?
Solved

How do I get rid of trojan-spy.html.smitfraud.c

Posted on 2005-04-15
6
Medium Priority
?
7,844 Views
Last Modified: 2010-08-05
My laptop got hit by this trojan last night. I've run Norton AV twice & Webroot Spy sweeper  & although it has removed malware - I still have theproblem. My wallpaper has been removed & repalced with a blue screen with the follwing message. My desktop settings are now disabled & I am unable to get rid of the blue screen.


" A fatal error occured at 0028:COO11E36 in VXD VMM (01)+ OOO10E36. Error was caused by trojan -spy. html.smitfraud.c

System cannot function in normal mode. Please check your settings.

Is there a step by step fix for this that somebody can pass on?

thanks



0
Comment
Question by:wisemat
  • 4
  • 2
6 Comments
 
LVL 12

Expert Comment

by:rossfingal
ID: 13790918
Hi!

Try running this EScan-MWAV toolkit (free)
(free version finds things - paid also fixes)
From:  
http://www.mwti.net/antivirus/free_utilities.asp
See what it turns up.

Good luck!
RF
0
 
LVL 13

Expert Comment

by:gonzal13
ID: 13808895
Try to remove  trojan -spy. html.smitfraud.c in the safe mode in case it is in memory.

gonzal13(joe)
0
 
LVL 12

Expert Comment

by:rossfingal
ID: 13826788
wisemat

Any progress with this?

RF
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
LVL 13

Expert Comment

by:gonzal13
ID: 13828869
wisemat:

It would be wonderful if you establish a dialog with us so that we can narrow down the problem and hopefully provide a solution. Be sure your comments are detailed with the exact dialog that you see on your screen.

I can provide you with a list of online virus detectors, but this may not help you. Meanwhile I will do some research on your problem. After using the online virus detectors, please provide your observations.

Panda ActiveScan
http://www.pandasoftware.com/activescan 

Bitdefender
http://www.bitdefender.com/scan/Msie/index.php 

McAfee FreeScan
http://us.mcafee.com/root/mfs/default.asp 

Symantec Security Check
http://security.symantec.com/sscv6/ 

Pc-Cillin (Trend Micro Housecall)
http://housecall.antivirus.com/housecall/start_pcc.asp 

PcPitstop
http://pcpitstop.com/antivirus/default.asp 

RAV
http://www.ravantivirus.com/scan/ 


As I said this is a shotgun approach


Thanks
gonzal13(joe)
0
 
LVL 13

Accepted Solution

by:
gonzal13 earned 1600 total points
ID: 13829228
Evidently this has been around since 2001. There are many Aliases for this Trojan. It seems that the basic recommendation is to run all the anti-malware programs and and antivirus programs that you have.

Here is what I found out:

http://forum.us.dell.com/supportforums/board/message?board.id=si_virus&message.id=39475

Aliases
Trojan-Spy.HTML.Smitfraud.c (Kaspersky Lab)
is also known as:
Phish-BankFraud.eml.a (McAfee), Trojan Horse (Symantec), Trojan.Bankfraud (Doctor Web), HTML.Phishing.Bank-1 (ClamAV), Trj/Citifraud.A (Panda), HTML/Smithfraud.gen (Eset)

http://search.symantec.com/custom/us/query.html

I placed in symantec’s search engine the Trojan-Spy HTML Smitfraud.c and it came up with another name.
Joke.smitfraudoid.

Joke Program
Programs that alter or interrupt the normal behavior of your computer, creating a general distraction or nuisance. Joke programs generally do not themselves engage in the practice of gathering or distributing information from the user's computer

http://www.trojaner-board.de/showthread.php?t=16429

Evidently the program is also called SpSehjfix109 It has be around since about 2001
http://www.derbilk.de/SpSeHjfix109.zip
0
 
LVL 13

Expert Comment

by:gonzal13
ID: 13835488
Hi:

I spent about two hours researching this 'malware' I was surprised as to the various names that it came under and the difficulty of removing it. I never did find a solution on how to remove it.

What action did you take to solve the problem. Did the shot gun approach work?

Thanks for the points. Actually the points are not as important as being able to help someone. That gives me allot of satisfaction.

Joe
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
Have you ever tried to find someone you know on Facebook and searched to find more than one result with the same picture? Perhaps someone you know has told you that they have a 'facebook stalker' or someone who is 'posing as them' online and ta…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question