Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Smitfraud & Other Infections In New Pc

  • Please log in to reply
1 reply to this topic

#1 John S.

John S.

  • Members
  • 10 posts
  • Local time:08:01 AM

Posted 05 December 2006 - 10:34 AM

I recently purchased a new Dell computer running XP Media Center which came with a bundled security suite, Trend-Micro PC-Cillin, which includes antivirus and firewall, both of which are active and up to date.

I also installed all the recommended Windows security updates (including MS IE7) from the Microsoft site. I disabled the Microsoft firewall as running two firewalls simultaneously is supposed to be a bad thing, per the instructions.

The machine has the Google tool bar, and another one from PeoplePC, my current ISP. (OK, I use dial-up at home - no snide remarks, please!)

I've gotten windows that pop up advertising some bogus antivirus product, and on occasion got a red circle-and-slash symbol replacing my cursor that pretty much kept me from doing anything while the malware downloaded, beyond pulling the connection. :thumbsup:

I installed Panicware's pop-up stopper (which reduced, but didn't eliminate, the popups) and added AdAware SE, WinPatrol10, Spywareblaster 3.5.1, and Spybot S&D. AdAware found a bunch of stuff (mostly tracking cookies) that I deleted, and Spybot found a LOT of malware. SS&D deleted all but something called "Smitfraud-C.Toolbar888" which remains. I also cleared out the TEMP file.

Last night I was surfing, and all of a sudden my system had a couple of popups which I closed . . . but "something" kept downloading even though I closed my browser. I pulled the connection again, and did a SS&D scan . . . more malware, including the bogus winantivirus garbage. Apparently got rid of it all again except Smitfraud-C.Toolbar888. :flowers:

Before posting a Hijackthis log in the proper forum I'll follow steps in the guide ("Preparation Guide For Use Before Posting A Hijackthis Log") but was wondering if there's anything else I should do now, like ditching the Trend Micro security and going back to the Norton Antivirus / Zone Alarm combo I was using before on my homebuilt W2K box, which NEVER gave me these problems, or should I do something else?

Needless to say, after clearing things out, my #1 priority will be to prevent re-infection . . .

Edited by John S., 05 December 2006 - 10:36 AM.

BC AdBot (Login to Remove)


#2 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 52,077 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:01 AM

Posted 05 December 2006 - 11:50 AM

Smitfraud-C.Toolbar888 could be a false positive by Spybot that was previously reported.
See Post #3 here: http://forums.spybot.info/showthread.php?t=8668

As for replacing your anti-virus, see BC's List of Virus & Malware Resources.
See BC's Freeware Replacements For Common Commercial Apps.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users