Lingering Smitfraud-c.core service and recurring Virtumonde generic
My existing malware removal thread (http://forums.spybot.info/showthread...160#post135160) helped me remove the visible problems bothering my computer, i.e., popups, slowness and other interruptions. Kaspersky online scan and Norton AV showed it clean. Only remaining issues are:
1. Spybot finds but cannot fix Smitfraid-c.coreservices registry key.
2. Spybot fixes Virtumonde generic but it keeps coming back.
Are these harmless (though annoying) vestiges only?
Thanks in advance.
Regards,
Charlie
chasm:
While you are receiving help in the Malware Removal forum, it is not advisable to seek help elsewhere. Please wait for a response to your thread there.
Thanks
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz IntelŪ PentiumŪ 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
Sorry
My helper at Malware Removal referred me to this forum when my problem was reduced to only Spybot S & D finding problems.
Close this if you wish.
chasm
Hi chasm.
- switch Spybot S&D into advanced mode
- navigate to tools - view reports
- check all boxes
- click view report button to create the report
- export the report to a textfile and attach the file to your next post
If the file is too big to attach here, send it to: detections(AT)spybot.info (Replace AT with @) and include links to your topics.
Cheers.
Microsoft MVP Reconnect 2018-
Windows Insider MVP 2016-2018
Microsoft Consumer Security MVP 2006-2016
Hi Tashi,
Report is 221 KB so I'll e-mail it separately.
Subsequent S&D run showed only unfixable Smitfraud core services reg key. Virtumonde Generic is not always present.
Regards,
Charlie
Hello,
Ok. I have e-mailed you back twice.
But you are sending another report without any comments or refering to the things that i wrote.
Without any cooperation or communication a can't help you, sorry.
Your log is clean.
Further you have cut the beginning, so we can't see what item of Smitfraud is found.
Probably this was a false positive.
Please download the latest detection update (2007/11/14):
http://www.safer-networking.org/en/download/index.html
This should fix it.
Or choose the direct installation file:
http://www.safer-networking.org/upda...d_includes.exe
Best regards
Sandra
Team Spybot
Puzzled
My apologies for the long intervals between posting: my access to my daughter's computer (the problem computer) was limited. As far as following your direction,
1. I downloaded the spybot updates as soon as I received them and reran with the same result, i.e., unfixable Smitfraud-C.CoreServices registry key.
2. I cannot explain the 'cutting' of the Spybot log; I did not edit them; I merely attached them. I ran the reports after running Spybot 'Fix Problems' was run. Since then I have run it again before attempting to fix the problem and there appears at the beginning of the log the following:
--- Search result list ---
Microsoft.WindowsSecurityCenter_disabled: [SBI $2E20C9A9] Settings
(Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start
Smitfraud-C.CoreService: [SBI $C0D676DB] Settings (Registry key,
nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\core
Smitfraud-C.CoreService: [SBI $B462702A] Settings (Registry key,
nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\core[/B]
This is followed by what looks like the previous reports I've sent you.
If you're interested, I'll send that log.
Charlie
Posting Permissions
Reply With Quote