Virtumonde and Smitfraud-C

system · 2007-12-22T16:42:33.000Z

Why doesn’t avast detect smitfraud? And is there and easy fix to this? a removal tool?

I found something to help and am working on it now … but was still curious … I found vundofix v.6.7.7 and smitfraud fix by s!ri…

Thanks,

trek

Lisandro · 2007-12-22T17:00:05.000Z

It does some types of it…
Did you Google smitfraud and virtumonde keywords?
How did you manage to get clean from them?

Maxx_original · 2007-12-22T19:35:27.000Z

some undetected variants were reported by SNOWHITE… i’ll forward them to someone from our team

polonus · 2007-12-22T21:59:43.000Z

Hi Maxx_original,

Small wonder that is, because smitfraud and affiliates has been changing so often, that some private blokes had to give up writing cleansing tools for all these many variants of these desktop hijackers,

polonus

Maxx_original · 2007-12-22T22:16:11.000Z

polonus: the cleaning means also fixing the registry etc… what i’m talking about is a try to make some generic detection to stop the smit/vundo before it spreads over the system… i’ve made many vundo detections before and hopefully new variants should have similar weaknesses… the biggest problem is, that someone who’s infected often does a quasi-manual cleaning, but does not store the files and unfortunately does not send them to us… i’m grabbing vundo related files from virtotal, but that’s not fast enough…

polonus · 2007-12-22T22:29:25.000Z

Hi Maxx_original,

That seems great to be able to stop it in its tracks before it can do any harm, because it means nastiness as it is enabled to run, and there is a whole malware clan responsible for this hijackers on user’s boxes.

polonus

FreewheelinFrank · 2007-12-23T07:47:56.000Z

trekwatcher post:1:

Why doesn’t avast detect smitfraud? And is there and easy fix to this? a removal tool?

I found something to help and am working on it now … but was still curious … I found vundofix v.6.7.7 and smitfraud fix by s!ri…

Thanks,

trek

Use SmitFraudFix and a good anti-spyware with registry scan like Spybot Search & Destroy.

http://www.safer-networking.org/index2.html

system · 2007-12-23T15:01:08.000Z

Tech post:2:

It does some types of it…
Did you Google smitfraud and virtumonde keywords?
How did you manage to get clean from them?

Actually, I had other appointments yesterday … so, I will still be working on it today … I am keeping my fingers crossed that what I found will work. Otherwise, I might need outside help. But thanks for asking…

system · 2007-12-23T15:02:14.000Z

Maxx_original post:3:

some undetected variants were reported by SNOWHITE… i’ll forward them to someone from our team

That sounds good … some detection would be better then none … the computer keeps going wacky with pop ups.

system · 2007-12-23T15:04:57.000Z

FreewheelinFrank post:7:

trekwatcher post:1:

Why doesn’t avast detect smitfraud? And is there and easy fix to this? a removal tool?

I found something to help and am working on it now … but was still curious … I found vundofix v.6.7.7 and smitfraud fix by s!ri…

Thanks,

trek

Use SmitFraudFix and a good anti-spyware with registry scan like Spybot Search & Destroy.

http://www.safer-networking.org/index2.html

Thank you … actually that is what I am using … I hope to finish today and hopefully that will work. It is indeed very time consuming.

Announcements