Smitfraud-c.generic

Hello Everyone!!

As my luck keeps going downhill this year. I was updating Spybot and my computer notified me that one of the updates was corrupted, and that I should immediately scan my computer.

And after scanning my computer with Spybot, this is what I found:
Smitfraud-C.generic: [SBI $567DA25A] Executable (file)
C:\Windows\main_uninstaller.exe

What should I do? Should I try and use Spybot to remove this? Should I try and use McAfee if it detects it? or Windows Defender if it detects it? or Some other program that can permanently remove it?

I have not tried to remove it yet with Spybot because I am waiting to see if my other programs detect it, And also find out from you people here, what you recommend I should do!

Try the instructions here.

Smitfraud.C is Spybot S&D's name for a type of Vundo/Conhook infection. However, main_uninstaller.exe is a file related to a smitfraud infection.

If your using Win XP or 2000, Please print out and follow the generic instructions for using "SmitfraudFix".
If you have downloaded SmitfraudFix previously, please delete that version and download it again as the tool is frequently updated!
-- If the tool fails to launch from the Desktop, please move smitfraudFix.exe to the root of the system drive (usually C:\), and run it from there.

Well here is an update.

My McAfee and Windows Defender Never ever picked it up on the scans. But when I ran the Spybot it picked it up. So I tried the fix-it feature. Then rescanned the computer with all three. Spybot picked up:
Microsoft.Windows.Security.InternetExplorer:[SBI $A3433CBF] Settings (Registry change)
HKEY_USERS\S-1-5-21-1921292706-2233922792-2079689605-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe

But the other two programs did not pick it up. My MSN Hotmail homepage screen frooze up. But the other two windows did not. So I tried the fix-it feature again. I rechecked my computer again today. Guess waht showed up. Not the Smitfraud-C.generic like I thought would happen, but the other problem. So I again tried the fix-it feature on Spybot. It reappeared again. Then I tried the Fix-it feature agin. This time it is not there. Will it be there when I turn my computer back on?

So It looks like it might be gone. Hopefully! Is there any way to be 100% positive that it is?

The Security.sbi (Windows.Security.InternetExlorer) file set entry was added to Spybot's 2006-8-11 updates due to the fact that some downloaded toolbars were found to alter that setting which can affect a users "My Computer Zone" settings. When the .sbi file is updated, Spybot will notify you about the registry change. See the discussions here and here.

When inquiring about Spybot scans, you should always post a complete log of the actual detections received.

Did you search C:\Windows for the presence of main_uninstaller.exe?

hello,

I did print out a report of the scan before I did the Fix-it command on the Smitfraud-C.generic and then did the same on the other problem with the Microsoft.Windows.Security.InternetExplorer problem. I just now checked to make sure that the windows main unistall.exe was gone and it is.

I cut and pasted it onto here.

Microsoft.Windows.Security.InternetExplorer: [SBI $A3433CBF] Settings (Registry change, nothing done)
HKEY_USERS\S-l-5-21-1921292706-2233922792-2079689605-1000\Software\Microsoft\InternetExplorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOC KDOWN\iexplore.exe
CouponBar: [SBI $EFE6495E] Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
CouponBar: [SBI $CB95FB49] Class ID (Registry key, nothing done) HKEY_CLASSES_ROOT\CLSID\{A85A5E6A-DE2C-4RE-99DC-F469DF5AOEEC}
CouponBar: [SBI $51FE8B2E] Root class (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cpbrkpie.Coupon6Ctrl.l
CouponBar: [SBI $51FE8B2E] Class ID (Registry key, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
CouponBar: [SBI $7A5ACBCB] Interface (Registry key, nothing done) HKEY_CUSSES_ROOT\Interface\{6E780FOB-BCD6-40CB-B2DB-7AF47AB4D4A4}
CouponBar: [SBI $7B15781E] Interface (Registry key, nothing done) HKEY_CLASSES_ROOT\Interface\{A138BE8B-F051-4802-9A3F-A750A6D862D4}
CouponBar: [SBI $E3788A7B] Type library (Registry key, nothing done) HKEY_CLASSES_ROOT\TypeLib\{87255C51-CD7D-4506-B9AD-97606DAF53F3}
Smitfraud-C.generic: [SBI $567DA25A] Executable (File, nothing done) C:\Windows\main_uninstaller.exe
— Spybot - Search & Destroy version: 1.5 (build: 20070830) —
2007-08-31 blindman.exe (1.0.0.6) 2007-08-31 SDMain.exe (1.0.0.4) 2007-08-31 SDUpdate.exe (1.0.6.4) 2007-08-31 SDWinSec.exe (1.0.0.8) 2007-08-31 SpybotSD.exe (1.5.1.15) 2007-08-31 TeaTimer.exe (1.5.0.9) 2007-10-29 uninsOOO.exe (51.46.0.0) 2007-08-31 Update.exe (1.4.0.5) 2007-08-31 advcheck.dll (1.5.3.0) 2007-04-02 aports.dll (2.1.0.0) 2007-04-02 DelZipl79.dll (1.79.5.3) 2007-08-31 SDHelper.dll (1.5.0.8) 2007-08-31 Tools.dll (2.1.2.0) 2008-01-09 Includes\Cookies.sbi (*) 2007-12-26 Includes\Dialer.sbi (*) 2008-01-09 Includes\DialerC.sbi (*) 2008-01-09 Includes\HeavyDuty.sbi (*) 2007-12-26 Includes\Hijackers.sbi (*) 2008-01-09 Includes\HijackersC.sbi (*) 2007-10-04 Includes\Keyloggers.sbi (*) 2008-01-09 Includes\KeyloggersC.sbi (*) 2004-11-29 Includes\LSP.sbi (*) 2008-01-09 Includes\Malware.sbi (*) 2008-01-09 Includes\MalwareC.sbi (*) 2007-10-24 Includes\PUPS.sbi (*) 2008-01-09 Includes\PUPSC.sbi (*) 2008-01-09 Includes\Revision.sbi (*) 2008-01-09 Includes\Security.sbi (*) 2008-01-09 Includes\SecurityC.sbi (*) 2007-11-07 Includes\Spybots.sbi (*) 2008-01-09 Includes\SpybotsC.sbi (*) 2007-11-06 Inciudes\Tracks.uti 2007-12-12 Includes\Trojans.sbi (*) 2008-01-09 Includes\TrojansC.sbi (*) 2008-12-24Piugins\TCPIPAddress.dll

I hope this is the information you were looking for?

I do not remove the couponbar because I used to use the toolbar once in a while. Though now I cannot get the toolbar to appear anymore. could that be causing some of these problems I am having?

I do not remove the couponbar because I used to use the toolbar once in a while. Though now I cannot get the toolbar to appear anymore. could that be causing some of these problems I am having?

Its responsible for some of the registry alerts detected by Spybot. If its not working properly, then you may have to reinstall it. I do not like toolbars and generally recommend they be removed but that's your choice.