[GLLUG] Setting up a dual-boot system
Jason Watson
watson.jason at gmail.com
Sat Jun 24 09:58:05 EDT 2006
I've had some real battles trying to remove spyware like that. If
spybot or adaware misses any of the running processes then that left
over process will reinstall itself and everything will be there again
on the next reboot. The best luck I've had is to reboot windows in
safe mode (hit F8 before the WindowsXP screen comes up) and use a
program called HijackThis (http://www.spywareinfo.com/~merijn/).
Starting in safe mode stops any programs from starting up and
HijackThis will list everything on your system that is run when
Windows boots and lets you selectively disable things. It sometimes
can be a little tricky knowing what to disable but it gives you the
opportunity to keep those nasties from running. Once you have all the
spyware processes disabled from starting, you can reboot and use
spybot, adaware and others to get rid of the files left behind.
One other thing to consider is if somehow you have a rootkit
installed. Rootkits infect at a much lower level and are near
impossible to clean out. Sysinternals has free rootkit detector
software (http://www.sysinternals.com/Utilities/RootkitRevealer.html)
but my opinion is when something has its hooks in your system that
deep it can be a lot less of a headache to just backup whatever data
you have and start from scratch.
Hope some of this helps you out.
--Jason Watson
> frank.dolinar at comcast.net wrote:
>
>
> I have Ad-Aware and use it at least every week. Same with SpyBot and
> NortonAV.
>
> None of the above have managed to find or stop whatever is burning cycles in
> my system. The typical CPU percentage is running between 20 and 70% and
> really slowing down my system. (Let's just say I'm not amused.)
>
> I think (but cannot prove) that one or more of the "CoolWWWSearch" malware
> processes is doing this to me, but -- as I said -- none of my anti-malware
> tools is finding anything. It's discouraging. (If anyone knows anything
> about dealing with this particular family of nasties, I'd be interested in
> hearing more.)
>
> While in most cases I'd agree that what I plan might be a little extreme, I
> have not found an easy way around this. Nor am I a complete stranger to the
> clean-the-hard-disk-and-start-over process. Wouldn't be
> the first time.
>
> On the other hand, if I thought I had an alternative, I wouldn't be going
> this route.
>
> Thanks for the feedback. All good ideas.
>
> -- Frank
>
More information about the linux-user
mailing list