BARBELITH underground
 

Subcultural engagement for the 21st Century...
Barbelith is a new kind of community (find out more)...
You can login or register.


Underground > Conversation >

Need Real Help for a Real Problem - Freaking SPYWARE.

  
 
ibis the being
00:19 / 28.09.04
An evil, evil person appears to have emailed me a Trojan horse or something, I've massive amounts of Spyware and it's making me nuts. I have no antivirus program and no $ to buy one, so is there a homegrown way to solve this problem? I went into my Add/Remove section of the control panel and painstakingly uninstalled each little bugger. But as soon as I rebooted they were back. Like a dummy I tried it again, same result.

Hellllp. Apparently I've used up all my perfectly-smooth-running-never-problematic computer karma in life and now I'm doin time.
 
 
Cloned Christ on a HoverDonkey
00:32 / 28.09.04
For your accursed spyware, download Spybot Search & Destroy - it's free and just about the best spyware proggy out there.

And you don't need cash to run an antivirus program, either - AVG Antivirus is free when you register and, whilst maybe not as effective as some of the paid programs, still offers free, regular updates and apparently stops the overwhelming majority of viri in their tracks.

Hope these links help.
 
 
Smoothly
00:40 / 28.09.04
And you might want to add Ad Aware to that.
 
 
ibis the being
00:50 / 28.09.04
Oh, wow, thanks. You know, the irony of this is that the person who I'm almost positive emailed me this shit works for an internet advertising company, a friend of a friend of a friend who's supposed to be helping me bring traffic to my business website. Someone who you'd *think* would keep a nice clean work computer and be a little more diligent than average about not sending out viruses and such things.
 
 
Red Cross Iodized Salt
02:55 / 28.09.04
Setting up a firewall and using a browser that isn't IE should help as well. Try Firefox and the free version of ZoneAlarm .
 
 
Tezcatlipoca
07:46 / 28.09.04
And once you've installed a firewall, head over to Steve Gibson's website and run through the various tests to check your firewall is working as it should.
 
 
invisible_al
10:43 / 28.09.04
Firefox will help but only with not catching such stuff off the web.

Ad-Aware and Spyware S&D should clear of most of the crap thats out there but if that fails try running Hijack This. It will give you a listing of your registry that you can ask people at Spyware Info to look at and tell you what to delete.
 
 
ibis the being
18:43 / 28.09.04
Thanks for all the suggestions, I'm still working on this. I ran Spybot S&D twice last night and it cleaned up over 200 bots but there's still more to do, so I'll work my way through these programs you've all been so kind as to recommend. I would type a smiley face to punctuate, but my colon key is broken.
 
 
ibis the being
21:09 / 28.09.04
Okay, forgive me, I still need help. I've run both Spybot S&D and Ad Aware several times, rebooting and rescanning. Each time there's still a few bots or malware. Am I doing something wrong, or is this not fixable? Or is it just not fixable for a semi-literate like me?

I tried to read the FAQ at HijackThis, twice, and it's just not making enough sense for me to be able to post. I can only get through about once sentence before I'm lost. Registry? Log? Post wha? What? Huh?
 
 
Red Cross Iodized Salt
22:39 / 28.09.04
Registry? Log? Post wha? What? Huh

Webopedia should have some links that explain what the Windows registry does. Basically, it's where the Windows operating system stores information about user preferences and other configuration options. Some spyware programs will make changes to the registry that make them difficult to remove / allow them to come back after you think they've been removed. (If you ever had that problem where your homepage was set to a page you didn't select and kept being reset every time you restarted your browser, it was generally because of a security hole in Internet Explorer that allowed websites to change the registry setting for the IE homepage without asking your permission.)

The Log will be some kind of an output file or text display created by HijackThis that you will be able to post to the Spywareinfo forums. Someone there will most likely be able to tell you what is infecting your computer using this info.

another thing you should do is to run Windows update or ensure that all current patches for your version of Windows are up to date. If you want to continue using Internet Explorer, get the latest version.
 
 
ibis the being
00:19 / 29.09.04
Hollld on. I need to paint a bigger picture. I think I have a bigger problem. Has anyone heard of a company called incomps? (Ordinary websearches are proving fruitless for me.) That's the domain of the email address for the person who is supposedly helping me advertise my business. Up until this point it never crossed my mind that I might be getting scammed, because an acquaintance of mine connected me directly to her friend at the company. But that's when my spyware and other problems (Word completely crashed) began. Which could be a coincidence but.

I was just informed that the company's plan for helping me advertise (which, when they originally sketched it out, was incredibly vague ad-talk) apparently hinges on me publishing on my business website a new contact page with a form that will send a person's name, email, and inquiry to me and to incomps. There's also some business about keywords, and what keywords bring people to my site.

OH. MY GOD. They just want to gut me and use me as a vessel for spreading adware, don't they? Seriously, I know I sound silly, but it's just dawning on me - this is a scam, isn't it?

I'm going to kill that "helpful" acquaintance of mine.
 
 
Tezcatlipoca
02:45 / 29.09.04
I tried to read the FAQ at HijackThis, twice, and it's just not making enough sense for me to be able to post.

1) Start Hijack This
2) Click 'Scan' (bottom left corner)
3) Click 'Save Log' (bottom left corner)
4) When a text file appears Notepad, hit Ctrl+A then Ctrl+X
5) Make a post on Barbelith and copy the text with Ctrl+V
6) Your remaining problems will be sorted from there
 
 
Red Cross Iodized Salt
04:20 / 29.09.04
Isn't 'incomps' a short form for incompetents?

Capturing user data via a sign-up page is a pretty normal thing for a corporate site to do, although I can't imagine very many people voluntarily submit their info these days without some kind of an offer or freebie to tempt them. That this company wants access to the data as well seems a little suspect (what business of it is theirs?).

When the guy was talking about keywords he was most likely referencing programs like Google Adwords.
 
 
Red Cross Iodized Salt
04:51 / 29.09.04
I guess incomps is, in this case, short for Incomprehensibilities, inc.

Strange non-website though...

I also found www.buydiscountcontactlenses.com, which appears to be an 'Incomprehensibilities, inc.' link farm (look at the bottom of the links page).

Both sites are registered through BulkRegister.com and have very similar whois info (same PO Box numbers and Yahoo email addresses, but different phone numbers). You can search the BulkRegister WhoIs database here.

To me, the company looks kind of shady, but I've always gotten the impression that most of the companies that promote search engine hits are bordering on being spammers anyway. You might to see if any Barbeloids working in web related jobs have a take on this.
 
 
ibis the being
19:52 / 29.09.04
Isn't 'incomps' a short form for incompetents?

Right, that's just one of the shady pieces of the puzzle.

Capturing user data via a sign-up page is a pretty normal thing for a corporate site to do, although I can't imagine very many people voluntarily submit their info these days without some kind of an offer or freebie to tempt them.

Well, I have a decorative painting business, so it makes sense that people would submit specific info in order to get a rough estimate or some idea of my services, especially when the contact page makes it appear that they're emailing a specific person (me).

That this company wants access to the data as well seems a little suspect (what business of it is theirs?).

This is what got me suspicious in the first place. I could understand them wanting to have a look at my traffic and referrals, which are easily done. There are plenty of simple software progs that can show that info plus what keywords people were searching for. But why they need my customers' email addresses is beyond me, and it doesn't agree with my business ethics to be giving out people's private info without their knowledge.
 
 
w1rebaby
20:46 / 29.09.04
Hmm. It is possible that they want to route output from a form on your site through them, to process the data and send it on to you.

However, I don't see the need for that if every enquiry is going to need your personal attention anyway. People might as well send you an email, or enter some data on a simple web form which gets sent to you via email and you respond. That's a piece of piss to do. Your hosting company likely has a webmail form you can use for that already, if you have CGI or PHP; if not, I (or any other even slightly competent programmer) could write you one in Perl or PHP in ten minutes. It's only for complex automated systems that have people choosing products from a database and getting things sent automatically to them without human intervention that I'd route via an external server like that.
 
 
ibis the being
21:18 / 29.09.04
Right - I have a simple click to email button on my contact page now, but they wanted me to replace the page with the form they designed. There is really no need for anyone but me to receive customer emails, I am the owner, manager, head finisher, I do everything except advertise. The latest fishy thing they're asking me is whether I could keep up with potentially massive amounts of job requests, which from a small local contractor point of view is not likely nor exactly problematic - this reinforces my suspicion that there's going to be some kind of spammish nuisance attached to the deal.

I think that regardless of whether incomps is a bonafide spammer or just a shady web ad company, it's a bad idea for me to let them get involved given the nature of my company (working in private residences).
 
 
w1rebaby
21:51 / 29.09.04
It sounds like they want to get money off you for a system you don't need, rather than do anything more dodgy than that, to be honest. I wouldn't feel comfortable about sending email addresses to a third party I wasn't sure about, even given that, though I doubt they'd sell them off to spammers if they had any sense and wanted to continue as a web design business.

A web form with a few buttons, checkboxes and pull-down menus is no more difficult to send the information via email from than one with just a text box. All you need is to add the appropriate HTML to the form and make sure the mail script it sends it to will send you all the parameters it receives. Now, if there was automated checking involved (e.g. a form that checked whether a certain product was in stock before sending you the details) that would be more complex and involve database work... but if you're the one that checks, it doesn't.
 
 
ibis the being
16:24 / 30.09.04
Well, they actually didn't ask for any money from me because they said this (my field) was a new area for them and so it was supposed to be some kind of symbiotic business relationship with no $ exchanged.

Personally, when I go to a business's site and want to use the contact page, I interpret pull-down menus and such as a sign that my feedback is going to go through some PR department rather than a single human, and/or that they get an overwhelming number of replies - it seems a tad impersonal and I don't expect a quick response.

For my purposes, the basic "email me" is better anyway. Homeowners like to feel they're special, and have a one-on-one relationship with a builder/designer/painter.
 
 
---
22:19 / 30.09.04
Ibis, a good place to go if your ever in trouble is Antionline, a lot of the members are computer security professionals or hackers.

Just to be clear that's Hacker, not 'Cracker'. The two get confused a lot, a Hacker basically knows a computer inside out and does the complete opposite of a Cracker. The site has loads of Tutorials and advice, it's a pretty neat place to go when your stuck on Security issues. I know at least one member actually works for Microsoft too.

I wonder if he'll advise you to get Firefox? There's a thread about it here at the site. I've just got it myself yesterday and it's fine so far, love the popup blocker.
 
 
ibis the being
22:23 / 30.09.04
Thanks for that. I knew Barbelith would be help me out with this. I installed Firefox yesterday and uninstalled my IE completely. Since then, no popups!
 
 
STOATIE LIEKS CHOCOLATE MILK
22:35 / 30.09.04
Yeah, Firefox really is the bollocks. I've been using it for months with no problem from popups.
 
 
Cloned Christ on a HoverDonkey
22:58 / 30.09.04
Not only that, but the number and range of extensions (added functionality) that Firefox offers is unbelieveable.

Go to StumbleUpon for what is probably the best extension/plugin ever developed for a browser ever! As you browse you can click 'I Like It!' or 'Not-For-Me' - the StumbleUpon gets to know your likes & dislikes pretty quickly. You can then click the 'Stumble!' button to display a random web page, based upon your unique preferences.

It's amazing; I have found many, many gems through this service that I wouldn't ever have seen otherwise.

Fab!
 
 
Grey Area
10:28 / 08.10.04
I didn't want to create a new thread, so I'll just slap my query on the end of this one: Can someone recommend a reliable, free encryption utility? Doesn't have to be "10,000,000 year supercomputer calculation to crack" level encryption, but shouldn't be the equivalent of locking your shed with a piece of wire either.
 
 
w1rebaby
10:41 / 08.10.04
From a quick look on the GPG site, WinPT seems to allow you to encrypt files with it. Other Windows programs seem to concentrate more on encrypting mail, which is the most common application but doesn't sound like what you want.
 
 
We're The Great Old Ones Now
10:41 / 08.10.04
Similar question: my poor mother is stuck with a customised Outlook Express which has an ad bar at the bottom. Does anyone know how to get rid of it (or where to find out how)? I remember seeing an article about it years ago, but I didn't care at the time, so I didn't keep it...

Cheers.
 
 
Bamba
21:09 / 09.10.04
I didn't want to create a new thread, so I'll just slap my query on the end of this one: Can someone recommend a reliable, free encryption utility? Doesn't have to be "10,000,000 year supercomputer calculation to crack" level encryption, but shouldn't be the equivalent of locking your shed with a piece of wire either.

PGP's pretty solid encryption stuff, there's planty of ino on it if you Google around although whether the free version I've linked to is useful to you depends on exactly what you want to do with it.
 
 
ibis the being
17:57 / 19.10.04
Just popping in to update on my situation, no spyware or adware troubles since switching to Firefox, and also I've talked to the incomps people who've reassured me that they're above board. They said they could see how they may appear to be shady in some ways, but are definitely not spammers nor sharing information with spammers. FWIW.
 
  
Add Your Reply