 |
|
|
|
|
|
|
|
|
2007-11-26, 08:52 AM
|
#1 |
|
So much sperm ... So little time!
Join Date: Aug 2005
Posts: 1,433
|
Complicated techie help needed!
At least its complicated to me ....
Here is the story. I ended up with a trojan/malware on one of my computers. Spent 7 hours yesterday following directions to get rid of it. Was the: SmitFraud Malware-alarm scam virus. What a bitch to get rid of.....still fighting it. However I think I'm at the tail end. Here is my current problem: SYSTEM32/DRIVERS/IP6FW.SYS Everytime I reboot the computer all my virus programs quarantine this file as something is nasty with it. I have spent hours researching this online, and cannot seem to come up with a fix for it. What happens is it seems to stop my internet access. I have found plenty of information on it, but nothing seems to help with it. I cannot get online with this computer. Well....let me rephrase that. After a system reboot, I have access for about 3 minutes every time, then it fades away. When I have this computer plugged into my network, it affects my other 2 computers online access as well. Is it flooding IP's and interrupting my connection? I'm hoping somone out there has had something similar, and can get me on the right track fixing it. Thanks for reading everyone. 
__________________
Sexy-Milf-Money |
|
|
|
2007-11-26, 09:40 AM
|
#2 |
|
Banned
Join Date: Aug 2003
Location: Mohawk, New York
Posts: 19,477
|
That does look like a bitch to get rid of. I hope you find the answer but even more, I hope I don't get it
 |
|
|
|
|
2007-11-26, 09:49 AM
|
#3 |
|
Mean people suck, nice people swallow, are you mean or nice?
Join Date: Sep 2003
Location: Lower Alabama-The Redneck Riviera
Posts: 2,376
  |
I had some nasty shit on my computer which Norton didn't catch but Avast which is free fixed everything: http://www.avast.com/eng/download-avast-home.html
Might be worth a shot |
|
|
|
|
2007-11-26, 11:59 AM
|
#4 |
|
If there is nobody out there, that's a lot of real estate going to waste!
Join Date: Dec 2003
Posts: 2,177
|
A little trick that I came up with one time with these reappearing bad files that I couldn't get rid of. No guarantees though.
- Copy the file somewhere with a different name just in case you do need it. - Restart the computer in safe/dos mode. - delete the file - create a blank text file - save the text file as IP6FW.SYS - set the mode to read-only - restart the comuter |
|
|
|
|
2007-11-26, 12:07 PM
|
#5 |
|
If there is nobody out there, that's a lot of real estate going to waste!
Join Date: Dec 2003
Posts: 2,177
|
A little more info on that file, and why you may be getting internet problems.
Ip6Fw.sys is IPv6 Windows Firewall Driver Some malware camouflage themselves as Ip6Fw.sys, particularly if they are located in c:\windows or c:\windows\system32 folder http://www.file.net/process/ip6fw.sys.html They recommend Security Task Manager An anti-spyware program that should remove it: http://www.superantispyware.com/definition/ip6fw/ Last edited by tickler; 2007-11-26 at 12:10 PM.. |
|
|
|
|
2007-11-26, 12:22 PM
|
#6 |
|
You can now put whatever you want in this space :)
Join Date: Sep 2004
Location: Toronto, Canada
Posts: 6,244
|
http://free.grisoft.com/doc/29116/us/frt/0
I primarily use Linux but for my Windows machines I swear by AVG. Their products are free for personal use. They have three programs which check for viruses, root kits and spyware. They might be able to help you. Download them to another machine, burn them to disk and install them on your infected machine. Good luck Lorsha! |
|
|
|
|
2007-11-26, 12:24 PM
|
#7 |
|
You can now put whatever you want in this space :)
Join Date: Sep 2004
Location: Toronto, Canada
Posts: 6,244
|
|
|
|
|
|
2007-11-26, 03:06 PM
|
#8 |
|
So much sperm ... So little time!
Join Date: Aug 2005
Posts: 1,433
|
Just got home. Going to try all your ideas now. I'll report back later. Thanks SO MUCH for the responses!!
__________________
Sexy-Milf-Money |
|
|
|
|
2007-11-26, 04:32 PM
|
#9 |
|
So much sperm ... So little time!
Join Date: Aug 2005
Posts: 1,433
|
Jim: I hope you don't get it either hun!
Licker4u: Avast did not pick it up.  Tickler: Even in safemode, I could not find the file. It becomes hidden with no way to find/detect it. (And I don't mean just hidden, where you have to click in the "windows" folder to show those files.) Now for the good news! Tickler: http://www.superantispyware.com/definition/ip6fw/ This program found the trojan in System32/drivers/ip6fw, and repaired it! It also found a few other spots it was hiding in the registry, which was "reinstalling" itself on every reboot. Rootkit.virus was in several areas, and it found 5 of them. Upon reboot, after another scan, these were no longer found! I have not tried the internet yet to see how it is working, because now I am doing a full system scan with this program, to see if it finds anything anywhere else. Malware-alarm/Smitfraud virus is one nasty little mother F'er! Just glanced over at the "full system scan" and it has already found several more rootkit.virus files in several different areas........UGH.....I would like to find these people and allow us to publicly stone them to DEATH for making up these horrible things. Artwilliams - Had already AVG, and it did not find any of it. Will report back again later when I try the internet, to see if things are back to normal. You guys all ROCK! Thanks again so much for the assistance. Starting to see the light at the end of the tunnel. 
__________________
Sexy-Milf-Money |
|
|
|
|
2007-11-26, 06:27 PM
|
#10 |
|
So much sperm ... So little time!
Join Date: Aug 2005
Posts: 1,433
|
Final report: SUCCESS!!
Internet back to normal, and all is working perfect. In fact I think everything has sped up on system start, and normal procedures. Thanks for your help everyone! 
__________________
Sexy-Milf-Money |
|
|
|
 |
|
|
Linear Mode
