Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Need Help (Smifraud.c)

  • Please log in to reply



    New Member

  • Member
  • Pip
  • 3 posts
My PC has been infected with the above mentioned "trojan-spy.html.smitfraud.c" virus(?) on 15/04/05 and ever since had biggest trouble. Immediately on infection, I have started following the help threads on this site, but to no avail. As some member mentioned, every case is unique and so I have decided to post my log here and ask for help. The symptoms of infection were similar / same as that of many others. A blue warning screen, followed by disappearance of display properties and unsolited attempts to connect to internet. All possible spyware, anti-virus programs were tried to no avail. On following some of the suggestions given in this site, I could do the following:

*Deletion of Wp.exe and Wp.bmp files
*Removal of SecurityIGuard
*Deletion of all registry entries referring to Wp.bmp

The following is the present condition of my trouble:
*PC boots only into safe mode. PC appears to function OK in Safe Mode.

*When attempting to boot in normal mode, after initial log in is over, the screen goes blank and remains blank for ever. At this stage, only Ctl-Alt-Del works, giving me option to shut down / view taks manager etc., I could figure out that "explorer.exe" process was not getting loaded.

*I have tried creating new user accounts with administrator rights and limited user rights. If logged in as limited user, system boots. However, on boot up, a dialer program pops up asking to go to "wefed.biz" website. It even attempts accessing some comouters on our intranet. System remains very slow. When attempting to log in as new administrator, the system dos not boot and the symptoms are same (blank screen). However, in safe mode, I can log in as both admin or limited user.

*When logged in as limited user and try accessing registry, the following error occurs:

Under HKU, when I click on some of the classes, it denies access saying that the key is locked by some process and cannot be opened.

Also, when I try installing any antivirus software, it fails syaing that creation of some keys failed due to denial of access.

*Tried all the following software:
-Microsoft Antispyware
-Norton Antivirus
-Panda Activescan
-Scores of many others

Panda Activescan showed some infections, which it could cure and a couple of others, which it could not. I have deleted all those files mentioned by Panda Scan physically. Problem remains same.

Another point is that, I have two partitions on my HD and two working XP OSs. Right now, the OS in C: drive is non functional, whereas the one on D: is working well. However, the problem is I have most of my applications installed on C - OS. Need to get out of the problem.

I am not a novice and not an expert on XP, Registry settings etc., but can follow instructions and try advices given for fixing registry entries etc.,

I am not posting an exhaustive account of all that has been done. I will post the details as asked for.

Will look forward for help from members. Thanks in anticipation.


Edited by rags, 22 April 2005 - 11:18 AM.

  • 0




    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
I haven't received any suggestions so far.
My systems is still down!
Thanks a lot in anticipation
Bye Bye
rags :tazz:
  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP