Re: Help me with Smitfraud =[

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Oh nevermind. I looked at a site somebody was talking about on here,
and uploaded my svchost.exe (in Windows directory) to it and I finally
found out that it was actually Jeefo.

Now, call me paranoid, but I've been getting a strange message which
seems to be attempting to imitate IE's "Internet Explorer has
encountered an error and needs to close" error. The thing is, there's
some text missing, the "send error report" or whatever button isn't
there, and when I click "Close" on the error, nothing happens. I'm
wondering if this is "normal" or related to some sort of virus. Have a
look :

http://img151.imageshack.us/img151/1926/iejpgyc0.jpg

Re: Help me with Smitfraud =[


| Oh nevermind. I looked at a site somebody was talking about on here,
| and uploaded my svchost.exe (in Windows directory) to it and I finally
| found out that it was actually Jeefo.

| Now, call me paranoid, but I've been getting a strange message which
| seems to be attempting to imitate IE's "Internet Explorer has
| encountered an error and needs to close" error. The thing is, there's
| some text missing, the "send error report" or whatever button isn't
| there, and when I click "Close" on the error, nothing happens. I'm
| wondering if this is "normal" or related to some sort of virus. Have a
| look :

|
http://img151.imageshack.us/img151/1926/iejpgyc0.jpg

So you are saying that you uploaded %windir%\svchost.exe (maybe to Virus Total)
and it was
declared as Jeefo ?

Can you please provide FULL facts.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Help me with Smitfraud =[

wrote:
Quoted text here. Click to load it

Yes it was VirusTotal. There were about 33 results, and each either
said "Hidrag", "Jeefo" and "Powerman". From what I know they're all
the same thing. So I ran a little program to get rid of Jeefo and it
worked, no more errors. It also found more than 1000 infected exe's on
my comp which I guess explains why sometimes my programs decide not to
load and I need to re-extract or re-download them xD

Re: Help me with Smitfraud =[




| Yes it was VirusTotal. There were about 33 results, and each either
| said "Hidrag", "Jeefo" and "Powerman". From what I know they're all
| the same thing. So I ran a little program to get rid of Jeefo and it
| worked, no more errors. It also found more than 1000 infected exe's on
| my comp which I guess explains why sometimes my programs decide not to
| load and I need to re-extract or re-download them xD

Use the following Multi AV Scanning Tool to make sure all are removed.

Download MULTI_AV.EXE from the URL --
http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe

http://www.pctipp.ch/downloads/dl/35905.asp

English:
http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free /

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go
through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal
Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the
PC.

You can choose to go to each menu item and just download the needed files or you
can
download the files and perform a scan in Normal Mode. Once you have downloaded
the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode
[F8 key
during boot] and re-run the menu again and choose which scanner you want to run
in Safe
Mode.  It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive
PDF help
file.

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * *   Please report back your results  * * *


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Site Timeline