Help me with Smitfraud =[

[Panz3r.KFTL]

Well, I keep getting the Smitfraud-C virus/trojan. It pops up from
everywhere >_< It seems I can't even browse a web page without getting
it again. The only way I can fix it is by re-formatting. But the weird
thing is, it doesn't show any symptoms of Smitfraud. I don't get the
blue screen on my desktop, or a bunch of internet shortcuts, or any
error messages. I only know I have it because Spybot S&D detects it
and I have an svchost.exe in my Windows folder which I can't remove. I
want to get rid of it because last time, it got really annoying. It
just sat there for ages doing nothing then eventually ****ed up my
windows explorer before.

So how do I get rid of this before it pisses me off again? And don't
say "Use Google", I've Googled it up and nothing helps. Also,
SmitFraudFix doesn't help either.
There must be SOME way to remove this pest, I'm sure the creator of it
wasn't a genius.

 

[Gaz]

Well, I keep getting the Smitfraud-C virus/trojan. It pops up from
everywhere >_< It seems I can't even browse a web page without getting
it again. The only way I can fix it is by re-formatting. But the weird
thing is, it doesn't show any symptoms of Smitfraud. I don't get the
blue screen on my desktop, or a bunch of internet shortcuts, or any
error messages. I only know I have it because Spybot S&D detects it
and I have an svchost.exe in my Windows folder which I can't remove. I
want to get rid of it because last time, it got really annoying. It
just sat there for ages doing nothing then eventually ****ed up my
windows explorer before.

So how do I get rid of this before it pisses me off again? And don't
say "Use Google", I've Googled it up and nothing helps. Also,
SmitFraudFix doesn't help either.
There must be SOME way to remove this pest, I'm sure the creator of it
wasn't a genius.

Try superantispyware together with smitfraudfix (it does usually work). Get
hijack this and look through the processes, a good little trick for picking
up things that these programes dont get, is to check program files, and
order by date, check for newly installed programmes, do the same thing from
within common files within programe files, do the same in the windows folder
and in the windows system32 folder. Use google to search individual entrys
if they look odd and you are not sure....

Gaz

Gaz

 

[Panz3r.KFTL]

Oh nevermind. I looked at a site somebody was talking about on here,
and uploaded my svchost.exe (in Windows directory) to it and I finally
found out that it was actually Jeefo.

Now, call me paranoid, but I've been getting a strange message which
seems to be attempting to imitate IE's "Internet Explorer has
encountered an error and needs to close" error. The thing is, there's
some text missing, the "send error report" or whatever button isn't
there, and when I click "Close" on the error, nothing happens. I'm
wondering if this is "normal" or related to some sort of virus. Have a
look :

http://img151.imageshack.us/img151/1926/iejpgyc0.jpg

 

[Clark]

Well, I keep getting the Smitfraud-C virus/trojan. It pops up from
everywhere >_< It seems I can't even browse a web page without getting
it again. The only way I can fix it is by re-formatting. But the weird
thing is, it doesn't show any symptoms of Smitfraud. I don't get the
blue screen on my desktop, or a bunch of internet shortcuts, or any
error messages. I only know I have it because Spybot S&D detects it
and I have an svchost.exe in my Windows folder which I can't remove. I
want to get rid of it because last time, it got really annoying. It
just sat there for ages doing nothing then eventually ****ed up my
windows explorer before.

So how do I get rid of this before it pisses me off again? And don't
say "Use Google", I've Googled it up and nothing helps. Also,
SmitFraudFix doesn't help either.
There must be SOME way to remove this pest, I'm sure the creator of it
wasn't a genius.

Sorry for the direct link but that was the only option,
download from asquared (www.emsisoft.com)
http://download1.emsisoft.com/a2usb.zip
save it where you want, reboot to safe mode with networking, run it
(a2free.exe) update it (let it do the deep scan)
reboot when it's done.
That one works with most variants of Smitfraud,
if your ctl/alt/del and such are not working download Dial a fix.
http://wiki.lunarsoft.net/wiki/Dial-a-fix#Mirrors.2Fdownload_locations.2C_and_articles
choose policies untick, hide disabled policies, rescan and remove all,
(green checkmarks to the left)
let us know how you did.

Clark...

 

[Panz3r.KFTL]

From: <[email protected]>

| Oh nevermind. I looked at a site somebody was talking about on here,
| and uploaded my svchost.exe (in Windows directory) to it and I finally
| found out that it was actually Jeefo.

| Now, call me paranoid, but I've been getting a strange message which
| seems to be attempting to imitate IE's "Internet Explorer has
| encountered an error and needs to close" error. The thing is, there's
| some text missing, the "send error report" or whatever button isn't
| there, and when I click "Close" on the error, nothing happens. I'm
| wondering if this is "normal" or related to some sort of virus. Have a
| look :

|http://img151.imageshack.us/img151/1926/iejpgyc0.jpg

So you are saying that you uploaded %windir%\svchost.exe (maybe to Virus Total) and it was
declared as Jeefo ?

Can you please provide FULL facts.

Yes it was VirusTotal. There were about 33 results, and each either
said "Hidrag", "Jeefo" and "Powerman". From what I know they're all
the same thing. So I ran a little program to get rid of Jeefo and it
worked, no more errors. It also found more than 1000 infected exe's on
my comp which I guess explains why sometimes my programs decide not to
load and I need to re-extract or re-download them xD