Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

URGENT HELP REQUIRED FOR PC

Started by rags , Apr 26 2005 10:47 AM

  • Please log in to reply

#1
rags
Posted 26 April 2005 - 10:47 AM

rags

    New Member

  • Member
  • Pip
  • 3 posts
Hi,
My PC has been infected with the above mentioned "trojan-spy.html.smitfraud.c" virus(?) on 15/04/05 and ever since had biggest trouble. Immediately on infection, I have started following the help threads on this site, but to no avail. As some member mentioned, every case is unique and so I have decided to post my log here and ask for help. The symptoms of infection were similar / same as that of many others. A blue warning screen, followed by disappearance of display properties and unsolited attempts to connect to internet. All possible spyware, anti-virus programs were tried to no avail. On following some of the suggestions given in this site, I could do the following:

*Deletion of Wp.exe and Wp.bmp files
*Removal of SecurityIGuard
*Deletion of all registry entries referring to Wp.bmp

The following is the present condition of my trouble:
*PC boots only into safe mode. PC appears to function OK in Safe Mode.

*When attempting to boot in normal mode, after initial log in is over, the screen goes blank and remains blank for ever. At this stage, only Ctl-Alt-Del works, giving me option to shut down / view taks manager etc., I could figure out that "explorer.exe" process was not getting loaded.

*I have tried creating new user accounts with administrator rights and limited user rights. If logged in as limited user, system boots. However, on boot up, a dialer program pops up asking to go to "wefed.biz" website. It even attempts accessing some comouters on our intranet. System remains very slow. When attempting to log in as new administrator, the system dos not boot and the symptoms are same (blank screen). However, in safe mode, I can log in as both admin or limited user.

*When logged in as limited user and try accessing registry, the following error occurs:

Under HKU, when I click on some of the classes, it denies access saying that the key is locked by some process and cannot be opened.

Also, when I try installing any antivirus software, it fails syaing that creation of some keys failed due to denial of access.

*Tried all the following software:
-SpyBot
-SpyDoctor
-Microsoft Antispyware
-KillBox
-AVG
-Norton Antivirus
-Panda Activescan
-Scores of many others

Panda Activescan showed some infections, which it could cure and a couple of others, which it could not. I have deleted all those files mentioned by Panda Scan physically. Problem remains same.

Another point is that, I have two partitions on my HD and two working XP OSs. Right now, the OS in C: drive is non functional, whereas the one on D: is working well. However, the problem is I have most of my applications installed on C - OS. Need to get out of the problem.

I am not a novice and not an expert on XP, Registry settings etc., but can follow instructions and try advices given for fixing registry entries etc.,

I am not posting an exhaustive account of all that has been done. I will post the details as asked for.

Will look forward for help from members. Thanks in anticipation.

Rags..
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP