I have Norton System Works, Spybot & Ad-ware which were all recommended by (the) salesman and installed with the statement: "You now have nothing to worry about, your computer is safe!" On turning on my computer, I get the message: fatal error caused by Trojan-Spy.HTML.Smitfraud.c. I have tried everything that was recommended, but nothing seems to work. Is there something I can do short of taking it to a repair shop?
This question was answered on July 21, 2005. Much of the information contained herein may have changed since posting.
Based on your description, it seems that you have fallen prey to a “phishing” scam that was sent to you via e-mail asking you to update financial account information.
The original version of this exploit targeted Smith Barney customers, so if you have an actual account, you should immediately change your access codes and/or passwords
This particular Trojan incorporates keystroke logging and screenshot tracking to gather information on you to perpetrate identity theft.
Be sure to make the changes from a computer other than the infected system If you don’t have a Smith Barney account but use the infected system for any kind of online banking, online purchases or anything that would allow for identity theft, you need to change those passwords as well.
You should also check your credit report to ensure that you have not already become a victim from this exploit (Go to: AnnualCreditReport.com).
What the salesman neglected to tell you was that no matter what you install in your system, certain actions that you perform will instantly render all of the protection useless.
What he should have stressed is that nothing that you install will EVER protect you from yourself Remember, the bad guys have access to all the same “protection” software that you do and can test their latest creations to make sure they can get past them with your help.
They use “social engineering” to trick you into doing things that seem important but are in fact harmful to you
The mistake that you likely made was clicking on a link in an e-mail that sounded like it was an official message from a financial institute The minute you clicked on it, you were sent to a rogue website that not only asked you to give up personal information but also installed this very dangerous Trojan on your computer.
Often times when your system contracts one Trojan or worm, many others follow so don’t let this problem go unchecked (I strongly recommend that you disconnect it from the Internet until you get it cleaned up!)
The steps required to properly clean your system of this mess are pretty technical and will require someone with more than a passing knowledge of the Windows Registry
There are various Internet resources that give very specific technical details on the many possible methods of removal which should help you make the decision whether it is time to seek professional help (you can see them by putting the error message in any search engine).
Just as important as getting your system cleaned up is understanding how you contracted the Trojan so you don’t repeat the behavior It isn’t always possible to trace the point of infection, but if you can figure it out it would be most helpful for your future security.
About the author
Posted by Ken Colburn of Data Doctors on July 21, 2005