OT NewDotNet Adware / Smitrem.exe

  • Thread starter Thread starter RJK
  • Start date Start date
R

RJK

....Thanks to whoever advised me to download Smitrem.exe from wherever it
was :-

Panda a/v sweep just told me that it was a "Tracking program" called
"processor" and promptly deleted it.
Panda's information on this file describes the file as being written in MASM
and is a particularly nasty little piece of work.

I will try to find the thread in here where all this was going on, and
update it. OOOooH! Panda just found another one "Winword.exe" in my
utilities folder on drive I:\ = type = leaktest.A ....umm ...I think
that was just something I downloaded from Steve Gibsons site
http://www.grc.com oh well, it can go anyway !!

regards, Richard
 
RJK said:
...Thanks to whoever advised me to download Smitrem.exe from
wherever it was :-

Panda a/v sweep just told me that it was a "Tracking program" called
"processor" and promptly deleted it.
Panda's information on this file describes the file as being written
in MASM and is a particularly nasty little piece of work.

I will try to find the thread in here where all this was going on, and
update it. OOOooH! Panda just found another one "Winword.exe" in my
utilities folder on drive I:\ = type = leaktest.A ....umm ...I
think that was just something I downloaded from Steve Gibsons site
http://www.grc.com oh well, it can go anyway !!
Click to expand...

If Panda is complaining about a leaktest file that you are sure came from
Steve Gibson then it says far more about Panda than it does about Steve
Gibson, and none of of what it says is good.

Incidentally, MASM is a programming language / environment, and saying that
a program is written in this language is nothing sinister, any more than
noting that a car is made from "Metal" and "Plastic".

--
--
Rob Moir, MS MVP
Blog Site - http://www.robertmoir.com
Virtual PC 2004 FAQ - http://www.robertmoir.co.uk/win/VirtualPC2004FAQ.html
I'm always surprised at "professionals" who STILL have to be asked "Have you
checked (event viewer / syslog)".
 
From: "RJK" <[email protected]>

| ...Thanks to whoever advised me to download Smitrem.exe from wherever it
| was :-
|
| Panda a/v sweep just told me that it was a "Tracking program" called
| "processor" and promptly deleted it.
| Panda's information on this file describes the file as being written in MASM
| and is a particularly nasty little piece of work.
|
| I will try to find the thread in here where all this was going on, and
| update it. OOOooH! Panda just found another one "Winword.exe" in my
| utilities folder on drive I:\ = type = leaktest.A ....umm ...I think
| that was just something I downloaded from Steve Gibsons site
| http://www.grc.com oh well, it can go anyway !!
|
| regards, Richard
|

Richard:

NewDotNet is adware/spyware that plugs itself into the Layred Service Provider of the the
Windows Sockets (WINSOCK) and if you remove that adware without removing the LSP plug-in
then you will break the TCP/IP communication stack.

If you have WinXP SP2, you can reset WINSOCK with the following command line and then
reboot...

netsh winsock reset

Otherwise it is suggested to have on hand the LSP Fix utility --
http://www.cexx.org/lspfix.htm
or
WinsockxpFix -- http://www.snapfiles.com/get/winsockxpfix.html
 
http://noahdfear.geekstogo.com/ was where I got smitrem.exe and it did a
luvly job !
David H Lipman told, on that other thread wherever it is, that I would need
LSPfix to remove NewDotNet and repair my TCP/IP daisy chain, which was
hugely helpful of him, ....
it's all coming back to me now !!!
....so perhaps it was a false positive.

regards, Richard
 
I didn't intend to infer that MASM was sinister, perhaps I should have use
an "also" in that senetence !

regards, Richard
 
....I suppose I could have left NewDotNet in my TCP/IP stack after
Smitrem.exe had done it's stuff but, David H Lipman pointed out, (on that
other thread back there - when removed Spyaxe from AR's PC), LSPfix had been
tweaked to remove NewDotNet.

regards, Richard
 
I think I may have jumped too quickly, to two wrong conclusions, or at least
didn't cast an eye long enough on the 2nd item where Panda complained about
a Winword.exe file in my I:\01_PROGS\utilities directory !
....was trying out Panda,
Panda described the Winword.exe file problem as Leaktest.A ......perhaps
that's nothing at all to do with the Leaktest thingy I fiddled around with
ages ago on Steve Gibsons site !
....anyway I let Panda delete it.

I think I may go back to my CA etrust internet security suite 30 day trial -
twas that that discovered trojan.zlob.d in AR's machine, ...or was that in
my machine ? .....
....yawwwwwwn , am off to bed !

regards, Richard
 
Besides that...
...I suppose I could have left NewDotNet in my TCP/IP stack after
Smitrem.exe had done it's stuff but, David H Lipman pointed out, (on that
other thread back there - when removed Spyaxe from AR's PC), LSPfix had
been tweaked to remove NewDotNet.

regards, Richard
Click to expand...
 
RJK said:
I didn't intend to infer that MASM was sinister, perhaps I should
have use an "also" in that senetence !
Click to expand...

Sorry, I was criticising Panda for mentioning it, not you for reporting what
Panda said!

rob
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

SAVENOW & NEWDOTNET 2
OT: Vista Home Premium.... 2
alexa seen as adware by web root spy sweeper 1
(OT) Getting wallpapers to a cellphone from a computer 4
OT: Bios / power saving features... 4
Shut down (hibernate) problem :-) 4
blank start-up page 1
OT, how do I back up Android straight to the PC? 2

Back
Top