Re: smitfraudfix failed

"Tommy McClure" <tmDELccDEL72AThalDASHpcDOTorg> wrote in
news:487cf52e$0$9832$a726171b@xxxxxxxxxxxxxxx:

Dustin Cook wrote:
"Tommy McClure" <tmDELccDEL72AThalDASHpcDOTorg> wrote in
news:487cc59c$0$9834$a726171b@xxxxxxxxxxxxxxx:

Dustin Cook wrote:
"Tommy McClure" <tmDELccDEL72AThalDASHpcDOTorg> wrote in
news:48513cfd$0$9834$a726171b@xxxxxxxxxxxxxxx:

I am trying to get the smitfraud popups off an xp pro machine,
went to safe mode and ran the fix.
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php

on reboot it was still popping up [in browser along with other ads
(each in their own browser) , did not have the traditional system
popup for smitfraud that I have seen before ] , internet access is
shakey, cannot download AV updates

have run aaw2008 wo updates found lots of troj downloaders,
deleted supposedly. PC still slow on bootup, Also ran AVG 7.5 wo
updates. Popup browser ads still come up with main feature
something like super master antispyware needed on your sys [not
exact wording or descrip, master key word] -- IE6 browser crashes
freq. Can get one page usually google.com. Machine has 8 users in
family of girls. They have MySpace running as a process.

Any suggestions, this one has me stumped. Any appreciated.

Tried malwarebytes antimalware?
http://www.malwarebytes.org

Malwarebytes is the smallest of these "anti" programs. Yet when I
ran it on my own machine in normal mode, it crashed. Had to use Safe
Mode. Then it tagged my log off in Start Menu as a threat.

If you'd like to create an account at the malware bytes forum, we
would be very interested in determining what caused the crash. As the
free version doesn't remain resident, I'm unsure how it could tag
anything you might click on as a threat...

This is all ancient history, I got the smitfraud off long ago [~1wk]
using ST, and Spysweeper, but Spysweeper was too tight on security
to allow the cust to play partypoker, so he's using ST as a shield
now. Never tried MB on his machine.

Ahh, I see. Sorry for jumping into the discussion so late then. I've
had my nose in spyware samples and service panels for weeks now.

I have a "friend" that claims getting it off is easy, he's done it
dozens of times, just takes the registry keys off. He's the same one
that claims he's put AVG 8.0 free on dozens of them also and no slow
downs.

Well, typically, it's not too difficult for an experienced individual
to remove it. We've found more intrusive software, much more
intrusive, and downright difficult to remove due to the rootkit
aspects some are now exploiting. I've put AVG 8.0 free on many
machines as well, but I can't say that no slow downs were reported.
Some of the machines I installed it on didn't take too well to it, so
I switched them to Antivir; which has a higher detection rate anyway;
for 0day samples.

Don't mean to sound skeptical, but I looked at those "registry
entries" for Antiv XP, 2009, there's only a couple of them reported.
The cases I had didn't even have those entries. So, if somebody was
removing it that way, I have to wonder. I certainly wouldn't say that
it would be more difficult than rootkits, that's silly.

I know for a few very old malware samples, if you changed the keys, and
rebooted; you'd neuter the malware. That's not the case these days, and
with the ones you mention specifically it's alot more complicated.

You have every right to be skeptical of anyone who tells you to just deal
with the registry.

Malware isn't everyones cup of tea, and many of the old tricks some
techies use just don't work well at removing the stuff.

Anyways, if you have a problem like this in the future, the forums
Dave suggested would be more likely to help than posting here.

Amazingly, i have anticipated this, and amazingly again, I have
searched the other forums and do so regularly. Also, there are many in
this forum that do appreciate some of the real details of hands on
wars with malware. Also, there are many including yourselves that may
have some advice useful to myself, its almost self explanatory

fair enough. knowledge is power and all that.


--
Regards,
Dustin Cook - http://bughunter.it-mate.co.uk
BugHunter v2.2e AntiMalware Removal Utility
For Windows users, I highly recommend:
http://www.malwarebytes.org - MalwareBytes AntiMalware

.

Relevant Pages

  • Re: smitfraudfix failed
    ... on reboot it was still popping up [in browser along with other ads ... Popup browser ads still come up with main feature something like ... Malwarebytes is the smallest of these "anti" programs. ... If you'd like to create an account at the malware bytes forum, ...
    (alt.comp.anti-virus)
  • Re: OT: Weird Internet Problem
    ... closing and restarting my browser. ... webpage and everything else on the webpage will show up except that. ... It quickly became clear that I am the ONLY person on the forum who can't see ... Obviously, there's a parser involved. ...
    (sci.electronics.design)
  • OT: Some tips on using Windows PCs
    ... Malware is just another ... I'm on record as being a fan of Windows XP, but that is a personal thing and ... Disabling cookies, popups, and activeX in your Browser is not the answer. ... simply Registry cleaners and are actually more dangerous than good. ...
    (comp.lang.cobol)
  • Re: Infected with something - need some hekp please
    ... is/was/are my malware shields. ... I run Windows Live Mail as my desktop mail client, ... There were a couple of issues I wanted to raise in the support forum, ... Download and execute HiJack This! ...
    (microsoft.public.security.virus)
  • Re: IE6 - MSHTML.DLL browser keeps crashing!
    ... It is also possible that you have some form of malware on your system. ... In addition to updating and running your AV, download, install and run the programs below in Safe Mode with Hidden Files enabled. ... CastleCops HiJackThis Forum ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
Loading