How do I get rid of trojan-spy.html.smitfraud.c

My laptop got hit by this trojan last night. I've run Norton AV twice & Webroot Spy sweeper  & although it has removed malware - I still have theproblem. My wallpaper has been removed & repalced with a blue screen with the follwing message. My desktop settings are now disabled & I am unable to get rid of the blue screen.


" A fatal error occured at 0028:COO11E36 in VXD VMM (01)+ OOO10E36. Error was caused by trojan -spy. html.smitfraud.c

System cannot function in normal mode. Please check your settings.

Is there a step by step fix for this that somebody can pass on?

thanks



wisematAsked:
Who is Participating?
 
gonzal13RetiredCommented:
Evidently this has been around since 2001. There are many Aliases for this Trojan. It seems that the basic recommendation is to run all the anti-malware programs and and antivirus programs that you have.

Here is what I found out:

http://forum.us.dell.com/supportforums/board/message?board.id=si_virus&message.id=39475

Aliases
Trojan-Spy.HTML.Smitfraud.c (Kaspersky Lab)
is also known as:
Phish-BankFraud.eml.a (McAfee), Trojan Horse (Symantec), Trojan.Bankfraud (Doctor Web), HTML.Phishing.Bank-1 (ClamAV), Trj/Citifraud.A (Panda), HTML/Smithfraud.gen (Eset)

http://search.symantec.com/custom/us/query.html

I placed in symantec’s search engine the Trojan-Spy HTML Smitfraud.c and it came up with another name.
Joke.smitfraudoid.

Joke Program
Programs that alter or interrupt the normal behavior of your computer, creating a general distraction or nuisance. Joke programs generally do not themselves engage in the practice of gathering or distributing information from the user's computer

http://www.trojaner-board.de/showthread.php?t=16429

Evidently the program is also called SpSehjfix109 It has be around since about 2001
http://www.derbilk.de/SpSeHjfix109.zip
0
 
rossfingalCommented:
Hi!

Try running this EScan-MWAV toolkit (free)
(free version finds things - paid also fixes)
From:  
http://www.mwti.net/antivirus/free_utilities.asp
See what it turns up.

Good luck!
RF
0
 
gonzal13RetiredCommented:
Try to remove  trojan -spy. html.smitfraud.c in the safe mode in case it is in memory.

gonzal13(joe)
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
rossfingalCommented:
wisemat

Any progress with this?

RF
0
 
gonzal13RetiredCommented:
wisemat:

It would be wonderful if you establish a dialog with us so that we can narrow down the problem and hopefully provide a solution. Be sure your comments are detailed with the exact dialog that you see on your screen.

I can provide you with a list of online virus detectors, but this may not help you. Meanwhile I will do some research on your problem. After using the online virus detectors, please provide your observations.

Panda ActiveScan
http://www.pandasoftware.com/activescan 

Bitdefender
http://www.bitdefender.com/scan/Msie/index.php 

McAfee FreeScan
http://us.mcafee.com/root/mfs/default.asp 

Symantec Security Check
http://security.symantec.com/sscv6/ 

Pc-Cillin (Trend Micro Housecall)
http://housecall.antivirus.com/housecall/start_pcc.asp 

PcPitstop
http://pcpitstop.com/antivirus/default.asp 

RAV
http://www.ravantivirus.com/scan/ 


As I said this is a shotgun approach


Thanks
gonzal13(joe)
0
 
gonzal13RetiredCommented:
Hi:

I spent about two hours researching this 'malware' I was surprised as to the various names that it came under and the difficulty of removing it. I never did find a solution on how to remove it.

What action did you take to solve the problem. Did the shot gun approach work?

Thanks for the points. Actually the points are not as important as being able to help someone. That gives me allot of satisfaction.

Joe
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.