What Is SmitFraud?

Malware Basics

• Malware, or malicious software, can refer to viruses, spyware and adware: it's a blanket term for programs and processes that infect your computer. In general, viruses have the ability to copy themselves and spread from one computer to another (hence their name); adware automatically downloads or displays advertising without the user's consent; and spyware covertly collects information from the user's computer. SmitFraud, using loose definitions, could be classified as all three.

How SmitFraud Is Installed

• SmitFraud is installed on computers through adware processes that are bundled along with specious downloads. Fake codecs (programs that allow various incompatible audio and video files to be playable on your computer) such as PCodec, VideoKeyCodec and BrainCodec bundle SmitFraud adware, as do many music and file downloads from torrent sites. After downloading and installing programs that bundle SmitFraud adware, SmitFraud is then installed without the user's consent or knowledge.

How SmitFraud Operates

• SmitFraud generates fake error messages warning users that their computer is "at risk" or "infected" with spyware, adware or viruses. The error messages also offer specific fake security tools to scan and remove the infections. Many versions of SmitFraud even turn the user's desktop background into a version of the infamous "Blue Screen of Death," the alarming-looking error screen that Windows often presents after a system crash.

Fake Security Programs

• Fake programs a user could opt to download and install based on SmitFraud warnings include Spyware Quake, SpyLocked, SpySheriff, Spydawn and Spyaxe. A system scan, similar to other antivirus and anti-spyware programs, is initiated for free; at the end of the scan, numerous fake infections are detected, but won't be "deleted" until the user buys the full version of the program.
  In general, before downloading any type of security software, do a simple web search to make sure the software is legitimate.

Removing SmitFraud

• SmitFraud is one of the hardest types of malware to eliminate in that it plants numerous infections across your computer, and it has a tendency to "re-spawn" entirely if even one of these infections is left active. The website Tech-Faq suggests three programs to use in conjunction in order to eliminate SmitFraud: SmitRem, SmitFraudFix and RogueRemover. The first two deal specifically with the removal of SmitFraud, while RogueRemover is a wider-ranging application for removing fake security software (see Resources).
  After downloading and installing each program, restart your computer in Safe Mode. To do this, as soon as your computer boots up again, start tapping the F8 key. The Windows Advanced Boot Options menu will appear; using the arrow keys, select Safe Mode from the menu and press Enter. (If, after tapping F8, you're presented with a "keyboard error," restart again and try tapping it a little later.)
  Once Windows boots up in Safe Mode, open the SmitRem folder and run the file RunThis.bat. Then, run SmitFraudFix and perform a system scan. Finally, run RogueRemover.