Smitfraud-C False Positive
My computer is deemed to be clean so I am also reporting the following.
My computer is running Windows XP and when I scan with Spybot I get the following Smitfraud-C False Positive that can't be fixed:
User settings
HKEY_USERS\S-1-5-21-3631192919-4047014472-3028651874-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-spy-cam.net\ *!=W=4
Registry change
Although your "computer is deemed to be clean" that may not be a false positive.
Please go into Internet Explorer > Tools > Internet Options … > Security tab. One at a time click on each of the following buttons:
- Internet
- Local Internet
- Trusted sites
- Restricted sites
While in each of those buttons, click the Sites button and inspect the lists for:
- *.free-spy-cam.net
Under which of the four buttons did you find the entry?
Note: Hopefully you can find the entry because the detection is for a registry hive other than the current user hive.
Last edited by md usa spybot fan; 2005-12-11 at 02:31.
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz IntelŪ PentiumŪ 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
Hello md usa spybot fan,
Thank you for replying to my post.
This is what I found by following your instructions.
I have NO Sites listed for:
Internet *
Local Intranet
Trusted sites
Under Restricted sites I have these which are similar:
http:// *.free-spy-cam.net
https:// *.free-spy-cam.net
* Edit: I guess it should be noted that while the Internet description reads "This zone contains all Web sites you haven't placed in other zones" the button is inaccessible, as is the "Default Level" button. Could this be because of other Security Software?
Last edited by Oppressed; 2005-12-11 at 19:07.
Oppressed and Spybot Helpers,
I have the exact same problem as Oppressed. I was infected by Spyaxe. By running the smitrem.exe, many files were deleted and my PC became stable.
I run Spyware Doctor, and Mcaffee and the report shows no virus or trojans. However, Spybot shows that I still have the Smithfraud trojan, and Spybot can not remove it. The detail of the Spybot is as follows:
Smitfraud-C.: User settings (Registry change, fixing failed)
HKEY_USERS\S-1-5-21-3834227258-2264835413-2960356022-1009\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\free-spy-cam.net\*!=W=4
I also have the two websites listed in my Restricted Zone:
http:// *.free-spy-cam.net
https:// *.free-spy-cam.net
I have brought this topic to Team's attention.
Microsoft MVP Reconnect 2018-
Windows Insider MVP 2016-2018
Microsoft Consumer Security MVP 2006-2016
thanks for reporting,
the issue has been found and corrected, and will be available with the next update scheduled for the end of the week.
Thank youOriginally Posted by Yodama
I have just reformatted my laptop and then I installed spybot, ad aware pro and symantec.
I get clear results on both ad aware and symantec but spybot is returning "Smithfraud-C." It shows as 3 entries but will delete all but 1, then upon start up there is 2 or more entries.
I have checked for the mentioned files in I.E and did not find them. The values are in the registry under "netsh.exe"
Any ideas?
Hello,
Please wait for the update that will be released today.
Best regards
Sandra
Team Spybot
Its jan 07 and ive updated spybot and i still have smitfraud showing when i run sb and it want remove it
Posting Permissions
Reply With Quote