Fix and remove Smitfraud

Today my computer got infected by “Smitfraud” spyware. The type of computer pest that can really annoys and irritates any PC users by showing fake security alerts:

your computer have been infected by viruses, PC users using cheap and uncool anti-virus softwares, buy our software only, your computer is so slow, our software can make your PC faster than hell, your PC need Viagra…… and the never ending torment.

See other samples.

The annoyances doesn’t stop there, “Smitfraud” will install and manifest itself deep inside your Windows system files and registry, installing junk softwares, running in the background service, appear in Add/Remove registry, animated icons in taskbar and manipulate system files. Clicking on one of these fake security alerts will either bring you to a home page where you can purchase other fraudulent software or will install automatically, without your permission.

Smitfraud properties:

  • Changes browser settings
  • Connects itself to the internet
  • Hides from the user
  • Stays resident in background

Luckily, I have this cool spyware removal tool that I always keep in case I needed it. It is by far the best and more effective than other spyware removal tool in the market.

I’m talking about “SmitfraudFix” tool and available for free. It doesn’t cost you anything to effectively remove the spyware. This tool was created by S!Ri and all he asked for a voluntary donations. I think the author/creator should be credited for such great tool and contribute financially to further support his long term effort, to keep this tool alive and future updates.

Download:

Use this URL to download the latest version (the file contains both English and French versions):

Mirrors: Alternate official download locations for Smitfraudfix.exe

How To Use

Search:

  • Double-click SmitfraudFix.exe
  • Select 1 and hit Enter to create a report of the infected files. The report can be found at the root of the system drive, usually at C:\rapport.txt

Using Smitfraud with CMD

Clean:

  • Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually)
  • Double-click SmitfraudFix.exe
  • Select 2 and hit Enter to delete infect files.
  • You will be prompted: Do you want to clean the registry? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
  • The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file ? answer Y (yes) and hit Enter to restore a clean file.
  • A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt

Cleaning process

Optional:

  • To restore Trusted and Restricted site zone, select 3 and hit Enter.
  • You will be prompted: Restore Trusted Zone ? answer Y (yes) and hit Enter to delete trusted zone.

Note:

process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a “RiskTool”. It is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between “good” and “malicious” use of such programs, therefore they may alert the user.

Small command line utility to view, kill, suspend or set the priority and affinity of processes. Great tool to help you when dealing with process running in the background. Download here.

Leave a Reply

Your email address will not be published. Required fields are marked *

Next Post

Canon Rock

Mon Nov 19 , 2007
Neo-classical metal is a subgenre of the heavy metal music heavily influenced by classical music in its style of playing and composing. It implies a very technical performance and the use of elements borrowed from classical music and/or by famous classical music composers. JerryC started the “Canon Rock” phenomenon. “Canon […]
jerryc canon rock

Related