howard_hopkinso]

It appears you`re running more than one antivirus programme. This is not recommended. I recommend you uninstall Symantec/Norton as per the instructions in this post HERE.

You need to post the following logfiles.

Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

Also, let me know the results of the AVG Antirootkit scan.

Regards Howard

This thread is for the use of mslyric only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.