Jump to content


Photo

RC's Computer Lab hyjacked my machine ?


  • Please log in to reply
No replies to this topic

#1 hushabi

hushabi

    Member

  • New Member
  • Pip
  • 2 posts

Posted 24 October 2004 - 03:21 PM

Hi

I had a big (ish) attack/hyjack happen a couple days ago from a site claiming to be run by "RC's Computer Lab" that left me fuming :excl:

Here's how it went:

I was looking for a 'freebie' hard drive monitor as my system has been crashing alot & it doesn't have a reset button which means 'pulling the plug' more or less everytime it crashes....anyway I googled looking for a suitable bit of software, having tested everything & updated etc. with no luck I came accross a site "fdepot.com" that seemed to have what I was after.

Like alot of sites I've visited lately, the windows 'security screen' came up then the website gave the animated instructions on getting rid of the bar to access the site - i.e letting active X do it's stuff so I could enter the site...next thing I know AVG is telling me that 2 Trojans & a dialler have got on to my computer - I thought hey, no problem, I'll run AVG & do a hyjackthis scan after - just a dodgey site with a couple viruses....

AVG took 12 minutes to complete, mean while Bargain buddy, 180 solutions, Webrebates (part of Toprebates)Wincom & the bulleye network had made themselves at home on my machine too!

Having used Hyjackthis for the last couple years, I managed to get them off my machine, I also had too unsubscribe to all these nasty bits of software that I didn't agree or sign anything to say I wanted - they just auto installed like the 'Driveby' downloads - I haven't come accross these in awhile so was surprised at how quick they got in.

180 solutions reminded me on uninstall that they were a 'permission based' bit of software - which bugged me :p , the bulleye network (or wincom?) had a really 'odd' uninstall method - I had to answer a series of questions that were more like riddles & yes/ no answers obviously designed to trick a person into giving up the uninstall. A site called winupdate.com had also downloaded something on my machine (around 15 minutes after the other stuff) which activated itself when I zapped wincom - it told me how THEY had got rid of wincomm FOR ME (oh thankyou, not) and would I like to buy their spyware remover!

I'm not too worried about the attack (I have most of my essentials backed up on an external drive) & I know the risks of using freebie sites, most of them just try & change my homepage or search, which can be fixed with a qick zap of hyjackthis (I don't know how anyone survives the net without it, personally:)

I've looked up the Company in Google & done whois etc. and from what I can gleen from it, the bloke that runs ithe company is a software engineer that designed a gadget that went the way of Gator & it's buddies in the 90's - the software is still beening sold by Highstreet retailers like PC World/yahoo (overture surprise, not) - yet he is allowed to legally bundle permission based software without permission ?

I feel like complaining to their hosting providers for a start...

If Mr Brock has been hyjacked himself - and the 8,000 + links to his sites aren't all riddled with this c**p - then I apologise Sir - (I'm not going to test everyone of them just yet to find out) It's also pretty darn easy to put BIG notices up on your legitimate websites if this is the case (that google can read) telling potential customers to "beware of fake sites installing rubbish using our name" I managed to get a faker 'passing off' my name by doing just that - Something like "the site below me is a fake..." would be a start - as Mr Brock has made no obvious attempt to inform in search results & the offending site is ranked at no.2 in the search engine for his company name - I can only presume he is responsible for creating the site & it's gooey contents.

I think I feel better now.... :glare:




Member of UNITE
Support SpywareInfo Forum - click the button