[David E. Gervais]

Quote:

Originally posted by Thermodyne:
Link to kill it:
http://www.securiteam.com/securityre...RP0L0UD5U.html

And as the others have said Mozilla or Firefox to prevent it. If you have to keep IE6, then Firefox is a little more IE friendly. If you work with SQL web apps or Frontpage, then you will want to keep IE around.

Interesting link Thermodyne. Especially the note at the bottom of tyhe page, Aparently my suspicions were right, it is indeed an spyware/hijacker removal service that has been spreading this piece of malware. They should be sued into bankrupsy and given life prison terms fo their maliscious act.

btw: following this kind of procedure does not always work, and it did not work for me. I still had the problem after running through the procedure. But I found a workaround.. I viewed all the files in my ..\windows, \system and \system32 folders and sorted by date. I then deleted all suspicious files and made special notes of the ones that said 'unable to delete' and removed them in dos. When I rebooted the system complained but was nice enough to let me know what it was looking for. I searched the registry and removed any references to these files. it seems fine now.

BTW I wouldn't reccomend this type of drastic procedure unless you have a good knowledge of what is what in the windows folder. It would be easy to delete a 'needed' file and cause windows to die.

One good indication that it's a bad file is when it has a very obscure name, like snxyfc.dll or mxtargoo.dll etc.

Anyway, the problem seems to be solved, and now that my primary browser is Mozilla I should be safer.

Cheers!

P.S. Thermo, I'm approaching 100 folds for the sharky team. Man I hat getting these ***/400 folds, they take several days to complete.

[ July 07, 2004, 11:57: Message edited by: David E. Gervais ]