| Other > Viruses and worms |
| Trojan virus contaminated my Laptop |
| << < (2/3) > >> |
| Ren:
To start thank you everybody for your support, I really appreciate. I tried yesterday evening again to identify the virus name or location and this is the 2 error message I have got : - Permanently on my desktop I have got a blue block with the following message : "a fatal error in IE has occured at 0028:C0011E36 in VXD VMM <01> + 0001036 error was caused by Trojan-spy.html.smitfraud.c" - When I did the boot scanning with Avast I obtained the following message : "File C:/ Program Files/System32.dll/gui.exe is infected by Win32:Trojan-gen {UPX !} " So I tried to repare, put in quarantine or delete from the boot scanning and form the contaminated file itself and Avast was unable to act on it, giving me the message "OXC0000022 Access denied" I hope it helps ? ::) Thanks. |
| Ren:
Just one more thing if it can help, my OS is WIndows 2000 NT (crap isn't it ?) and I loaded a Windows pack update for Windows 2000 on Windows Website last September. It seems the problems beginned since that moment. |
| FreewheelinFrank:
Please run this tool to get rid of the blue screen message: http://noahdfear.geekstogo.com/ |
| FreewheelinFrank:
--- Quote ---- Permanently on my desktop I have got a blue block with the following message : "a fatal error in IE has occurred at 0028:C0011E36 in VXD VMM <01> + 0001036 error was caused by Trojan-spy.html.smitfraud.c" --- End quote --- This is not a real Windows error message but a fake- it's a desktop screen produced by the Trojan. Noahdfear's tool above will remove it. --- Quote ---- When I did the boot scanning with Avast I obtained the following message : "File C:/ Program Files/System32.dll/gui.exe is infected by Win32:Trojan-gen {UPX !} " So I tried to repare, put in quarantine or delete from the boot scanning and form the contaminated file itself and Avast was unable to act on it, giving me the message "OXC0000022 Access denied" --- End quote --- Another common message with this Trojan seems to be "cannot be removed because it is embedded in the archive." UPX is a compression utility. I guess avast! is detecting suspicious content of the package but for some reason cannot delete the archive itself. Another poster with the same problem found Ewido managed to remove it: http://forum.avast.com/index.php?topic=16746.msg142472#msg142472 (Link in the same thread.) If the Trojan is not actually running from there, you may be able simply to delete the archive, i.e., C:/ Program Files/System32.dll: it's certainly not something you want to keep. If something is running from there, let Ewido deal with the running process and delete the file. |
| Spiritsongs:
:) Ren : Successfully removing Smitfraud from a computer is a complicated process; therefore, I suggest you ask for help on an antiSPYWARE forum, such as the Ad-Aware Experts have at www.landzdown.com . They will use Noahdfear's tool & a properly configured Ewido ( see www.greyknight17.com/spy/Tutorials/ ewidoQuickGuide.pdf ) as part of the process . For an example as to the "process", see the info at : www.freedomlist.com/forum/viewtopic.php?t=21229 . |
| Navigation |
| Message Index |
| Next page |
| Previous page |