#$%&-ing Incredifind Worm!

Discussion in 'Trading Software' started by pisspotpete, Mar 13, 2004.

  1. Anybody else get that bastard Incredifind stuck on their machine? You will probably see it if IE doesn't find a page, or gets an Error 404. It hijacks you to a crappy search page. At the bottom of the page there is a link to remove it, but that will download an EXE program and I sure as hell don't trust it.

    Norton AV, Adaware, Spybot didn't find it. Don't know how I got it unless it came bundled with some SW and I got tricked into installing the POS. I used "HiJackThis" and it seems to be gone now:


    HiJackThis got good reviews over at cnet.com. Be careful with it tho. It will delete all sorts of things and you might need some of them. Looks like it will get rid of the "Check For TWS Updates" program too if you want.
  2. m22au


    google search for Incredifind


  3. My wife used to get that adware crap on her computer all the
    time. She had intellifind amongst many others. I used Spybot
    Search and Destroy on her machine and she hasn't had trouble


    Be sure to use the update feature and immunize features.

    Also be sure you have all of the MS critical updates installed...
    go to tools... windows update in IE to get them.

  4. I got something on my computer today that poped up when I tried to bring up a site from my favorites list. It said it couldn't find the site and to click on to it and it would find it for me. I clicked it off a couple of times and then restarted my computer and it was gone. Is that something like you were talking about?
  5. Yes, I had that bastard do. I sent him over to you. LOL jk, spybot search and destroy got rid of it for me to. Also there is this evil ad software called "Gator". Spybot gets it too.

  6. Don't know if it was related, but I found some other stuff that Spyhunter said was a re-direct ad-ware and it could also put things in your favorites.

    Where the hell does all this shiite come from? :mad:

    I run all the usual anti-virus, spyware killer and firewall progs all the time. Still, some gets thru...
  7. Check your browser security settings. If you're allowing unrestricted activeX activation and/or scripting, some of these POSs might come in that way without you're even knowing it. They can get installed and hook themselves into your browser's infrastructure just by navigating to a website that has such crap embedded in the page. Others often come in if you access a music/video/etc. download sites that require you to use their special "file downloader" rather than the browser's normal file download capability.

    You should probably also be sure that you've run a check at http://windowsupdate.microsoft.com to be sure you have all required updates installed on your PC.

    Also, be aware that in some cases, these adware buster programs while eliminating the ad/spyware from your machine can sometimes leave your browser environment broken (depending on how stealthly the spyware hooked itself into your browser).

    A friend had that situation a while ago - his IE constantly said "can't find server" after he ran a spyware removal program (which killed something like 50 different ad/spyware hooks). When a reinstall of IE still didn't fix it, I had him delete the entire IE hive from the system registry and then reinstall IE and that fixed it.

    Seems like the adware buster blew away the offensive software but a hook was still left in the IE registry environment that was causing the problem.
  8. rwk


  9. The spyware usually gets installed with various free programs that people download like Kazza P2P and other adware. Some, like Gator frequenty get installed when you visit a site that serves a drive by download ad. If you do not have browser security set properly, it gets automatically installed. If you do have security properly set, you get a prompt to install. Some people accidentally click OK. Others mistake it for a Windows update and OK it.

    I found that you have to make sure to frequently update the Spyware detection software. Also, sometimes its a good idea to run multiple programs. For example, I was cleaning out a friend's machine and ran Ad-Aware. It was unable to clean out some of the spyware - the crap kept re-installing itself after reboot. Ran SpyBot and that took care of the problem.

    NOTE: Not all free or AdWare software includes such crap. QuoteTracker for example is AdWare if used unregistered, but we do NOT install any 3rd party crap, and do not add anything that monitors you, pops up popup ads, or in any other way modifies your computer. Wish others would respect their client's computers the same way. Half the time when we get a problem report about computer stability, we have the person run the spyware detection software, they clean out the crap it finds, and the problem goes away.
  10. Good info ArchAngel. I changed my ActiveX stuff to "Prompt", so I can see what the sites are trying to do.

    Jerry, yes your QuoteTracker is a super program and not intrusive at all. I use it every single market day and just click on the ads a few times. One of these days I'll register it. The price is certainly no big deal!

    Thanks all for the security advice. Sure have to keep on your toes and up-to-date on this stuff.
    #10     Mar 14, 2004