Amiga.org
The "Not Quite Amiga but still computer related category" => Alternative Operating Systems => Topic started by: Speelgoedmannetje on March 03, 2004, 02:29:12 PM
-
A while ago, I re-installed Windows on a friend's computer (an old P3).
When it was done (a clean install of Win98) it launched a to me unknown program called 'PhoenixNET'. This program could only be clicked away with ctrl-del. Every time Windows started, this program started and every time it gave error messages.
I surfed the net for information to remove this program but nothing!
I only read that it was built-in in the BIOS and that it was spyware (a 'service' from Phoenix).
And I couldn't find ANYTHING referring to it in the BIOS setup.
Eventually, I could click it a bit away (now it runs on the background).
so... if you need to buy a new PC mobo, you're warned.
-
Have you tried updating the BIOS ... Maybe PheonixNET is not included in the newer PheonixBIOS, or there might be an AwardBIOS for the motherboard...
What motheroard is it?
-
:-) Of course I considered it, but I couldn't find an appropriate BIOS.
It seemed to be completely abandoned.
-
Speelgoedmannetje wrote:
:-) Of course I considered it, but I couldn't find an appropriate BIOS.
It seemed to be completely abandoned.
Do you know the name of the motherboard? I could try to look at it ...
-
:-( *sigh* not atm, not exactly
but where would you look for it if I may ask? :-) (so I can look for it when I am there, behind the particular computer)
-
Check THIS (http://www.dslreports.com/forum/remark,826520;root=security,1;mode=flat) discussion. It should provide some useful info.
-
I used to see a Phoenix blurb whenever my computer started, untill I updated the flashrom and every trace seems to have vanished now.
-
@Whabang
yeah, I've been across this several times, but couldn't find something usefull in it.
They suggest you uninstall the program, but it can't be uninstalled because there is no uninstall option. (not even in the add/remove programs, nor in TweakUI)
but, ah well, thnx in advance anyway, here, one for you :pint:
-
Speelgoedmannetje wrote:
:-( *sigh* not atm, not exactly
but where would you look for it if I may ask? :-) (so I can look for it when I am there, behind the particular computer)
Depends on the motherboard
-
Try to use msconfig to remove it from the windows startup, and then remove the offending files from the hard drive.
-
Another reason why I hate PCs...BIOS-spyware!
HA!
:lol:
-
-
Speelgoedmannetje wrote:
whabang wrote:
Try to use msconfig to remove it from the windows startup, and then remove the offending files from the hard drive.
Thanks for the tip :pint:
@hnl_dk, thanks for the offer :pint:
and thanks for making me want a beer :pint: :-)
-
Cyberus wrote:
Speelgoedmannetje wrote:
whabang wrote:
Try to use msconfig to remove it from the windows startup, and then remove the offending files from the hard drive.
Thanks for the tip :pint:
@hnl_dk, thanks for the offer :pint:
and thanks for making me want a beer :pint: :-)
Not a cuppa tea? Tis time for it I see.
Naah, beer is for the late evening (except if you're on vacation or so)
@DanDude
I KNOW I KNOW I KNOW. :lol: :-x
-
Hmmm.... Just remember that msconfig is a debuging tool and should not be used as a permanent solution.
First off, in whabang's link it seems that the PheonixNet "feature" can be disabled via BIOS option. There may also be a jumper to do so if it's an older motherboard.
Second, ZoneAlarm is your friend. ZA not only traps incoming Internet requests, but outgoing ones as well. You can simply disallow PheonixNET's Internet traffic all together.
Third, install SysInternals TCPView (http://www.sysinternals.com/ntw2k/source/tcpview.shtml) which will give you a list of all Internet connections, including the application they're associated with and the destination IP.
Fourth, install and run HijackThis (http://www.spywareinfo.com/~merijn/downloads.html). This will give you a good idea as to what "extra" software is launched at startup. If you've installed lost of some legit software already then the listing it generates may be long. If it's a fresh Win98 install, it should be fairly sparse. At any rate, click on the "Save Log", and save it to a text file somewhere, then copy it and paste it here in this thread and we can help you find what the offending program is.
Fifth, use SysInternal's AutoRuns (http://www.sysinternals.com/ntw2k/freeware/autoruns.shtml) to track down and disable any spyware. This is the way it should be done and not through msconfig. You may end up editing the registry, but AutoRuns will take you to the place where you need to make the edit.
Sixth, install Lavasoft's Ad-Aware (and get the LSP plugin as well). (http://www.lavasoftusa.com/software/adaware/)
I think all the above should make your setup pretty spy-ware resistant for some time. :-)
- Mike
-
@Speelgoedmannetje
Typically, you can find the mobo bios version and revision on the lower left of the screen when the system is powered on. If you can paste that here, I can probably dissect it it for you. :-D
Cheers!
-
I know how to flash a bios,
but this mobo seems to be abandoned. I might try some bios roms from obscure sites, but it's not my computer, and I do not like to take risks with other's posessions.
@Glaucus
Yeah, I tried an anti-spyware program, but it didn't detect it. And I think if an anti-spyware program would detect it and remove it, it'd be installed again by the mobo.
(well, I tried to remove the shortcut from the desktop, but when restarting it was again on top)
ah well, thanks for the tips and here's one for you Glaucus, :pint: (or something alcohol-free, I dunno)