SmitFraudFix

Discussion in 'spyware news and general information' started by NICK ADSL UK, Aug 10, 2008.

Thread Status:
Not open for further replies.
Page 2 of 2
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,504
    Location:
    UK
    Changelog:

    Version 2.406 (April 04, 2009)


    Added: Option 6, ProxyDisable.exe

    %WINDOWS%\ld03.exe
    %WINDOWS%\pp06.exe

    %SYSTEM%\winsource.dll

    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D263FA6D-84CC-48A8-9AF6-C664362B7A5B}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D263FA6D-84CC-48A8-9AF6-C664362B7A5B}]

    %USERPROFILE%\Application Data\Microsoft\Internet Explorer\Quick Launch\TSC.lnk
    %DESKTOP%\TSC.lnk
    %STARTMENU%\Programs\TSC\
    %PROGRAMFILES%\TSC\


    %SYSTEM%\userload.exe

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "restor"=-

    http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
     
    NICK ADSL UK, Apr 6, 2009
    #26
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,504
    Location:
    UK
    Changelog:

    Version 2.409 (April 17, 2009)


    %USERPROFILE%\Application Data\Microsoft\Internet Explorer\Quick Launch\homeantivirus2009.lnk
    %STARTMENU%\Programs\homeantivirus2009\
    %DESKTOP%\homeantivirus2009.lnk
    %PROGRAMFILES%\homeantivirus2009\

    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HomeAntivirus2009]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "HomeAntivirus 2009"=-

    http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
     
    NICK ADSL UK, Apr 18, 2009
    #27
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,504
    Location:
    UK
    Changelog:
    Version 2.412 (April 20, 2009)


    %HOMEDRIVE%\asasa.exe
    %HOMEDRIVE%\syst.exe
    %PROGRAMFILES%\Microsoft Security Adviser\

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "msctrl.exe"=-
    "msavsc.exe"=-
    "msscan.exe"=-
    "msiemon.exe"=-
    "msfw.exe"=-

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msctrl.exe"=-
    "msavsc.exe"=-
    "msscan.exe"=-
    "msiemon.exe"=-
    "msfw.exe"=-


    %ALLUSERS%\ApplicationData\Tally software LTD\
    %STARTMENU%\Programs\Extra Antivirus\

    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\uninstall\Extra Antivirus 3.0]
    [-HKEY_CURRENT_USER\Software\Tally software LTD]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Extra Antivirus"=-



    Version 2.411 (April 18, 2009)


    %STARTMENU%\Programs\AV AntiSpyware\
    %ALLUSERS%\ApplicationData\LastSun Ltd\

    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AV AntiSpyware 1.8]
    [-HKEY_CURRENT_USER\Software\LastSun Ltd]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AV AntiSpyware"=-



    Version 2.410 (April 18, 2009)


    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{36DBC179-A19F-48F2-B16A-6A3E19B42A87}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{36DBC179-A19F-48F2-B16A-6A3E19B42A87}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\load1]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{36DBC179-A19F-48F2-B16A-6A3E19B42A87}]

    %SYSTEM%\ipv6monl.dll


    [-HKEY_LOCAL_MACHINE\SOFTWARE\WiniBlueSoft]
    [-HKEY_CURRENT_USER\Software\WiniBlueSoft]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WiniBlueSoft]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WiniBlueSoft"=-

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "setup2.exe"=-

    %SYSTEM%\setup2.exe

    %USERPROFILE%\Application Data\Microsoft\Internet Explorer\Quick Launch\WiniBlueSoft.lnk
    %ALLUSERSTARTMENU%\Programs\WiniBlueSoft\
    %ALLUSERDESKTOP%\WiniBlueSoft.lnk
    %PROGRAMFILES%\WiniBlueSoft Software\

    http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
     
    NICK ADSL UK, Apr 25, 2009
    #28
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,504
    Location:
    UK
    Changelog:

    Version 2.413 (April 29, 2009)


    Update: WS2Fix v1.2


    %USER%\Application Data\pcdefender.exe
    %USER%\Application Data\svchost_32.exe

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "sysav"=-
    "dll32"=-

    %USERPROFILE%\Application Data\Microsoft\Internet Explorer\Quick Launch\Coreguard 2009.lnk
    %DESKTOP%\Coreguard 2009.lnk
    %STARTMENU%\Programs\Coreguard Antivirus 2009\
    %PROGRAMFILES%\Coreguard Antivirus 2009\

    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coreguard Antivirus 2009]
    [-HKEY_CURRENT_USER\Software\CoreGuard]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Coreguard Antivirus 2009"=-

    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VShield.DocHostUIHandler]
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Virus Shield 2009"=-

    http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
     
    NICK ADSL UK, Apr 30, 2009
    #29
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,504
    Location:
    UK
    Changelog:

    Version 2.417 (May 23, 2009)


    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Presto TuneUp"=-

    %WINDOWS%\pp10.exe
    %SYSTEM%\SYSDLL.exe

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "SYSDLL"=-



    Version 2.416 (May 06, 2009)


    %SYSTEM%\SYS32DLL.exe

    %PROGRAMFILES%\PCenter\

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "SYS32DLL"=-
    "agent.exe"=-

    http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
     
    NICK ADSL UK, May 23, 2009
    #30
  6. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,504
    Location:
    UK
    Changelog:

    Version 2.418 (June 2, 2009)


    Update: WS2Fix v1.3

    %USERPROFILE%\Application Data\Microsoft\Internet Explorer\Quick Launch\UnVirex.lnk
    %ALLUSERSTARTMENU%\Programs\UnVirex\
    %ALLUSERSTARTMENU%\Programs\UnVirex.lnk
    %ALLUSERDESKTOP%\UnVirex.lnk
    %PROGRAMFILES%\UnVirex\

    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\IEAddon.DLL]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C0E56Ac2-9F72-436E-B6E7-Aec28Af9E4Eb}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCB5551D-8594-4999-85F9-1E3EABCB95AC}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5B184B9D-B7BD-4FEA-8D1F-5E27182206A5}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3ED0E410-5C8E-47B6-A75D-D10B886E903C}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEAddon.StatusBarPane]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEAddon.StatusBarPane.1]

    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB5551D-8594-4999-85F9-1E3EABCB95AC}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UnVirex]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\UnVirex]
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DRVFLTIP]
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DrvFltIp]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DRVFLTIP]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DrvFltIp]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
    "UnVirex"=-

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "UnVirex"=-

    http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
     
    NICK ADSL UK, Jun 2, 2009
    #31
  7. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,504
    Location:
    UK
    Changelog:

    Version 2.419 (June 4, 2009)


    %DESKTOP%\XP Deluxe Protector.lnk
    %STARTMENU%\XP Deluxe Protector.lnk
    %USERPROFILE%\XP Deluxe Protector\

    [-HKEY_CURRENT_USER\Software\XP Deluxe Protector]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "xpprotect "=-

    http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
     
    NICK ADSL UK, Jun 4, 2009
    #32
  8. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,504
    Location:
    UK
    Changelog:

    Version 2.421 (June 10, 2009)


    %WINDOWS%\ld09.exe
    %PROGRAMFILES%\podmena

    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_PODMENA]
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_PODMENADRV]
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\podmena]
    [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\podmenadrv]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PODMENA]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PODMENADRV]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\podmena]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\podmenadrv]



    Version 2.420 (June 10, 2009)


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "mediacodec.exe"=-
    http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
     
    NICK ADSL UK, Jun 10, 2009
    #33
  9. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,504
    Location:
    UK
    Changelog:

    Version 2.422 (June 11, 2009)


    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5B1D95A2-F547-4e5e-8902-622B08354622}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5B1D95A2-F547-4e5e-8902-622B08354622}]

    %USERPROFILE%\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced Virus Remover.lnk
    %STARTMENU%\Advanced Virus Remover.lnk
    %DESKTOP%\Advanced Virus Remover.lnk
    %PROGRAMFILES%\AdvancedVirusRemover\

    [-HKEY_CURRENT_USER\Software\AVR]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Advanced Virus Remover"=-

    http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
     
    NICK ADSL UK, Jun 20, 2009
    #34
  10. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,504
    Location:
    UK
    Changelog:

    Version 2.423 (June 24, 2009)


    [-HKEY_CURRENT_USER\Software\ColdWare]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WinProtect"=-

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "winupdate.exe"=-
    "ColdWare"=-

    %SYSTEM%\AVR09.exe
    %SYSTEM%\msa.exe

    http://siri.geekstogo.com/ChangeLog.php
     
    NICK ADSL UK, Jun 26, 2009
    #35
Page 2 of 2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...