I updated Spybot definitions yesterday and it found something called Smitfraud-C. On my system, Vista Ultimate, I have all my antispyware and antivirus software in a folder called Security Tools in my program files directory. Spybot said that Smitfraud-C. was in my Security Tools directory. Upon asking Spybot to remove, I see the progress bar move to the end. Then Spybot closes, my Avast AV suddenly closes, and the entire Ad-Aware software directory disappears. When I restart Spybot and ask to scan, it says that Blindman.exe is corrupted and asks to update. I do an update, but I get a message saying that no new updates are available.

Thinking that this may be a false positive, I reformatted my C partition (I need my D partition because it holds my documents and videos). I reinstalled Vista Ultimate and then installed the latest Spybot with the latest updates. On a fresh install of Vista Ultimate, with no drivers, system updates, or any other software, Spybot detected Smitfraud-C. again in my Security Tools directory. Asking Spybot to remove causes the progress bar to reach the end, the program to close, and then Spybot is unable to update or scan. I did a Kaspersky online virus scan and it did not find any infections.

What is happening here?

Someone please help! I have tried a reformat and install of Vista Ultimate and then only installed Spybot S&D, latest version with latest updates. I installed into a newly created folder called Security Tools in my Program Files directory. I installed Spybot into the Security Tools\Spybot-Search&Destroy. The scan shows that Smitfraud-C. is in the Security Tools folder. Nothing else is shown. Upon attempting to fix the problem, the progress bar goes to the end and then Spybot closes on its own. Upon restart of Spybot, the definitions are gone and I am unable to update.




I need to fix this before this weeked because I have 3 programs to code and tests all of next week. I really do not have access to a computer because the computers at the library are always in use and it takes almost an hour of waiting before you can get on one. By the way, I am in college. Any help is appreciated.

Did some testing. Might be a false positive. Anyone have any other ideas?

Is it possible for Smitfraud-C. to spread to another system through a remote desktop or remote assistance connection?

I ask because I did remote assistance connect to my home PC a couple days ago using Windows Live Messenger.

Also, is it possible for Smitfraud-C. to infect the MBR or partition table?


Thank you.

Duplicate thread: http://forums.spybot.info/showthread.php?p=130536

Malware forum topic: http://forums.spybot.info/showthread.php?t=19475

Someone will take a look at the system in that forum as soon as available. :alien: