LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 03-05-2003, 09:15 AM   #1
carrja99
Member
 
Registered: Feb 2003
Posts: 155

Rep: Reputation: 30
Nasty stuff


A friend of mine was asking if I could take a look at his computer, complaining it was runnning extremely slow and IE was crashing every single time he trie to go somewhere on it. I was baffled to see IE had LOADS of toolbars, some senseless like "The Cash Toolbar!" and much much more. I instantly solved the cause of his misery... spyware installed by all the p2p programs he had.

I downloaded ad-aware, ran it, and.... 502 items found!! Not to mention about 100 something processes running. I also installed Opera so he wouldnt have to use IE, but now here comes the problem... even though the p2p programs have been completely removed, spyware still shows up!! I found 15 items when I ran it again, and running adaware immediately after deleting those found 3 items. Something called New .NET (some tie in with Microsoft .NET?). Although I want to move him to Linux, he's not computer literate and uses several programs I think he'd have a hard time migrating to linux.

Anyone have any idea what this spyware that keeps reinstalling itself is coming from?
 
Old 03-05-2003, 09:43 AM   #2
XavierP
Moderator
 
Registered: Nov 2002
Location: Kent, England
Distribution: Debian Testing
Posts: 19,192
Blog Entries: 4

Rep: Reputation: 475Reputation: 475Reputation: 475Reputation: 475Reputation: 475
Try also running Spybot Search and Destroy - it provides full explanations of where all the bits are (reg, c:\, \winnt\ etc) and classes them by how bad they are. It also says what they are. I find that running Ad-Aware/Ad_Watch all the time, with a clean once a month by Spybot, keeps the system clean.

Does your friend also have a decent up to date virus guard/firewall? If not, free ones are AVG (www.grisoft.com) and Zonealarm (www.zonelabs.com).

Good luck.

ps. have you thought about restricting your friend's acces? maybe not let him install things - it's for his own good!!!
 
Old 03-05-2003, 09:51 AM   #3
SeT
Member
 
Registered: Dec 2002
Location: cincinnati
Posts: 87

Rep: Reputation: 15
i had a problem with that new.net crap when i used kazaa/morpheus. i don't remember how i got rid of it tho. i think there was a registry key starting/reinstalling it.

right now tho, i'm having some trouble with some nastier spyware - xupiter. i've tried adaware to delete it but without it i get page cannot be displayed for every web page i go to, can't connect to get e-mail, and can't get on msn/aim. i can't wait to get my linux box back up and running. till then, anyone have any ideas?
 
Old 03-05-2003, 10:39 AM   #4
moosedaddy
Member
 
Registered: Feb 2003
Location: Oklahoma
Distribution: Debian Unstable
Posts: 244

Rep: Reputation: 30
I use kazaalite in windows, It has the spyware removed.
 
Old 03-05-2003, 10:41 AM   #5
tcaptain
LQ Addict
 
Registered: Jul 2002
Location: Montreal
Distribution: Gentoo 2004 from stage 1 baby!
Posts: 1,403

Rep: Reputation: 45
xupiter is d*mn EVIL! Its stupendously hard to get rid of.
I eventually just threw caution to the wind and completely re-installed my folks's windows to escape it (after some severe lectures on net safety and lobbying to move them to linux...in vain).
 
Old 03-05-2003, 10:45 AM   #6
acid2000
Member
 
Registered: Nov 2001
Location: Exeter, UK
Distribution: Gentoo 1.4
Posts: 243

Rep: Reputation: 30
Reinstall, get rid of it all and start from the beginning.
 
Old 03-05-2003, 11:06 AM   #7
SeT
Member
 
Registered: Dec 2002
Location: cincinnati
Posts: 87

Rep: Reputation: 15
as much useless crap as there is on this computer i would love to just start over. however, it's a 4 year old compaq(parent's computer) and the recovery disk has disappeared and my 98se disk looks like it was attacked by some 80 grit sandpaper and i have no idea how that happened because as far as i know it hasn't left it's jewel case in at least 1 year. oh well, quick google search turned up some people as annoyed with xupiter as i am and they had a tool for deleting and it appears it worked.
 
Old 03-05-2003, 12:25 PM   #8
carrja99
Member
 
Registered: Feb 2003
Posts: 155

Original Poster
Rep: Reputation: 30
Oh yeah.. and what was all the "possible browser hijack attempt" warnings I got when I ran adaware?

I am also curious... how long will it be before spyware is classified as virii?
 
Old 03-05-2003, 02:41 PM   #9
Any
Member
 
Registered: Feb 2003
Location: Uk
Distribution: It varies
Posts: 54

Rep: Reputation: 15
You do know that adaware counts a lot of cookies as spyware?
 
Old 03-05-2003, 03:19 PM   #10
carrja99
Member
 
Registered: Feb 2003
Posts: 155

Original Poster
Rep: Reputation: 30
Xupiter has an uninstall page with simple, easy to use uninstall instructions!

www.xupiter.com/uninstall.html

Last edited by carrja99; 03-05-2003 at 03:44 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Hit with a nasty DoS msound Linux - Security 4 09-14-2005 11:10 PM
Nasty tsclient error NTolerance Linux - Software 4 04-04-2005 01:34 PM
nasty download problem ylts Linux - Software 2 03-06-2005 04:31 AM
WINE and some nasty errors to go with it... Twiggy794 Linux - Software 5 09-18-2003 05:39 PM
How to stop those nasty processes sridharinfinity Linux - Distributions 2 06-12-2003 06:19 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 03:35 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration