Another Hack!

[mf_dolphin]

Ducky, the Incredifind is definitely adware. Here's the instructions on removing it.

Detection
Bazooka Adware and Spyware Scanner detects IncrediFind. Bazooka is freeware and detects spyware, adware, foistware, trojan horses, viruses, worms, etc. Read more »

Uninstall procedure
Uninstall IncrediFind from "Add/Remove Programs" in the Windows® Control Panel.

Manual removal
Please follow the instructions below if you would like to remove IncrediFind manually. Please notice that you must follow the instructions very carefully and delete everything that is mentioned. In most cases the removal will fail if one single item is not deleted. If Bazooka still detects IncrediFind after stepping through the removal instructions, please double-check by stepping through them again.
Start the registry editor. This is done by clicking Start then Run. (The Run dialog will appear.) Type regedit and click OK. (The registry editor will open.)
Delete 'HKEY_LOCAL_MACHINE \ SOFTWARE \ Classes \ CLSID \ {5D60FF48-95BE-4956-B4C6-6BB168A70310}', if it exists.
Delete 'HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Browser Helper Objects \ {5D60FF48-95BE-4956-B4C6-6BB168A70310}', if it exists.
Exit the registry editor.
Restart your computer.
Start Windows Explorer and delete:
%ProgramsDir%\IncrediFind\BHO\incfindbho.dll
Note: %ProgramsDir% is a variable (?). By default, this is C:\Program Files.
Start Microsoft Internet Explorer.
In Internet Explorer, click Tools -> Internet Options.
Click the Programs tab -> Reset Web Settings.

[GalvestonDuck]

Thanks, Marshall!

[mf_dolphin]

Duck this is a real pain to get rid of. These people should be shot on sight!

[Lindaloo]

Poor Duckie!! Sorry you got that mess. I did not get anything on my computer when visiting S2K.

[vbhoutex]

This may be a stupid question Steve, but I am going to ask it.

Is there not a way that our server can be locked down against more hacks? I think I am going to answer my own question here though. Since these are obviously not some kids fooling around they can get through anything they want I guess???

[Rainband]

Thanks Steve ,Marshall and John. We all appreciate your efforts Keep up the Great JOB.

[DROliver]

vbhoutex
The only way is to take the server offline.But every minute that goes by the doors are being locked!

Steve O.

[therock1811]

These SOB's need to be caught and QUICKLY!!! Thanks Steve and the rest of the team!

[weatherlover427]

Grrrrr what idiots Hope they can be caught quickly and punished severely!

[Aslkahuna]

to catch the hackers because in most cases they use a surogate computer that they have hacked into earlier to launch the attack. This second system may be a completely innocent one except that it is being used unknowingly to launch the attack.

Steve

[BocaGirl]

Is there any chance this hacker did something so that we would get spyware on our computers when we access Storm2K?

I had a bear of a time with my home computer the other day and kept getting linked to "www.incredifind.com" whenever I tried to first log in to my primary DSL page. Other regular pages wouldn't load. The SBC guys had me uninstall and re-install my software for my DSL and then ran a couple of other things. Haven't had any problems yet, but then again, I've only logged in at home once since the 3 AM attack and have yet to really give it a look to see if "incredifind.com" is going to visit my webpages again.

And now, here at work a couple of times, the same thing is happening. I ran Ad-Aware and cleaned everything but I still got it (incredifind.com) about a half hour ago.

Since Yahoo, FoxNews, MSNBC, Ebay, and Storm2K are the basic sites I surf and since S2K is the one being subjected to these idiotic attacks, I just had to ask.

Anyone else getting re-directed to incredifind.com when you try to visit a webpage?

(And darn it, if it didn't just happen again when I tried to hit submit. Closed my browser and got back here...but I'm wondering what the heck?)

Duck,

I manage a computer network (my day job!!!) and Spyware is one of my biggest headaches. Try fighting fire with fire.....go to http://www.incredifind.com and then scroll to the bottom of the page. There's a link that says Remove. Click the link and follow the directions to get rid of the software.

I have found that croaking the pests this way works better sometimes than using third party software.

BocaGirl

[chadtm80]

http://www.lavasoft.com <---- Duck get ad aware

[ColdFront77]

Is it possible someone from another message board is hacking us here?

[mf_dolphin]

All it takes to be a hacker is internet access and knowledge. It's a lot easier for some to tear down what others have built instead of building something themselves....

[breeze]

If downtime is what it takes to get the server back up
and running, then, that's what it takes. I suppose old
e-mail pals will be saying, "Hey - why are you suddenly
talking so much?"

Steve, 'ya gotta do what 'ya gotta do. I hate it that
SOMEONE NEEDS A REAL JOB,
but, we're hanging in there!

[VanceWxMan]

I am sorry to hear of the hack job that you have encountered This is a GREAT site with great peeps and to see you attacked like this really gets under my skin!

While you are down You are more than welcome to post at WxChat.com. I have guest posting allowed in the Lounge for those that are not members or do now wish to join.

Aaron

[rainstorm]

how do you know if you have this "incredifind" in your add/remove programs? i dont think i have it, but how do you know? thanks

[GalvestonDuck]

Chad...Already have it and ran it...to no avail.

Helen...trust me, you'll know. It will irritate the heck outta ya!

Barbara...thanks! I'm going there now.

[wx247]

How sad... But we will not bend to the wills of the hacker(s). This will Storm2K stronger... in the end.