I run spybot to remove this smitfraud-c.generic trojan, but everyday it returns!
Why can't Spybot destroy it for good??
Please help me kill this trojan on my PC for good!
Thanks....

Hello,

Which Spybot-S&D version do you have?
Which operating system do you have?
Do you have installed the latest updates?

Best regards
Sandra
Team Spybot

I have spybot 1.6.2.46 and ALL the latest updates are installed.
I am using Win 7 ultimate 64 bit.
I use the Fix problem and it removes the Smitfraud, but after the next system reboot Spybot finds Smitfraud is back again!
Help me get rid of this trojan please.
Thanks...

Wow thanks for all the help!
PC Tools Spyware Doctor with antivirus removed several other threats INCLUDING Smitfraud-C.generic !!
Spybot could NOT remove Smitfraud and didnt even detect the other threats.
GOODBYE Spybot!
(application removed)

I had the exact same problem. Running Spybot would detect Smitfraud-C generic and remove it but it would come back. I am running the latest Spybot with the latest definitions.

My PC appeared to be running fine and was very fast even with this infection. I had no clue it was on my system. I was not experiencing any outward signs of infection

I ran Hitman Pro and it detected some sort of rootkit infecting my PC. I downloaded TDSSkiller from Kaspersky and ran that in safe mode and it killed the problem.

I followed that running Spybot in safe mode and it picked up the Smitfraud again but it was able to not clean it after having run TDSSkiller first.

System all clean now!

Hello,

Did you open Spybot with a right click and choose "run as administrator/take ownership" (http://www.safer-networking.org/en/faq/42.html)?

Best regards
Sandra
Team Spybot

No I did not, I double clicked the Spybot icon in the systray and ran it from there.

I will remember to do it your way in case trouble ever strikes, hoping it doesn't :)

spybot 1.6.2.46 2/1/2012 db.
Win7 64bit premium.

Ran in safe-mode as Admin. Finds it, removes it. I run it again and its there.

Is not able to permanently remove it. Any ideas? Thanks.

Hello,

Please run a scan in safe mode (http://www.computerhope.com/issues/chsafe.htm).
That should fix it.

Best regards
Sandra
Team Spybot

Thanks for fast reply.

As stated earlier, I have ran it in safe mode as admin several times.

It finds it, cleans it. Without even rebooting, if I run it again it will find it again.

I am in safe mode.

Hello,

Can you post what is being found here?

Best regards
Sandra
Team Spybot

Smitfraud-C.generic: [SBI $5926A588] Executable (File, nothing done)
C:\Windows\svchost.exe
Properties.size=20480
Properties.md5=2CEFF13ACE25A40BD8D97654944297CD
Properties.filedate=1247534086
Properties.filedatetext=2009-07-13 20:14:45


--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2011-04-22 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2012-01-16 Includes\Adware.sbi (*)
2012-01-31 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2010-12-14 Includes\Dialer.sbi (*)
2011-11-29 Includes\DialerC.sbi (*)
2012-01-31 Includes\HeavyDuty.sbi (*)
2011-03-29 Includes\Hijackers.sbi (*)
2011-10-04 Includes\HijackersC.sbi (*)
2010-09-15 Includes\iPhone.sbi (*)
2010-12-14 Includes\Keyloggers.sbi (*)
2012-01-24 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2012-01-10 Includes\Malware.sbi (*)
2012-01-31 Includes\MalwareC.sbi (*)
2011-02-24 Includes\PUPS.sbi (*)
2011-12-27 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2011-02-24 Includes\Security.sbi (*)
2011-12-13 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2012-01-17 Includes\Spyware.sbi (*)
2012-01-17 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2011-09-28 Includes\Trojans.sbi (*)
2012-01-31 Includes\TrojansC-02.sbi (*)
2012-01-30 Includes\TrojansC-03.sbi (*)
2012-01-30 Includes\TrojansC-04.sbi (*)
2012-01-30 Includes\TrojansC-05.sbi (*)
2012-01-30 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

Thanks.

I am having the same problem with the Smitfraud-c.generic trojan in C:\\Windows\svchost.exe. I am running the latest version of Spybot on a laptop running Windows 7 Home Version. I have run Spybot several times as administrator in Safe Mode. Each time I run it, it finds the trojan, then says it removes it, and when I reboot, it is still there. The only thing it seems to be doing is preventing me from opening Google.com and is constantly trying to access a website which my Trend Micro software is blocking as a "web threat". I have tried running several virus scan programs, and either they do not find anything or they find it, say the remove it, and it is still there. What can I do short of wiping my drive?

Only thing that worked was rebuilding the PC.
I saw Microsoft Security Essentials on http://www.snapfiles.com.
It is free software from Microsoft. Seems very powerful. It identified and
removed a few things no other software had. But that was after the fact.

Try it. It might work.