Free Republic
Browse · Search 		Bloggers & Personal
Topics · Post Article

To: Nachum

Yes they are collecting a list of enemies. And in stealth manner.

My XP computer was infected by following a news link to one of the Texas Malitia sites this week. It took 1-1/2 days to find a way to remover it.

Word of caution on those of you who are trying to keep up with this event.(Mexico Violence)

Over the weekend I did a little background check on related topics and wound up on a malitia site in Texas. After briefly looking at the site I moved away and as I did my computer locked up and re-booted. When it re-booted my Symantec anti-virus program stated that I had a Trojan.

The file name was 123.dll that was stated to be infected. I worked on it for a full day on Monday and could not remove it. Used every tool in my tool box, and I have done a lot of this type of trouble shooting.

After using MS malware removal tool, Hijackthis, Adaware, Symantec, Mcafee Stinger, and manually removing the offending files listed from a web search, I was about ready to give up. Nothing seemed to work.

Each time I re-booted the problem reappeared. Then I realized the files were being downloaded from the web. They were not on my harddrive, but each time I rebooted they would be downloaded from the web. I checked my theory by unplugging the network cable and re-booting, the problem was no longer there. But if I plugged in the network cable, it reappeared.

Finally on Tuesday morning my companies IT guy got back and suggested I use the following tool to remove it. And it worked. One of the functions requires operating in Safe Mode. (intermitently press F8 key when re-booting)

SmitFraudFix

http://siri.geekstogo.com/SmitfraudFix.php

It is a command line tool and pretty simple to operate.

I am not sure who put this thing on the website, I downloaded nothing. It may be a Carnivore creature.

Just a word of caution.


14 posted on 02/26/2009 8:29:19 AM PST by Texas Fossil
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Texas Fossil

You got to be careful visiting web sites these days. there can be all kinds of nasty’s embedded in java script, or just the page itself.

I find Norton does a good job of finding and removing those kinds of Trojans, which, because they seem to attach themselves to dll files that are ‘in use’ which makes them difficult to remove sometimes, even in safe mode, because the file is still “in use”. Norton will disable in then remove it when you reboot.


57 posted on 02/26/2009 9:00:09 AM PST by Nathan Zachary
[ Post Reply | Private Reply | To 14 | View Replies ]
To: Texas Fossil

Please, I know you mean well, but would you take the time to learn how to spell militia?


81 posted on 02/26/2009 9:40:06 AM PST by calex59
[ Post Reply | Private Reply | To 14 | View Replies ]
To: Swamp path

you may be interested


127 posted on 02/26/2009 12:14:51 PM PST by cajungirl (no)
[ Post Reply | Private Reply | To 14 | View Replies ]
To: Texas Fossil

I didn’t think viruses affected your harddrive. I thought they infected software.


135 posted on 02/26/2009 3:16:09 PM PST by freekitty (Give me back my conservative vote.)
[ Post Reply | Private Reply | To 14 | View Replies ]

Free Republic
Browse · Search 		Bloggers & Personal
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson