My housemate brought home a laptop from someone he works with, asking if I could remove the Sasser worm from it. Well, it turns out Sasser worm wasn’t on there – MS’s tool turned up blank, but IE was crashing regularly and strange toolbars had appeared.
Since this wasn’t my laptop, rather than setting it up for our network I burned a CD with Spybot, Ad-Aware, SpywareBlaster, CWShredder and HijackThis, along with the latest Ad-Aware reference file. I ran Ad-Aware first because it had the most recent definitions and it found… wait for it… 785 suspect items. Now while a number of those were cookies, it’s still the worst spyware infestation I’ve seen. No wonder IE was crashing so much.
Spybot S&D found a further 70 items, again mostly cookies but also a BHO that Ad-Aware missed. I’ll also run CWShredder and HijackThis to be fully sure.
I’m still unsure about one thing though. The machine had Kazaa, and I’ll have removed the spyware that kept it running. So, do I:
- Uninstall it, and say that it’s evil and that he should try something else
- Uninstall it and replace it with Kazaa lite
- Reinstall it
Your thoughts please.
Related Posts:
This work, unless otherwise expressly stated, is licensed under a Creative Commons Attribution-ShareAlike 2.0 UK: England & Wales License.
August 4, 2004 at 17:20
My advice, use shareaza instead of either Kazaa or Kazaa-lite.
Cheers,
Ward
August 4, 2004 at 17:30
Sorry, I’m daft, I didn’t read you post well enough. I would delete and tell him that it’s evil and then recommend Shareaza.
Cheers,
Ward
August 4, 2004 at 18:17
Uninstall and kazaa lite. Except you might find it hard to find a k-lite executable to install it from.
August 4, 2004 at 20:21
Definitely uninstall and explain that it is evil.
If he insists on infringing others’ copyrights, recommend something else (and maybe offer to install Kazaa Lite or similar for him).
August 4, 2004 at 20:31
Uninstall KaZaa. Install Azureus (Java based Bittorrent client) and introduce the user to Bittorrent and http://www.suprnova.org!
August 4, 2004 at 20:52
The absolute worst spyware infested machine I have come across had 1000 objects according to Ad-aware. That by far was the worst I have seen (although I have seen a couple 700+ ones).
I would highly suggest uninstalling Kazaa. Kazaa comes bundled with spyware/adware and I wouldn’t be the least surprised if it tried to send more of that crap without consent to a machine in the middle of the night.
Kazaa Lite is a good alternative (its specific purpose is to be an adware/spware free version of Kazaa).
Then again, I gave up on Kazaa and other P2P programs thanks to the high chance of coming across viruses, wrong/corrupt music, and spyware/adware. Instead, I use iTunes for my music needs and its legal and virus free. Of course, what do I know.
August 5, 2004 at 03:18
I would also recommend Shareaza as it connects to so many networks that are alive. THe KaZaA network is dying due to the RIAA etc.
If he must use KaZaA then use Kazaa Lite though its harder to find on the Internet these days !
August 5, 2004 at 05:13
Hmm, I would recommend that you install Kazaa Lite Resurrection. That’s what I’m….Err, a friend is using to share legitimate p2p music and such.
August 5, 2004 at 12:35
Yep, kill kazaa – the thing is a nasty fat mess. It is a dying animal anyway. Shareaza and winMX are both decent alternatives, although the former needs to be configured correctly otherwise it won’t be all that rapid.
August 5, 2004 at 17:19
Most P2P software needs to have routers configured to allow faster transfers. This is because the P2P software allows “hosting” as well as “slaving”. In order to be a host behind a firewall, you either need to put the machine in the DMZ (not really a good idea), or forward the ports the software uses to the machine running the software.