XP - I'm removing Smitfraud-C.gp & .Core Service, Win32.Agent.pz, Zlob.DNSChanger.Rtk

Discussion in 'Malware Help (A Specialist Will Reply)' started by inventorgrissom, Apr 9, 2008.

  1. inventorgrissom

    inventorgrissom Private E-2

    I'm attempting to remove these found by SpyBot in Safe Mode:

    (1) Smitfraud-C.CoreService
    (6) Smitfraud-C.gp
    (8) Win32.Agent.pz
    (1) Zlob.DNSChanger.Rtk

    I think there may be many more as I have just recovered from a totally blue screen with nothing but a spyware ad dead center. All restore points disappeared except for those starting from the exact time I contracted the malware and the TaskManager was disabled. Avast and SpyBot went nuts in the middle of this loaded StumbleUpon Simpson's video and I couldn't keep up with all the Avast and SpyBot windows popping up so I pulled the plug -- too late.

    I downloaded Smitfraudfix.exe and was reading your steps to follow when I began wondering if I'm going about this the right way given so many malwares got past my fully updated defenses.

    What fix programs would you recommend and in what sequence should I run them?
     
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Re: XP - I'm removing Smitfraud-C.gp & .Core Service, Win32.Agent.pz, Zlob.DNSChanger

    Welcome to Major Geeks!

    Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

    READ & RUN ME FIRST. Malware Removal Guide
     
  3. inventorgrissom

    inventorgrissom Private E-2

    Re: XP - all malware removed ok but lost administrative and user accounts

    Everything is back to normal now (all malware was removed via this website) but on boot it no longer stops at the sign-on window for selection of what used to be one administrator or one user to choose from.

    Is there a fix for this?

    Note: all previous restore points disappeared during the malware removal process and there is no backup or restore CD. I'm a MAC user and this is my roommates 1.5 year old Dell PC w/XP Home.
     
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Re: XP - I'm removing Smitfraud-C.gp & .Core Service, Win32.Agent.pz, Zlob.DNSChanger

    Can you not go to the control panel and click on users and see what is listed?

    I really would like to see the logs from the instructions to have an idea as to what is going on.
     
  5. inventorgrissom

    inventorgrissom Private E-2

    Re: XP - I'm removing Smitfraud-C.gp & .Core Service, Win32.Agent.pz, Zlob.DNSChanger

    Thanks Tim, I didn't know that was in the Control Panel. Within "User Accounts" my roommate has been upgraded to "Administrator" (a good thing) and the previous administrator account no longer exist. There is only one account now with the exception of a "Guest" which is "turned off".

    I guess that explains why it no longer stops at a login window because she never used a password for her account (assuming). This is ok -- we're happy with that so..

    That means I've been chasing the wrong problem which is WHY Flash Player 9 won't install from the Adobe website. Netscape 7.0 installed fine immediately before that. There is a Flash Player installation troubleshooting checklist on the Adobe site that I need to finish. I had stopped at the step where it said that I may not have the administrative privilege necessary to install Flash Player and I already knew I had a new problem in that area.

    I'll come back and update after I finished that Adobe checklist.

    UNRELATED QUESTION: I saved the link to that Simpson's video that contained the rogue "MasterSpywareKiller" program and a gazillion other nasty things embedded within that got past my newly updated Avast. Let me know if you would like to have that link for testing. I will try to find a place on the Avast website for feedback. I don't want to post the link in here because somebody might accidentally use it.

    Thank you for all the help Tim! Remember that I am a published cartoonist and if there's anything Major Geeks or you need along those lines -- just ask! I like giving back.
     
  6. inventorgrissom

    inventorgrissom Private E-2

    All Problems Resolved

    In Internet Explorer's managing add-on's I RE-enabled Active-X for Flash and Active-X for WindowsUpdate which solved those last two installation problems.

    Thank you EVERYONE!
     
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member


MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds