My Naļve Wife, Spyware, and Error Page Redirects - Webmaster General forum at WebmasterWorld - WebmasterWorld

Forum Moderators: phranque

Message Too Old, No Replies

My Naļve Wife, Spyware, and Error Page Redirects

I need my custom errors back...

woop01

6:46 am on Sep 29, 2004 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

[rant]

I just got done dropping $1,600 on a new laptop so I have a wider screen to test my websites and have a better laptop when I’m traveling. I can count the websites I have visited on my left hand and all but one of them belong to me.

However, my loving wife asked if she could use the laptop to check her e-mail earlier tonight. Now the brand spanking new laptop is INFESTED with every other piece of scum ware you can think of . Spybot found over 300 problems and Adaware found over 250 problems AFTER Spybot was done (none of them tracking cookies). She got an ear full about opening ‘greeting cards’ from her friends.

[/rant]

I use this laptop to debug websites and error pages aren’t just useful information, they are an absolute necessity. One of the programs she got changed something to make error pages redirect to some crappy search engine and they don’t show the error information. Spybot and Adaware didn’t fix this.

Does anybody know how to get my detailed error messages back? Right now, any error redirects to some scum search engine called incredifind.

Terabytes

7:28 am on Sep 29, 2004 (gmt 0)

10+ Year Member

IncrediFind manual removal:

Kill processes:
tipb.exe, hpztsb01.exe

Delete registry values:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Classes \ CLSID \ {5D60FF48-95BE-4956-B4C6-6BB168A70310}'
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Browser Helper Objects \ {5D60FF48-95BE-4956-B4C6-6BB168A70310}'
HKEY_CLASSES_ROOT\bho.eunivbho
HKEY_CLASSES_ROOT\bho.eunivbho.1\c:\windows\downloaded program files\ncaseinstaller.dll
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser\{4e7bd74f-2b8d-469e-aa8e-8e1ca787ad2d}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\powersearch
HKEY_USERS\s-1-5-21-1409082233-1390067357-1801674531-500\software\toolbar\urlsearchhooks

Unregister DLLs:
incfin~1.dll, incfindbho.dll, incredifind.dll, bho.dll, pwrs0108.dll, pwrs0rbi.dll.

Delete files:
incfin~1.dll, incfindbho.dll, incredifind.dll, bho.dll, pwrs0108.dll, pwrs0rbi.dll, hpztsb01.exe, tipb.exe.

Delete directories:
\incred~1\bho
\incredifind
\powersearch

That should help...

pete_m

7:55 am on Sep 29, 2004 (gmt 0)

10+ Year Member

I'd seriously consider using Firefox - so far it's immune to all that spyware rubbish, and it's got two fantastic extensions to help with web development: LiveHTTPHeaders [extensionroom.mozdev.org] and Web Developer [extensionroom.mozdev.org]

mincklerstraat

9:20 am on Sep 29, 2004 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

You could always get a separate machine for your wife - you have very different needs - you, stability and speed, she - probably more basic mail & surfing - this kind of thing can even lead to relationship problems if you're not the both of you stellar communicators. May well be worth plonking for a dirt cheap new pc, or a cheap secondhand laptop for her if it's laptop she wants. Yesterday, Encyclo tried Deli Linux (stands for 'desktop light', designed for old hardware) on a Pentium I 166 Mhz machine - [webmasterworld.com...] and that gives you mail, some basic surfing abilities, wordprocessor, and spreadsheet in a graphical point 'n click desktop envorinment (more if you install NN4 - and more with firefox if you've got a bit more juice than that). Scumware was one of the main factors in convincing me to do most of my work in Linux; I use windows now primarily for debugging for ie's problems. My girlfriend's machine is really slow now, probably because there's scumware all over it, one of her friends is really into those screen saver-joke attachment kinds of things

woop01

3:52 pm on Sep 29, 2004 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

Thanks for the help on the manual removal but either Spybot or Adaware already did that stuff (the files/registry keys/processes are all gone already. Everything else looks normal now except for the error pages.

Regarding my wife...

We talked this morning when she got up and she realizes what she did. We’ve agreed that she can use the old laptop to check her e-mail from now on.

I'd seriously consider using Firefox

I typically do but for debugging websites, I obviously use IE, Netscape, and Firefox to see how the sites look. I just hadn’t had a chance to download Firefox yet on this laptop. Does Firefox help in preventing the problems from getting on the computer or is it just a matter of no viruses being programmed for it yet?

[edited by: woop01 at 3:57 pm (utc) on Sep. 29, 2004]

Chndru

3:54 pm on Sep 29, 2004 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

>>Does Firefox help in preventing the problems from getting on the computer

Do i hear ActiveX?

woop01

3:56 pm on Sep 29, 2004 (gmt 0)

WebmasterWorld Senior Member

10+ Year Member

lol, point taken.

ytswy

5:10 pm on Sep 29, 2004 (gmt 0)

10+ Year Member

One additional idea would be to use Prevx (free home edition), downloadable from here:
[prevx.com...]

Among other things it looks for registry modifications, and can be set to prompt for a password for every such attempt. If you want to keep with one machine, and the problem is more opening email attachments than unrequested downloads while browsing, it might help.