SmitFraudFixTool falls short compared to the real thing

Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

BleepingComputer.com > General Topics > News

SmitFraudFixTool falls short compared to the real thing

Options

Grinler View Member Profile	Feb 20 2009, 07:16 PM Post #1
Bleep Bleep! Group: Admin Posts: 31,601 Joined: 24-January 04 From: USA Member No.: 3	Some say impersonation is the highest form of flattery, Sometimes, though, being impersonated is not such a good thing. An example of this is a new anti-malware program called SmitFraudFixTool that is hoping to get some sales by impersonating the name of a well known non-commercial anti-rogue program called SmitfraudFix. SmitFraudFix is a non-commercial tool that is used to remove high profile rogue security products and the malware that is typically associated with them. This program, created by S!RI, has had such as good track record on removing these types of malware that there have been over 1,348,000 requests for this tool at BleepingComputer.com alone. It therefore comes as no surprise to see a commercial company attempt to make money off of this tools success with a tool called SmitFraudFixTool. SmitFraudFixTool At first glance there is not much information that we can find about SmitFraudFixTool. Their domain registration is set to private and there is no company name other than AntiSpyware LLC in the software. If you dig around on the SmitFraudFixTool site, though, you can find they made a few mistakes here and there. For example, on their FAQ page you see a green button with the text "Let MalwareRemovalBot scan your hard drive right now for free". When I downloaded MalwareRemovalBot, I was not surprised to see that it looked almost exactly the same as SmitFraudFixTool. MalwareRemovalBot We still do not know who is the developer of these tools are as MalwareRemovalBot states its developer is AntiSpyware LLC as well. So I dug a little deeper into the executables themselves and found a few common urls between all of the programs. The first url was for a domain antispyware.com. When I went to that domain we see they are advertising anti-malware tool called AntiSpyware 2009. They also state that the company is named AntiSpyware LLC and they are located in Mobile, Alabama. AntiSpyware 2009 Another url that is common to all of these programs is is geekonline.com. This site is for a remote repair service where they offer a variety of services utilizing a tool that you should now recognize; AntiSpyware 2009. This site is obviously part of the same company as all of these programs. Finally, the last url that I found in each of the executables is for 2squared.com. 2Squared.com is a company located in Mobile, Alabama as well. Coincidence? I doubt it. The real question now is who is real parent company? It is AntiSpyware LLC or is it 2Squared? Based on when the domains were registered, I am going to have to conclude that 2Squared is the original company as that domain was registered first. You may wonder why a company would put out so many copies of the same program with just different names and skins. My belief is that they are feel that the more products they have out there the better the chances that someone will download and purchase one of them. Regardless of the reasons, the whole practice of trying to pass their tools off as another well-known tool is definitely a shady practice. What are you thoughts? Guide: How to use SmitFraudFix -------------------- Lawrence Become a BleepingComputer fan: Facebook Follow us on Twitter!

Replies (1 - 5)

Lloyd T View Member Profile	Feb 20 2009, 08:16 PM Post #2
Distinguished Member Group: Members Posts: 848 Joined: 6-August 08 From: Canada Member No.: 228,067	Combofix might be next in the line. I'm starting to see URLs in Google trying to make money by selling outdated versions of Combofix. -------------------- Avira AntiVir Personal \| COMODO Firewall \| Malwarebytes' Anti-Malware \| SpywareBlaster \| WOT "There is a saying: yesterday is history, tomorrow is a mystery, but today is a gift. That is why it is called present."

scff249 View Member Profile	Feb 21 2009, 02:08 AM Post #3
Indecisive Lurker Group: Members Posts: 1,238 Joined: 14-February 08 From: A galaxy far, far away... Member No.: 190,231	That or else it could be SDFix if it hasn't been done yet. -------------------- Posting lurker of bleepingcomputer.com Because I post more than I lurk

tylerisdabest	Feb 21 2009, 07:39 PM Post #4
Guests	i think it might me malware bytes next

Lloyd T View Member Profile	Feb 21 2009, 09:58 PM Post #5
Distinguished Member Group: Members Posts: 848 Joined: 6-August 08 From: Canada Member No.: 228,067	QUOTE(tylerisdabest @ Feb 21 2009, 07:39 PM) i think it might me malware bytes next No, MBAM is already copied. See this Google search then look at the advertisement. DO NOT CLICK ON IT! -------------------- Avira AntiVir Personal \| COMODO Firewall \| Malwarebytes' Anti-Malware \| SpywareBlaster \| WOT "There is a saying: yesterday is history, tomorrow is a mystery, but today is a gift. That is why it is called present."

tylerisdabest	Feb 23 2009, 03:27 PM Post #6
Guests	then it might be super anti spyware

« Next Oldest · News · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Display Mode: Switch to: Standard · Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version

Time is now: 21st November 2009 - 09:46 PM

Advertise \| About Us \| Terms of Use \| Privacy Policy \| Contact Us \| Site Map \| Chat \| Tutorials \| Uninstall List
Discussion Forums \| The Computer Glossary \| Resources \| RSS Feeds \| Startups \| The File Database \| Virus Removal Guides