pcindanger.com SPYWARE REMOVAL AND PROTECTION | HOME
Spyware!

Smitfraud. Removal Help

What is Smitfraud?
Smitfraud infection installs itself into a computer without any user notice. It can be noticed by Blue Screen of Death - error screen displayed by Microsoft Windows. Smitfraud will display fake system error or security alert messages to scare PC user forcing him to buy assumed spyware protection software. Some of Windows important files can be replaced with infected ones. It is recommended to remove Smitfraud infection as soon as it has been detected.
Screenshot:

Smitfraud
How to remove Smitfraud
Tip. Manual spyware removal is a complicated and unadvisable procedure for inexperienced user. Pcindanger is suggesting automated and secure Smitfraud removal:

1. Download "Spyware Doctor".

2. Install program on your computer (how to install Spyware Doctor?).

3. To perform computer scan press Start Scan button. Wait till scan is over and report is generated.

4. Proceed by pressing Fix Checked button to delete Smitfraud.

5. Need Spyware + Virus protection? Download Spyware Doctor with AntiVirus.
Smitfraud Entries
The following dll files are created: advsort.dll, iereport.dll, mssms.dll, ossmart.dll, tlhelp.dll, vpnconfig.dll, wmpdev.dll, wmphost.dll.
The following exe files are created: intel32.exe, intell321.exe, m00.exe, policyverifier.exe, printer.exe, PSGuard.exe, svchost.exe, SYSMONMS.EXE, wincrt.exe, winntify.exe, zloader3.exe.
Hijackthis Entries:
O4 Entries
O4 - HKCU\..\Run: [autoload] C:\WINDOWS\system32\drivers\svchost.exe
O4 - HKCU\..\Run: [autorun] C:\Documents and Settings\[username]\svchost.exe
O4 - HKLM\..\Run: [bal] C:\Program Files\WinMsg\SYSMONMS.EXE
O4 - HKLM\..\Run: [FX] C:\Documents and Settings\[username]\Desktop\m00.exe
O4 - HKLM\..\Run: [intel32.exe] C:\WINDOWS\system32\intel32.exe
O4 - HKLM\..\Run: [intell321.exe] C:\WINDOWS\system32\intell321.exe
O4 - HKLM\..\Run: [P.S.Guard] C:\Program Files\P.S.Guard\PSGuard.exe
O4 - HKLM\..\Run: [Printer] C:\WINDOWS\system32\printer.exe
O4 - HKLM\..\Run: [PSGuard spyware remover] C:\Program Files\PSGuard\PSGuard.exe
O4 - HKLM\..\Run: [PSGuard] C:\Program Files\PSGuard\PSGuard.exe
O4 - HKLM\..\Run: [Windows Critical Alert] "C:\WINDOWS\system32\wincrt.exe"
O4 - HKLM\..\Run: [WindowsFZ] C:\WINDOWS\zloader3.exe

O21 Entries
O21 - SSODL: advsort - {Random CLSID} - C:\WINDOWS\advsort.dll
O21 - SSODL: iereport - {5A50E6E8-64AA-400D-BF2D-22A046F8A5A4} - C:\windows\iereport.dll
O21 - SSODL: mssms - {1427183A-8A2E-45B5-AA2A-D9228700B9C8} - C:\WINDOWS\mssms.dll
O21 - SSODL: ossmart - {Random CLSID} - C:\WINDOWS\ossmart.dll
O21 - SSODL: tlhelp - {Random CLSID} - C:\WINDOWS\tlhelp.dll
O21 - SSODL: vpnconfig - {Random CLSID} - C:\WINDOWS\vpnconfig.dll
O21 - SSODL: wmpdev - {Random CLSID} - C:\WINDOWS\wmpdev.dll
O21 - SSODL: wmphost - {Random CLSID} - C:\WINDOWS\wmphost.dll

O23 Entries
O23 - Service: Windows Notification Service (Winnotify) - Unknown owner - C:\WINDOWS\System32\winntify.exe

Other Entries
C:\Windows\policyverifier.exe
Bookmark this page


Tutorial by pcindanger.com. All data on pcindanger.com copyrighted. Contact us: webmaster@pcindanger.com
© 2007