SmitFraudFix and Zlob Removal

SmitFraud Removal
This tool will remove Desktop hijacking malware.

Firstly, download the removal tool from here:

http://siri.urz.free.fr/Fix/SmitfraudFix.exe

Disconnect from the internet to stop it from trying to reload itself on to your system.

Double-click SmitfraudFix.exe to run the first stage of the program.

On the first screen select 1 and hit Enter, this will create a report of the infected files.

The report can be found at the root of the system drive, which is usually located at C:\rapport.txt

Secondly, reboot into Safe Mode, keep tapping F8 key before Windows splash screen.

Double click the Smitfraudfix.exe and on the screen that opens type in 2 the hit Enter to delete any infected files.

You will then be prompted with ‘Do you want to clean the registry?’ Type Y and again hit Enter to remove the Desktop background and clean any registry keys that are associated with this infection.

The tool will then check to see if winnet.exe is infected. If it is you will be asked if you want to replace infected file? Type Y and again hit Enter to restore a clean file entry to the registry.

You may be required to reboot after the cleaning process, and you can then reconnect to the internet. A full report can be found on your root drive, usually C:\rapport.txt

Another option is to restore Trusted and Restricted sites, type in 3, hit Enter.

You will then be prompted with ‘Restore Trusted Zone?’ Type Y, hit Enter.

Some anti-virus programs detect process.exe as a ‘risk’. It is NOT a virus, it is a program used to stop system processes.

Zlob Removal
Download this file to your desktop
http://www.mvps.org/winhelp2002/DelDomains.inf

Close all browsers, right-click and select: Install

Disconnect from the internet.

This program doesn’t really install, it just clears all sites in the Domains and Ranges keys.

Afterward’s you will need to immunize again in SpyBotS&D and re-protect again with SpywareBlaster or re-install iespyadds if it’s installed, then the file itself (DelDomains.inf) can be safely deleted.

Simply use the Search or Find utility to locate it and delete it.

When your machine is clean, ensure that your Anti-Virus is up to date, I recommend that you use SpyWareGuard, SpyWareBlaster, CCleaner, and AdAware.

Free Registry Cleaner

Eusing Free Registry Cleaner is a free registry repair software that allows you to safely clean and repair registry problems with a few simple mouse clicks. It offers a simple, user-friendly interface with which you can safely repair invalid entries in your Windows Registry.

For maximum safety, Eusing Free Registry Cleaner will make a backup of the repaired entries. You will be able to restore any changes made using the software by choosing Restore registry backup.

Windows Registry problems are a common cause of many Windows crashes and error messages.

Registry problems can occur for many reasons, including references left behind after uminstalling programs, incorrect removal of software, missing or corrupt hardware drivers or orphaned start-up entries.

Eusing Free Registry Cleaner will scan your registry for invalid or obsolete information and provide a list of the errors found.

The list can be quite comprehensive, I would therefore recommend that when you have scanned, look carefully at the list and right click on those you want excluded and click on Select None of Type or Add to Ignore List.

You may find that some programs do not function fully after using any Registry Cleaner. All you have to do is open up the Eusing program and in the user interface click on ‘Restore Previous Registry’.

Scans and Cleans the following:

· Custom Controls
· Software Locations
· Windows Fonts
· Invalid Help Files
· Shared Dlls
· Startup Programs
· Add/Remove Programs
· File Extensions
· History List
· Invalid Application Path
· Sound And AppEvents
· Windows Services
· Invalid Paths

Download Here

Runs on: Windows 9x/Me/2000/XP/2003/Vista

This program is free for personal use and also supports the following languages: Afrikaans, Chinese, Dutch, English, Finnish, French, German, Italian, Japanese, Norwegian, Polish, Spanish, Turkish.

Lavasoft Ad-Aware 2007 Free Edition

Lavasoft believe that every individual, regardless of
economic status or geographic location, should have the
power to control their individual privacy and security.
Lavasoft is the original anti-spyware company, and they are
still delivering the best protection today. After all, over
300 million computer users around the world can’t be wrong!

With the ability to scan your RAM, Registry, hard drives,
and external storage devices for known data-mining,
advertising, and tracking components, Ad-Aware 2007 easily
can clean your system, allowing you to maintain a higher
degree of privacy while you surf the Web.

Ad-Aware 2007 includes a redesigned engine, improved code
sequence identification, incremental definition updates,
one-click Web-history cleanup, multiple browser support,
and other new features.

One of the first applications built to find and remove
adware and spyware, Ad-Aware 2007 maintains Lavasoft’s
excellent reputation.

The interface features two skins and six tabs in the. The
first two, Status and Scan, initiate file scans for adware.
After scanning is complete, the program presents a results
summary, followed by a line-item list from which you can
select which components to remove. There is also an option
to create a system restore point. Right-clicking an
individual entry gives some information about suspected
adware.

The third button offers real-time defenses but only in the
paid version. Web Update, the next button, controls
definition file updates. The fifth button, Tools and Plug-
ins, shows you which plug-ins are installed and controls
TrackSweep, the new browsing tracks cleaner. TrackSweep is
the only free function here. Smoothly integrated into the
application, it wipes the cache, cookies, and history, and
other traces left by browsing.

Settings is last, and provides access to auto-scans,
browsers, scanning, the interface, and log files. The
application does an excellent job of removing most malware
components. Despite the restrictions on the free edition,
this is a fully functional adware remover, and Ad-Aware
2007 should be part of your defence system.

More Key Features
User-Controlled Spyware Removal - Decide for yourself what
to delete from your system and what to keep.

Extensive Detection Database - Stay protected with regular
updates from the extensive library of identified and
analyzed spyware.

System Restore Point - Easily revert back to your clean
system to recover from a spyware attack.

Surf the Internet with peace of mind and let Ad-Aware
shield you from dangerous intruders and prying eyes.

Preserve your computer investment with regular scans to
identify and remove malicious applications that eat up
memory and steal bandwidth so your computer runs as
smoothly as the day you bought it.

At present it is not compatible with Windows Vista, which
can install the program, but it sometimes crashes or hangs
during scans. A Vista-compatible edition will be released
in August 2007.

Download it free from here:
http://www.lavasoftusa.com/products/ad_aware_free.php

Note: Ad-Aware 2007 Free is free of charge for personal
home use only. Commercial use is prohibited. For real-time
protection and advanced options, paid versions are
available from Lavasoft at www.lavasoft.com.

Zone Alarm Install Guide - Updated & In-Depth

The following instructions only apply if you are installing
Zone Alarm for the very first time. These instructions are
NOT for the people who already have Zone Alarm installed on
their computers, and are upgrading to the latest version.

1. Create a New Folder on your desktop and Rename it to
Downloads. By doing this you will have one central
location for all programs that you download. When you
download any program DO NOT select ‘Run’, select ‘Save’ and
when you have saved it scan it with an anti-virus program.
I recommend the use of AVG AntiVirus which I have covered
in another post.

2. Go to the following thread
http://www.zonelabs.com/zadownload and select ‘I only want
basic ZoneAlarm protection’ and then proceed to download
ZoneAlarm. Download it into the folder named Downloads, BUT
DO NOT install it until you have followed the instructions
below.

3. Once you have downloaded your version of ZoneAlarm to
your Desktop Folder, disconnect from the Internet. If you
use Cable or DSL Modem, disconnect it and close any other
running programs apart from your basic programs to run
Windows. This includes the Windows Firewall. To find out
what Applications are running go to Task Manager
(Control+Alt+Delete). Look for Applications, make sure there
are NO Applications running. If they are, use the End Task
Button. To disable the Windows Firewall go to your Control
Panel, switch it to Classic View then double click on
Windows Firewall and then click the ‘Off’ button.

4. Go into your Control Panel, on top of the screen you
will see Tools, click on it, then another tab will show up
and click on Folder Options, in the new panel that opens
click on View. Scroll down to where it says Hidden Files
and Folders, put a dot or check-mark in the box that says,
“Show hidden files and folders”, then REMOVE the check mark
from the next two boxes that say the following,” Hide
Extensions for known file types” and “Hide protected
operating system files (Recommended)”. Drop down to bottom
of panel and click Apply. Now go to the top of the panel
and click on “Apply to All Folders”, click Yes in new
window then click OK in Folder Options panel. This way all
your folders will show the change. Close the control Panel.

5. Make sure you have completely removed any other
vendor’s firewall product you were currently using ie:
Norton, McAfee etc. Now for those of you who are installing
the Zone Alarm Security Suite or Zone Alarm Anti-Virus, the
very same applies, make sure you have completely removed
any other anti-virus product you were currently using. If
you are using AVG Anti-Virus and/or Spybot Search & Destroy
you can safely ignore them. If the program has an Uninstall
feature please use that, if not go to your Control Panel
and select Add/Remove Programs and select each item
individually and select Remove. Do NOT reboot if prompted
to.

You then need to ensure that there are no Registry keys
or Files left behind. Click on Start, then Search or Find,
and select Files. Make sure that the location box is set to
search your local hard drive (usually C or All Local
Drives. XP users: set Advanced search options to search ALL
files and folders! Type in Norton or Symantec etc. then
wait for search to complete. If any items show up simply
right click and Delete. Then double click MY COMPUTER,
double click on C (if that is your main drive) and you will
have a window of Folders open. Locate the Program Files
folder and double click to open it and you will then have a
list of all of your Program Files. Look for any folder that
has your old Firewall or Anti-Virus name on it, right click
on the folder and select Delete. Once you have done this,
click the Back button at the top locate and and double
click on the Windows folder. This will open a panel of all
of you Windows Files, scroll down to find the one named
Prefetch. Double click it to open then go to the Edit Tab
at the top and click on it, scroll down to Select All, left
click on it and all of the files will be highlighted. Then
go to File (beside Edit) click on it scroll down and select
Delete. You will get a pop-up message ‘Are you sure you
want to send these XXXX items to the Recycle Bin’. Click
Yes, this will remove the items out of the Prefetch Folder.
Now close the window to return to your desktop. Go to your
Recycle Bin, right click and select Empty Recycle Bin.

Now, I will try to explain to you how to find any stray
Registry Keys in your Registry. First of all backup your
Registry. Go to Start, Run and type in regedit click on OK
and the Registry Editor will then open. Go to the top Tabs
and click on File, scroll down until you see Export, left
click it and this will open Export Registry File window.
Save this file to your desktop and in the File Name box
enter Registry Backup File. Click on Save and it should now
be on your desktop. Verify the file is a good copy, in the
Registry Editor window click on File, select Import, in new
panel where it says ‘Look in’ select desktop and then click
on your saved file then click ‘Open’. Once it says it has
been read in successfully, you have a good backup.

Now to edit the Registry go to the Edit Tab at the top
left click it, scroll down until you see Find, left click
it, another panel will pop up, it will ask you Find What,
type in Norton, Symantec, Mcafee or whatever Firewall or
Anti-Virus vendor you were using before installing
ZoneAlarm. After you have typed the name, make sure that
there are checkmarks in all of the boxes - Should be 4
blocks, Keys, Values, Data, and Match Whole String Only -
then go back to where you typed in Norton, Symantec, etc
then click on ‘Find Next’. The search will locate Folders
in the left panel and strings in the right pane. Ignore the
right pane strings and keys values, look for the
highlighted Folder in the left pane, right click on it and
select ‘Delete’, click ‘Yes’ on pop-up window then hit your
F3 keyboard button and it will continue to search the
Registry, delete any Folders it finds in the left pane and
continue until a pop-up says Finished searching through the
registry. Exit the Registry Editor.

6. Now go back to your desktop to where you have
downloaded and saved your copy of ZoneAlarm and install it.

7. Let ZoneAlarm configure your Program Settings. The
reason for this is that there is a very good possibility
that when you manually install the Program Settings,
something may not get properly installed, which may cause
major problems with your installation of ZoneAlarm. Later
if you decide you do not want a specific program in your
Programs Control Panel, then remove it. If it is required,
you will get a balloon alert about it allowing or
disallowing it. That’s your decision. I have always done
this, never had a problem by letting Zone Alarm configure
my settings.

8. When the installation is complete, reboot your system
and connect back on to the Internet, making sure all your
other programs are activated this includes ZoneAlarm and
the ones that you had disabled, especially your Cable or
DSL Modems. These should all automatically restart after
rebooting.

9. Final step..go back to Start > Control Panel and if
necessary switch it to Classic View. Locate the folder
named ‘Folder Options’ and double click it. In the ‘View’
tab go to Hidden files and folders and click the radio
button ‘Do not show hidden files and folders’ and place
ticks in the following two boxes, ‘Hide extensions for
known file types’ and ‘Hide protected operating
systemfiles(Recommended)’.

For additional in-depth information click on the following
link:
http://download.zonelabs.com/bin/media/pdf/zaclient70_user__
manual.pdf

I will upload a ZoneAlarm tutorial on the full
installation in a few days.
ZoneAlarm will walk you through the setup when you install
it.

If you have any questions please leave a comment and I will
get back to you asap.

CCleaner - clear your browsing history safely

I have covered this previously, but have added some new
information to this.

CCleaner is a freeware system optimization and privacy
tool. It removes unused files from your system - allowing
Windows to run faster and freeing up valuable hard disk
space by automatically cleaning the cache when run. It also
cleans traces of your online activities such as your
Internet history. It also only takes a few seconds to run
and remove these unwanted files from your pc.

There have been over 55 million downloads of this program

http://www.filehippo.com/download_ccleaner/

Internet Explorer
Temporary files, URL history, cookies, Autocomplete form
history, index.dat.

Firefox
Temporary files, URL history, cookies, download history.

Opera
Temporary files, URL history, cookies.

Windows
Recycle Bin, Recent Documents, Temporary files and Log
files.

Registry cleaner
Advanced features to remove unused and old entries,
including File Extensions, ActiveX Controls, ClassIDs,
ProgIDs, Uninstallers, Shared DLLs, Fonts, Help Files,
Application Paths, Icons, Invalid Shortcuts and more…
also comes with a comprehensive backup feature

Third-party applications
Removes temp files and recent file lists (MRUs) from many
apps including Media Player, eMule, Kazaa, Google Toolbar,
Netscape, MS Office, Nero, Adobe Acrobat, WinRAR, WinAce,
WinZip and many more…

This software does NOT contain any Spyware, Adware or
Viruses.

I set mine up as follows:
Click on the Cleaner Tab on the left and under Windows I
tick all boxes in Internet Explorer, Windows Explorer and
System. Under Advanced tick only the first 2 boxes. Then
click on the Applications tab and tick all.

Issues tab:
Unless you are competent at dealing with the registry then
leave this one alone and DO NOT run it.

If you wish to run the Issues to clean the Registry, carry
out the following first:

Backup your Registry. Go to Start, Run and type in regedit
click on OK and the Registry Editor will then open. Go to
the top Tabs and click on File, scroll down until you see
Export, left click it and this will open Export Registry File
window. Save this file to your desktop and in the File Name
box enter Registry Backup File.
Click on Save and it should now be on your desktop.
Verify the file is a good copy, in the Registry Editor
window click on File, select Import, in new panel where it
says ‘Look in’ select desktop and then click on your saved
file then click ‘Open’. Once it says it has been read in
successfully, you have a good backup.
Now if you find that some programs are no longer running
in the way that they should, restore your Registry as detailed
above. CCleaner will also create backup copies of your Registry
and I suggest that if you do choose to run the Registry Issues
untick all of the boxes and tick one box at a time and run each
one separately.

Tools tab:
Here you will find a list of Uninstall options to remove
programs from your pc, use with caution. I prefer to use
the Add/Remove function or the programs own uninstaller.

Startup:
Lists all programs that are set to run when you boot up,
if you are unsure about deleting any of these then leave it
as it is.

Options tab:
Settings - Choose your language, untick Run CCleaner when
the computer starts, tick the next 3 boxes, then look at
the Secure Deletion, tick the radio button ‘Secure file
deletion (Slower) and set it to NSA (7 passes)

Cookies - entirely up to the individual, but I don’t save
any cookies.

Custom - You can drag and drop files or folders into the
window or browse for them and on the next run they will be
securely deleted.

Advanced - Untick boxes 1-3 tick all others.

Finally click on the Cleaner tab on the left and you have
the option to Analyze or Run Cleaner. When you are
comfortable using this program you won’t use Analyze, but
initially do use it to see what can be deleted and the
approximate size of files to be deleted.

Important
This will remove any saved passwords and usernames that
you have, so make sure that you have a copy of them all
before proceeding to clean.

http://www.filehippo.com/download_ccleaner/

Windows Media Player tutorial:

http://www.a1-ebooks.co.uk/tutorials/CCleanerSetup.wmv

Open a text document, enter the URL, username and
password, save this to floppy, external drive or print it
off. Do NOT save this text file to your hard drive.

There is an excellent program for saving your passwords
etc available from http://www.roboform.com/
I will cover this in more detail another time.

As always, back-up your system or create a restore point
before making any changes.

To your safety and security online
cotojo

MRU-Blaster Guide

MRU-Blaster is a program that does one large task - detect and clean the MRU (most recently used) lists on your computer.

This program is Freeware, although donations are accepted

goto: http://www.javacoolsoftware.com/mrublaster.html

Download this program, I suggest that you place a NewFolder on your Desktop and rename it 'Downloads'. You can then download the various programs that I pass on to you in one central location, and always make back up copies.

The additional plug-ins are described below and allow you to clean out your Temporary Internet Files and Cookies. MRU-Blaster enhances the protection of your privacy!

MRU-Blaster setup: Take care setting this up.

When installed go to Settings and tick boxes1,3,4,6,7,8,9, & 10 on the left hand side.
Tick boxes 3,5,6, 7 & 8 on right hand side, then Save Setting.

Click on 'Go To Plugins' then click cookie blaster. Do not save any cookies as they are used to monitor your internet activity.

Click on 'IE Temporary Internet File Cleaner', tick EnableSecure Deletion of Files and click radio button 'Specify a custom number of passes and set to 7. Then save Settings & Run Now.
Using this program frequently only takes a few seconds and removes traces of the Most Recently Used (MRU) lists on your PC. These lists contain details of the name/locations of the files you have accessed. Traces of these are left scattered through your registry and unless removed are there for all to find.

One very important thing - do NOT save your passwords on your hard drive and do NOT tick the boxes asking to remember your login details.
Open any text document and type in the URL, Username and Password for each site that you have a password for, save this to either a floppy disc, flash drive, or other removable media, Do NOT save this text file on your hard drive।

I will cover another program for using secure passwords in the near future.

goto: http://www.javacoolsoftware.com/mrublaster.html

Safe surfing everyone
cotojo

Protect Your PC and Privacy

You may think that you are reasonably safe as you surf the net, but windows has many gaping flaws that do not protect your privacy, and it it far too easy for a hacker to gain access to your privacy and others to harness your ISP etc. There are some simple steps outlined below which will allow you to surf much safer, as well as guiding you through various tweaks to help you.

Set a Restore Point or back-up your PC FIRST!

I have been using AVG free Anti-Virus for many years and install it as first choice on other peoples machines.
Get yours here: http://free.grisoft.com/doc/avg-anti-virus-free/lng/us/tpl/v5

Ad-Aware Personal remains the most popular anti-spyware product for computer users around the world, with nearly one million downloads every week.
http://www.lavasoft.de/products/ad-aware_se_personal.php

Also worth using is ZoneAlarm free firewall available from http://www.zonealarm.com/store/content/company/products/znalm/freeDownload.jsp

SpywareGuard, SpywareBlaster and MRU-Blaster available for free from http://www.javacoolsoftware.com/products.html

The only thing that I would actually PAY for is XoftSpy, and it is only a one off payment with lifetime updates, and a free scan so you can test it and see what it finds.
It's availabe at http://www.linkbrander.com/go/34613

Also check your PC for free at http://pcpitstop.com/

Without your knowledge or explicit permission, the Windows networking technology which connects your computer to the Internet may be offering some or all of your computer's data to the entire world at this very moment! You can check your open Ports, File Sharing etc for Free at http://www.grc.com/default.htm
Simply scroll down the page to *Hot Spots* and click on ShieldsUp.

Finally for now, I would also recommend the use of CCleaner (formerly Crap Cleaner) is a freeware system optimization and privacy tool. It removes unused and temporary files from your system - allowing Windows to run faster, more efficiently and giving you more hard disk space. The best part is that it's fast! (normally taking less than a second to run) and Free. Cleans the following:
Internet Explorer Cache, History, Cookies, Index.dat.
Recycle Bin, Temporary files and Log files.
Recently opened URLs and files.
Third-party application temp files and recent file lists (MRUs). Including: Firefox, Opera, Media Player, eMule, Kazaa, Google Toolbar, Netscape, Office XP, Nero, Adobe Acrobat, WinRAR, WinAce, WinZip and more...
Advanced Registry scanner and cleaner to remove unused and old entries. Including File Extensions, ActiveX Controls, ClassIDs, ProgIDs, Uninstallers, Shared DLLs, Fonts, Help Files, Application Paths, Icons, Invalid Shortcuts and more... Backup for registry clean.
Windows Startup tool.
http://www.filehippo.com/download_ccleaner/

Hope that some of this is of some use to you.
Have a good day all
http://www.linkbrander.com/go/35000
http://www.linkbrander.com/go/33862
http://www.linkbrander.com/go/33863

Any problems then feel free to leave a comment and I will get back to you asap.