Dear Ttommytx,
As you can see in Secret's great previous answer, this problem is
pretty common. As a matter of fact, when I worked as a manager of a
computer lab, we had PC users who (thought) they knew computers pretty
well, and had all these spywares and spamwares (explanations ahead).
As a matter of fact, I even have them (and always try to get rid of
them), so my advises here are like a talk between two dogs on getting
rid of ticks.
====
What is spyware? What is Adware? What is Spamware? (if you know this,
just skip this section)
--------------------------------------------------
Robert Vamosi from ZNet defines Spyware in these words: "Also known as
"adware," this hidden software program transmits user information via
the Internet to advertisers in exchange for free downloaded software".
In a June 28 2001 article
<http://www.zdnet.com/zdhelp/stories/main/0,5594,2612053,00.html>
Vamosi explains about the issue. The spywares usually store
information about you or about your online movements (for example: you
visit stores that sell books, i.e. you like reading/buying books and
would be "interested" in ads about books. They even follow what you
search for in a search engine. If I search now for you about adware,
they might popup with an exclusive offer to buy a software that
removes all evil).
There also additional sites that may explain what it is all about:
Spycheck - <http://www.spychecker.com/spyware.html>
How to computer get Ticks? Tips when dowloading
-----------------------------------------------
This gets me to my first advice: when you download (a shareware or
even a software for a fee), *never*, follow the regular procedure -
always a costumised one, where you get asked for every component that
is not originally part of what you ordered. Not all of us would like
fried with our burgers. Also try not to give your personal information
when they ask you for it - to register. The latest advice is also
given by Vamosi, in the above mentioned article.
Steve Gibson gives a great and illustrated answer on the issue in
Spyware Watch UK <http://www.spyware.co.uk/whatis.shtml>.
Getting rid of the ticks
------------------------
When trying to remove regular programs, you can go to your control
panel, choose "add/remove programs", choose the program and hasta la
vista. Unfortunately, it doesn't work with these Tickwares, they
remain in your windows registry.
They might warn you, by the way, that by removing this program, you
may also hurt other programs installed in your computer, and namely
the shareware where it has all started. Well, usually it's a lie, and
when it isn't, you have to make your choice - not being spied or
enjoying the freeware. After all, that is like a "payment" for a free
program someone worked hard on.
Spy vs. Spy
-----------
There are programs that locate the spyware, and remove it. One is
"Ad-Aware" <Download it from ZNet here -
http://hotfiles.zdnet.com/cgi-bin/texis/swlib/hotfiles/info.html?fcode=63806&b=help>
and another product is Zone Alarm, information available (again) from
ZNet - http://www.zdnet.com/zdhelp/stories/main/0,5594,2610364,00.html
Wait a minute, and how do I know who's a tickware and who's an
innocent software?
-----------------------------------------------------------------------
There are several lisitings, where you can ask if the software is
spyware or not. One is Spycheck
<http://www.spychecker.com/index.html>, mentioned before. Output
<http://grc.com/optout.htm> also claims to haunt evil whereever it
hides in your computer.
All of the removal tools mentioned above, such as Lavasoft Ad-Aware
<http://www.lsfileserv.com/faq.html>, also have a list.
And what is XUpiter? That's what I'm paying for!
------------------------------------------------
XUpiter seems like a browser hijacker. They take your browser wherever
they want. This is general information on Browser Hijackers from
cexx.com <http://www.cexx.org/hphijack.htm>. They write "The function
of these is to change your browser's homepage (and maybe search, etc.
pages) to point to their site... There are two forms of hijacker: the
one that is easier to fix is a site that uses an IE vulnerability to
automatically set your homepage/etc. to theirs, and that's that. You
cuss under your breath, change them back and remember never to visit
that site again. The harder one to fix installs a program on your
computer (either by exploiting IE's insecure nature, or by enticing
the user to install e.g. a "free Web browser enhancement" which
contains the hijacking program. Once it gets onto your system, the
hijacker program continually changes (or forces) your homepage back to
theirs. No matter how many time you try to change it, either from IE
or in the Registry, the sneaky software keeps changing it back.
According to SpywareInfo, some will even set up your system to lock
you out of the Registry, to prevent you from removing their hijacker!"
<source, Cexx.com "Homepage Hijackers"
http://www.cexx.org/hphijack.htm>
Part of it is Bill Gates fault (but of course...). The Active X
component in our Windows system makes us vulnerable to such attacks.
You wouldn't be surprised, if I told you that disabling the Active X,
is usually the first step in getting rid of ticks. You might also want
to disable Javascript until you're done with them (both can be done
through Internet Option in your browser "tools" and than in
"advanced"). This is only a bet, but the name of the software might
indicate it abuses your active x. Don't disable anything yet, though.
Try to use an anti-hijackers program.
Computer counterterrorism: Setting the hostage computer free and
killing the hijackers
----------------------------------------------------------------------------
First and foremost, the human-ticks in xupiter have an uninstall
program <http://www.xupiter.com/uninstall/> here. Try this first.
Spywareinfo.com have information on getting rid of hijackers
<http://www.spywareinfo.com/hijacked.html>. They also contain links to
several download softwares that kill the hijackers. Ad Aware mentioned
before, can track most hijackers.
Others are
http://www.regnow.com/softsell/visitor.cgi?affiliate=13232&action=site&vendor=5957
- Pest Patrol
http://patrick.kolla.de/software/spybotsd/download.en.html - Spy bot
and
http://www.spywareinfo.com/downloads/x/xcleaner.html - X Cleaner
SpywareInfo.com has valuable information here - on removing it
yourself, if none of the softwares mentioned above recognises it. Read
it here <http://www.spywareinfo.com/hijacked2.html> - Hijacked! (part
2)
Support Group for XUpiter's victims
-----------------------------------
As you imagines, evil prevails not only your computer. May great
advises and support for you can be found in Techguy.org's thread on
the issue <http://forums.techguy.org/t93902/s57fee7c6eb053de8499d8ea3a5563124.html>
another thread of victims of this new thing could be found at Spyware
Info forums <http://www.spywareinfo.com/yabbse/index.php?board=11;action=display;threadid=1059>
Users in microsoft.public.windowsxp.basics mention the same problem in
the thread "What are Xupiter files"
<http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&th=5a9438d25c99ebfa&rnum=2>
Same at microsoft.public.windows.inetexplorer.ie6.ieak
<http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&th=dbc06280d0156962&rnum=3>;
and also Johnny Schmitt has apparently this problem in
microsoft.public.win98.gen_discussion
<http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&th=2c8450e6136ba9c6&rnum=4>
; in microsoft.public.windows.inetexplorer.ie6_outlookexpress
<http://groups.google.com/groups?q=xupiter&hl=en&lr=&ie=UTF-8&oe=UTF-8&selm=422f433a.0209041429.7b4c71fa%40posting.google.com&rnum=5>
You can post in all of these groups to hear advices of fellow victims.
I think that answered your question and I hope also would help to get
use of ticks. If you need any clarifications on the answer, please let
me know. I'd be happy to clarify before you rate the answer. Good
Luck! |
