SmitFraudFix 2.423
- Type:
- Applications > Windows
- Files:
- 1
- Size:
- 1.8 MiB (1885088 Bytes)
- Tag(s):
- SmitFraudFix siri.geekstogo.com
- Uploaded:
- 2009-06-29 17:47 GMT
- By:
- olofolleola4
- Seeders:
- 0
- Leechers:
- 1
- Info Hash: E7156D30AA681A1CCE2BB865BBF47FBBF4673C1A
Copied from SmitFraudFix Homepage: This tool removes Desktop Hijack malware: Advanced Antivirus Advanced Virus Remover AdwarePunisher AdwareSheriff AlphaCleaner AntiSpyCheck AntiSpyware Expert Antispyware Soldier AntiVermeans AntiVermins AntiVerminser AntiVirGear Antivirus 2009 Antivirus 2010 Antivirus 360 AntiVirus Lab 2009 Antivirus Master Antivirus Sentry Antivirus System Pro Antivirus XP 2008 AntivirusGolden AV Antispyware AVGold Awola BraveSentry Coreguard Antivirus Extra Antivirus HomeAntivirus 2009 IE Defender IE-Security Internet Antivirus Malware Defender 2009 MalwareCrush MalwareWipe MalwareWiped MalwaresWipeds MalwareWipePro MalwareWiper Micro Antivirus 2009 MS AntiSpyware 2009 MS Antivirus PC Protection Center 2008 Personal Defender 2009 PestCapture PestTrap Power Antivirus Power-Antivirus-2009 PSGuard quicknavigate.com RegistryFox Registry Cleaner Renus 2008 Security iGuard Smart Antivirus 2009 Smitfraud SmitFraudFixTool Spy Protector SpyAxe SpyCrush SpyDown SpyFalcon SpyGuard SpyHeal SpyHeals SpyLocked SpyMarshal SpySheriff SpySoldier Spyware Guard 2008 Spyware Protect 2009 Spyware Vanisher Spyware Soft Stop SpywareLocked SpywareQuake SpywareKnight SpywareRemover SpywareSheriff SpywareStrike Startsearches.net System Antivirus 2008 System Guard 2009 TheSpyBot TitanShield Antispyware Total Protect 2009 Total Secure 2009 Trust Cleaner Ultimate Antivirus 2008 UpdateSearches.com UnVirex Virtual Maid Virus Heat Virus Protect Virus Protect Pro VirusBlast VirusBurst VirusRay Virus Remover 2008 Virus Shield VirusResponse Lab 2009 VirusTrigger Win32.puper WinHound WinPC Defender WiniBlueSoft Vista Antivirus 2008 WinDefender 2009 XLG Security Center XP Deluxe Protector XP Security Center XPert Antivirus XP Police Antivirus Brain Codec ChristmasPorn DirectAccess DirectVideo EliteCodec eMedia Codec EZVideo FreeVideo Gold Codec HQ Codec iCodecPack IECodec iMediaCodec Image ActiveX Object Image Add-on IntCodec iVideoCodec JPEG Encoder Key Generator LookForPorn Media-Codec MediaCodec MMediaCodec MovieCommander MPCODEC My Pass Generator NetProject Online Image Add-on Online Video Add-on PCODEC Perfect Codec PowerCodec PornPass Manager PornMag Pass Pornovid PrivateVideo QualityCodec Silver Codec SearchPorn SexVid SiteEntry SiteTicket SoftCodec strCodec Super Codec TrueCodec VideoAccess VideoBox VidCodecs Video Access ActiveX Object Video ActiveX Object Video Add-on VideoCompressionCodec VideoKeyCodec VideosCodec WinAntiSpyPro WinMediaCodec X Password Generator X Password Manager ZipCodec WinCoDecPRO Use: * Search: o Double-click SmitfraudFix.exe o Select 1 and hit Enter to create a report of the infected files. The report can be found at the root of the system drive, usually at C:rapport.txt * Clean: o Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually) o Double-click SmitfraudFix.exe o Select 2 and hit Enter to delete infect files. o You will be prompted: Do you want to clean the registry ? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection. o The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file ? answer Y (yes) and hit Enter to restore a clean file. o A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:rapport.txt * Optional: o To restore Trusted and Restricted site zone, select 3 and hit Enter. o You will be prompted: Restore Trusted Zone ? answer Y (yes) and hit Enter to delete trusted zone. Note: process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool". It is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user. System requirements: Win2K, WinXP joedanger is NOT involved with Smitfraudfix in any way! This tool was created by S!Ri, and is available for FREE. ED2K Link: ed2k://|file|SmitfraudFix.exe|1885088|A6CD34D035B25D8FED4AE0CEF7730BF9|h=RLLZQ64BC47BO7SF3WBA4A37LGFT3VKF|/ Changelog: Version 2.423 (June 24, 2009) [-HKEY_CURRENT_USERSoftwareColdWare] [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "WinProtect"=- [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "winupdate.exe"=- "ColdWare"=- %SYSTEM%AVR09.exe %SYSTEM%msa.exe Version 2.422 (June 11, 2009) [-HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{5B1D95A2-F547-4e5e-8902-622B08354622}] [-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{5B1D95A2-F547-4e5e-8902-622B08354622}] %USERPROFILE%Application DataMicrosoftInternet ExplorerQuick LaunchAdvanced Virus Remover.lnk %STARTMENU%Advanced Virus Remover.lnk %DESKTOP%Advanced Virus Remover.lnk %PROGRAMFILES%AdvancedVirusRemover [-HKEY_CURRENT_USERSoftwareAVR] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "Advanced Virus Remover"=- Version 2.421 (June 10, 2009) %WINDOWS%ld09.exe %PROGRAMFILES%podmena [-HKEY_LOCAL_MACHINESYSTEMControlSet001EnumRootLEGACY_PODMENA] [-HKEY_LOCAL_MACHINESYSTEMControlSet001EnumRootLEGACY_PODMENADRV] [-HKEY_LOCAL_MACHINESYSTEMControlSet001Servicespodmena] [-HKEY_LOCAL_MACHINESYSTEMControlSet001Servicespodmenadrv] [-HKEY_LOCAL_MACHINESYSTEMCurrentControlSetEnumRootLEGACY_PODMENA] [-HKEY_LOCAL_MACHINESYSTEMCurrentControlSetEnumRootLEGACY_PODMENADRV] [-HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicespodmena] [-HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicespodmenadrv] Version 2.420 (June 10, 2009) [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "mediacodec.exe"=- Version 2.419 (June 4, 2009) %DESKTOP%XP Deluxe Protector.lnk %STARTMENU%XP Deluxe Protector.lnk %USERPROFILE%XP Deluxe Protector [-HKEY_CURRENT_USERSoftwareXP Deluxe Protector] [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "xpprotect"=- Version 2.418 (June 2, 2009) Update: WS2Fix v1.3 %USERPROFILE%Application DataMicrosoftInternet ExplorerQuick LaunchUnVirex.lnk %ALLUSERSTARTMENU%ProgramsUnVirex %ALLUSERSTARTMENU%ProgramsUnVirex.lnk %ALLUSERDESKTOP%UnVirex.lnk %PROGRAMFILES%UnVirex [-HKEY_LOCAL_MACHINESOFTWAREClassesAppIDIEAddon.DLL] [-HKEY_LOCAL_MACHINESOFTWAREClassesAppID{C0E56Ac2-9F72-436E-B6E7-Aec28Af9E4Eb}] [-HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CCB5551D-8594-4999-85F9-1E3EABCB95AC}] [-HKEY_LOCAL_MACHINESOFTWAREClassesInterface{5B184B9D-B7BD-4FEA-8D1F-5E27182206A5}] [-HKEY_LOCAL_MACHINESOFTWAREClassesTypeLib{3ED0E410-5C8E-47B6-A75D-D10B886E903C}] [-HKEY_LOCAL_MACHINESOFTWAREClassesIEAddon.StatusBarPane] [-HKEY_LOCAL_MACHINESOFTWAREClassesIEAddon.StatusBarPane.1] [-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{CCB5551D-8594-4999-85F9-1E3EABCB95AC}] [-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallUnVirex] [-HKEY_LOCAL_MACHINESOFTWAREUnVirex] [-HKEY_LOCAL_MACHINESYSTEMControlSet001EnumRootLEGACY_DRVFLTIP] [-HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesDrvFltIp] [-HKEY_LOCAL_MACHINESYSTEMCurrentControlSetEnumRootLEGACY_DRVFLTIP] [-HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesDrvFltIp] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsUser AgentPost Platform] "UnVirex"=- [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "UnVirex"=- Version 2.417 (May 23, 2009) [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] "Presto TuneUp"=- %WINDOWS%pp10.exe %SYSTEM%SYSDLL.exe [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] "SYSDLL"=- Version 2.416 (May 06, 2009) %SYSTEM%SYS32DLL.exe %PROGRAMFILES%PCenter [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] "SYS32DLL"=- "agent.exe"=- Version 2.415 (April 30, 2009) O2 - BHO: (no name) - {3B7AAEB1-9F3D-4491-9C06-C7165CA8D058} - C:Program FilesApplicationsiebt.dll [-HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{3B7AAEB1-9F3D-4491-9C06-C7165CA8D058}] [-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3B7AAEB1-9F3D-4491-9C06-C7165CA8D058}]