Smitfraud-C Removal and removal steps questions

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Gauge, Jan 17, 2007.

  1. Gauge

    Gauge Private E-2

    I am working on my Dad's computer in his office and I have a few questions BEFORE I run CCleaner. I am in the process of following the "Read and run this before posting" but I want to make sure of a few things first. When I run CCleaner am I to let it clean all the cookies as well? I know that there are a few sites that my Dad goes to on a regular basis and I am afraid that it will wipe out cookies that he needs. Could someone please advise?
     
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    While cookies are not really problems to be concerned with, it is better to let CCleaner remove them so that the other scans don't take as long to run. In addition it can tremendously reduce the size of logs that have to be read. So yes clean cookies but you can first just tell Ccleaner which cookies to keep. It is part of the features which you should learn to use and configure.

    Be careful with Spybot and SmitFraud-C. Lately I have been seeing it remove rundll32.exe which you do not want to do. Also if you truly have SmitFraud, you should run one of the special removal procedures (mentioned in the READ ME). Like one (only one) of the below:

    SpywareStrike, Smitfraud, SpySheriff, SpyAxe & PSGuard Removal

    SpywareQuake & SpyFalcon Removal Procedure
     
  3. Gauge

    Gauge Private E-2

    Spybot is the one that detected Smitfraud-C on this computer. I have had Spybot detect the Smitfraud-C before on this computer.

    So, am I to follow the Special removal instructions FIRST before going through the Read & Run Me First procedures?

    That might sound a bit on the dim side, but I am trying to get this right without mistakes.
     
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Yes I know that. I was just warning you that I have seen Spybot incorrectly delete rundll32.exe which is a valid Windows process and it was not infected. This was done while it was supposedly fixing Smitfraud-C. See the below thread for one example! You will see we had to restore the file from Spybot's backups.

    http://forums.majorgeeks.com/showthread.php?t=113394


    Yes! Since you have indicated SmitFraud type problems it would be best to do that first. Smitfraud is one of the many malware problems that exist, that will not be removed by any standard cleaning processes or scanners (even if purchased from a large company). It has always required many removal and use of special tools.
     
  5. Gauge

    Gauge Private E-2

    Thank you for all of your help. The special removal instructions seem to have worked very well.

    Let's just hope that this thing stays away now.
     
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member


MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds