ILL - Legitimate?

Discussion in 'other security issues & news' started by HandsOff, Feb 16, 2004.

Thread Status:
Not open for further replies.
  1. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    Hello -

    I recently obtained a copy of a program called Swatit, which i understand is a free program that looks for trojans. Well, i wanted to at least do a google search on it, instead of just ask...you know, I wanted to 'do for myself'...

    What then transpired was like an episode of The Twilight Zone. I found myself on what appeared to be a list of results returned by google, only, they weren't. If i passed my cursor over the blue topics witch are normally hyperlinks, the cursur did not transform into the "let's go finger" instead it just turned into the "skinny i am hovering over text thing". then i looked around at the results. Adverts for the notorious Bulletproof Software Leaches, and another for a website called anti-spybots....(which is brutally honest)...

    (I will include partial screenshot, if i figure out how...)

    PART -II

    My sister calls me up with the good news that I have finally convinced her and she is running a spyware program even as we speak, called ____Spybots (not the awesome AND free program Spybots Search and Destroy, by Pepikin (sp?) Software). I tell her, "NO!........" She gloats because it is finding things. Then after the scan is complete, and only then, does she find out the truth...the scan was free BUT THEY WANT MONEY TO REMOVE THE SPYWARE!

    Well, the good news is I did make sure she got the genuine product. I feel sort of proud...I am not an authority, but I have awakened two happless surfers this week to the fact that there are solutions that you do not have to be an expert to use. I really hate to see people surrender to the Dark Side!
     
  2. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    check out swatit at the link.



    http://www.wilderssecurity.com/showthread.php?t=21757
     
  3. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    Hey, Big C!

    I read what you posted, and I guess that it is sort of a waste of time. I do infact use A-squared myself (although not for long). What i usually do is at least run every free spyware program once just to get a feel for it. This actually made a lot more sense when there were far fewer of them around. It is only recently I have been trying out trojan removers, and so far, my non-technical opinion is the two best i have tried are a^2 and Pest Patrol. Pest Patrol is strange but effective. Not unlike this poster! ...anyway thanks for the advice, I think maybe I will stop trying out the rest.

    Now here is the snap shot...maybe...if this is really a legitimate page then it might be time to change my screen name and lie low for a while :-*

    HandsOff
     

    Attached Files:

  4. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,877
    Location:
    New England
    SpywareNuker (from the image) is a problem... All you need to do is read the first post in this Javacool thread to see that it and some others are a big problem...

    http://www.wilderssecurity.com/showthread.php?t=7221

    Also, that image doesn't show a real Google search page, as in www.google.com, it shows a "Google search box" (real or bogus, I don't know) on a site who's URL is listed in your image and is at internet-connection-guide.com? Is that where you did your searching?


    Edit: Oh, we'll be moving this to "other security issues" (probably) a little later just to keep things organized.
     
  5. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    Hi-

    Sorry if i got my termanology mixed up with regard to Google Search Box versus page, ect...

    What freaked me out was that i (thought) i did the original search via Googles web page, and what i copied was the page i was sent to which to me appeared to emulate the return of one of googlse searches, meaning a list including what appear to be blue hyperlinks but are not. (did you follow what i said about my cursor not changing the way it normally does when it hovers over a link...if you dont than do this (if you are in a post writing window as i am...Put your cursor over "News: recent security news:" and your cursor turns into a skinny thing that happens when you are over text. then move it just a hair to the right to cover where it says "Security News" in red litters - now it turns into the pointing finger cursor that tells you you are hovering over a link---sorry i dont know the technical names for the pointers but what i ment to say is that the blue link look alikes were not links)...furthmor the layout with the ads off to the right were supposed (i guess) the mimic the typical ads to the right that Google (would have) displayed.

    Why did i think i was searching with Google? Simple, Google is set as my home page, so when i do searches i click home then type into the dialog box.

    Either i was Hijacked, or fooled, or something.

    I sort of panicked and ran every anti-virus, trojan, and spyware removal tool i have...

    but i may have by chance found a possible problem on my own. I looked at my internet downloads folder where activeX things are stored and i notice one of them said "Damaged" under status...I deleted it, because i did not like the looks of it, and figured i could downloaded again if i wanted to.

    maybe i am making a big deal out of nothing...i just feel so outraged when it looks like i have been suckered, though its just part of life i guess.

    I kind of wanted to figure out what happened, but i realize its sort of hard to reconstruct at this point.

    Sorry to ramble on an on. I am always glad you guys are here, but wish for the day when i can deal with these things on my own.

    -HandsOff
     
Thread Status:
Not open for further replies.