Tutorial SmitfraudFix

Par S!Ri

Utilisation – english version

SmitfraudFix fixes DesktopHijack-like infections: Smitfraud, Win32.puper, AVGold, Security iGuard, Spyware Vanisher, quicknavigate.com, updateSearches.com, startsearches.net, Virtual Maid, SpySheriff, PSGuard, SpyAxe, WinHound, SpyFalcon, AlfaCleaner, SpywareStrike…

SmitfraudFix, a tool for Windows 2000 and XP, has got 3 separate options:
– option #1 displays infected Smitfraudwise files (run option #2 in case of displayed files).
– option #2 deletes infected files and is to be run if option #1 showed their presence.
This operation is to be performed in Safe mode.
– option #3 is independent and will be run to re-initialize the Trusted and Restricted Sites zones (O15 lines on a HijackThis log).
This option must not be run by chance as protection information might be in this Restricted Site zone!

Given the recent random file names, this step must be part of an infected hard disk file removal procedure and a system cleaning by Ewido or similar.

Download SmitfraudFix.
Extract all the smitfraudfix.zip archive.

SmitfraudFix files

SmitfraudFix files

Option 1 – Search:
Double-click smitfraudfix.cmd
Select 1 and hit Enter to create a report of the infected files. The report can be found at the root of the system drive, usually at C:\rapport.txt.



Option 2 – Clean:
Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually).
Double-click smitfraudfix.cmd.
Select 2 and hit Enter to delete infect files.
You will be prompted: Do you want to clean the registry ? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file ? answer Y (yes) and hit Enter to restore a clean file.
A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt.

SmitfraudFix : registry cleaning

SmitfraudFix : registry cleaning

Option 3 – restore Trusted and Restricted site zone:
To restore Trusted and Restricted site zone, select 3 and hit Enter.
You will be prompted: Restore Trusted Zone ? answer Y (yes) and hit Enter to delete trusted zone (lines HijackThis O15).

process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a “RiskTool”. It is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between “good” and “malicious” use of such programs, therefore they may alert the user (see Command Line Process Viewer/Killer/Suspender).


DownLoad – S!Ri -> http://siri.urz.free.fr/Fix/SmitfraudFix.zip
– Geeks to Go -> http://siri.geekstogo.com/SmitfraudFix.zip
– Zebulon.fr -> https://telechargement.zebulon.fr/smitfraudfix.html
Tutorial -> http://siri.urz.free.fr/Fix/SmitfraudFix.php or http://siri.geekstogo.com/
ChangeLog -> http://siri.urz.free.fr/Fix/ChangeLog.php

DevelopersS!Riballtrap34 and mOe (CCM)
Thanks to ipl_001

Notifier de
2 Commentaires
plus ancien
plus récent Le plus populaire
Commentaires en ligne
Voir tous les commentaires

voulant essayer ce logiciel il me dit que ma version de windows est pas bonne (xp pro)
voir ci-contre:

SmitFraudFix v2.40

Version non supportée.

Windows 2000 / XP requis !

Unsupported Version.

Windows 2000 / XP required !

Appuyez sur une touche pour continuer…


Après avoir suivi les 3 étapes de ce tutorial l'icone est toujours présente et aucun logiciel anti-virus ou anti-spyware ne décèle une anomalie. Y a-t-il une autre solution pour se débarraser de cette icone ? Merci

Nous serions ravis d'avoir votre avis, laissez un commentaire !x