right click scanning of spybot detects smitfraud c all over the place!

[Wizcrafts]

I want to report that with the definition updates on July 16, all false positives for Heuristic right-click scans are fixed, as regards my saved MSDOS 6.22 .com and .exe files.

Thank you

[Yodama]

The malware scan shows nothing found; the heuristic scan shows the red caution symbol at: nsDefaultCLH.js __ Win32. Zhelatin.VG

Thank you for reporting this, this false positive will be fixed with the next update of the trojans.sbi which is scheduled for today ( Wednesday ).

Also thanks to everyone else for feedback and reporting the other false positives.

[bureaucrat]

Spybot v1.6 found what I hope is a false indication within Mozilla Firefox
v3.0.1 installer package.

I sometimes unzip installer packages and scan the contents.
Spybot did not report this before expanding the installer.

"Firefox Setup 3.0.1.exe\nonlocalized\components\nsDefaultCLH.js"
was marked as Win32.Zhelatin.vg by Spybot Heuristics.

MD5 for this file downloaded from Mozilla.org on 07/22/08-
(using MD5 Summer) acf41e73a9844a3f6410017f09c849al

I read recently that Firefox is now a mild form of spyware for Mozilla.org.

[Yodama]

Hello,

this is a false positive of the heuristics scan which was also addressed here

It has been fixed with the latest detection updates released this Wednesday.

[129260]

I just wanted to report that now all my issues are fixed with the right click scanning now. I have yet to see any more problems with the latest updates. I will report if anything changes. Thanks so much!

[edangpo]

When I single scan my Blender folder, I get the following information:

Zlib.dll GuardianMonitor
This is under the Heuristic section only.

A regular scan with SpyBot does not show this.
My other security software does not show this.
Is this a false positive?

Windows Defender
Adaware 2008
AVG (paid version)
Windows XP Pro sp3
Internet Explorer 7, FireFox latest version
Latest spybot 1.6

Thank You.

[tashi]

Hello,

Please follow instructions here How to report False Positives

Thank you.

[edangpo]

Thank you for the quick reply.
I am sorry but I do not understand the information you requested.
I have read the page suggested and have all the information that I can find.
The single file scan does not produce a log of any of its findings. I can find the regular scan log easily, but no trace of the single file/folder scan. The window also does not allow me to do anything about the stated file, such as fixing the problem.
Again, this happens when I right click and scan a single folder. The screen that I see has a red X in front of the file, zlib.dll.
Under “status”, it states it is a “GuardianMonitor”.
Could you please tell me what other information I can give to find out is this is a threat or a false positive.
Thank you for your time.

[Yodama]

hello,

this is a false positive with the heuristics part of the single file scanner. It will be corrected with the next update.

[FFKefka77]

Windows XP Professional SP-3
FireFox 3.0.1
Spybot S&D 1.6 update: 2008-08-27

Found on the right-click Spybot scan (context scan I think) of my usb flash drive

1. FixPolicies.exe, found here - http://cid-6aaab341ce47c5c2.skydrive.live.com/self.aspx/Public/FixPolicies.exe, was found under Spybot - Search & Destroy (Heuristic) as Virtumonde.

2. DCProSetup.exe, found here - http: //downloads.guru3d.com/download.php?det=745#download, was found under Spybot - Search & Destroy (Heuristic) as SpyFalcon.

Nothing was fix or deleted, they were just detected in the right-click Spybot scan and seemed to worry me, cause those are 2 very nasty things to have been detected.