incredimail – malware in disguise
Well, I finally got my first dissatisfied customer.
A lady needed help re-installing ADSL internet, after a PC rebuild. She didn’t have her adsl password, so I just got the isp to reset the password.
End of story (so I thought).
I get called back a few days later (she used incredimail before the pc rebuild & really liked it) saying she doesn’t like outlook express & needs to have the outlook details entered into incredimail (which she installed herself).
No problem, I copy the details across, & while I’m there, she is happy for me to install my anti-spyware software and disable outlook express, so she can only view existing messages, but not send or receive new emails. She doesn’t have the full payment, so I let it slide, & she says that the remainder will be waiting for me next time I’m passing by.
I pass by 2 days later & she asks if I can take a quick look at a printing problem. Printing from incredimail only seems to print a “screenshot”… ie the to & from fields, a scroll bar, and only part of a message.
I notice the printer has been re-installed a few times & she complains about how intrusive winpatrol is… and how outlook express is still active.
What? I had put false pop & smtp server names into OE, so there is no way it can still be active. I take a look & I can see OE has about 4 emails sitting in the outbox (but not sent). Obviously someone mistakenly wrote those emails in OE instead of incredimail. I try to subtly hint at this. Hint is probably too subtle, as there is no acknowledgement by the customer.
I leave OE, disable winpatrol, & focus on shittymail incredimail. But it has no print preview & doesn’t have much in the configuration/customisation area.
I reboot, to see if maybe winpatrol was somehow preventing incredimail from doing things it shouldn’t be allowed to do…
Wait 2 minutes at the shutdown screen before using the power button to force a switch off.
Wait 3 – 4 minutes at the xp startup screen, before realising that there is no disk activity, but also no login screen (just the XP bar moving across the screen).
Great… just what I don’t need (car is acting up, its 4:30 & I was trying to get to the mechanic by 5:00… that won’t happen now). I restart in safe mode & disable all startup programs (from the startup folder & from the registry). But the system will not boot into normal windows mode…
Anyway, she wonders aloud about just how experienced I really am & she is not at all happy about what I have done (and what she has paid). I offer to fix the computer overnight & bring it back to her the next morning, but she refuses. So all I can do is give her a full refund, and apologise … although I didn’t do anything that could have caused the computer to behave like it did. She “knows” I’m the only one to have worked on the computer, and so it must be me, since it was working perfectly when I connected the ADSL internet.
I didn’t mention that she installed the printer drivers & incredimail… it would just inflame the situation.
The next morning she sends an email saying that the computer started normally that morning & that there are no hard feelings. (and maybe I should carry a database of all known computers with me, so that I can fix these sort of problems).
From now on, I won’t work on systems that have incredimail (except to remove it like any other spyware infestation).
I use AVG Free (http://best-antivirus.org/) to get rid if this malware and it works better than the ones you need to pay for.
Sorry about that link.
Yep, avg is good, but on its own, it doesn’t stop spyware and spyware-like programs (like incredimail).
For spyware, I’ve started using windows defender a lot. And I’ve found AVG anti-spyware to be the most effective program (but you need to pay around AU$65.00 per 2 years). I highly reccommend AVGAS… Its worth the money.
I know good tool,which works with Outlook Express files and possible Outlook files,it has many features,also it is free-rebuild outlook express,software can resolve data corruption issues for Outlook Express email client,works with one of the most vulnerable elements of information systems,helps and it does not matter, what happened with your mailbox,works with Outlook Express versions 5, 5.5, 6 and all currently supported versions of Microsoft Windows operating system,preview all messages, that can be successfully retrieved from corrupted files with dbx extension,recovery of all emails from your mailbox in dbx format, if these dbx files are seriously corrupted and Outlook Express there was an error opening this message,will save separate files of eml format, that can be accessed by any email program.
We at IncrediMail understand your frustrations and would like to try and help. We also encourage you to share any feedback with us at this link (http://www.incredimail.com/english/contactForm.asp?deptSelect=1)
IncrediMail is not spyware. We are certified by industry leading groups as 100% spyware free. In fact, IncrediMail vehemently opposes any kind of behavioral targeting and believes strongly in providing our customers a safe and free email experience. (http://www.incredimail.com/english/incredimail/safe-and-free-incredimail-download.aspx)
Thank you for considering IncrediMailâ„¢. And please visit us at http://www.incredimail.com to learn more.
The IncrediMail Media Team
Incredimail is responcible for so many problems, its plethora of issues, conflicts, injection of Malware into other systems is well known by techs world wide.
I empathise Luigi, our policy after being repaetedly indirectly effected by customers ignorance is to tell them the truth.
Lets face it, the majoroty of our customers cause their own problems, (not intentionally obviously) but it gets to the point that we are no longer willing to take food off our table because someone who is ignorant may be upset that their broken PC continues to break after they change their mind or don’t want to pay to get it fixed at the halfway point.
Our client base is 80% good, 14% OK, but we now fire the 6% of ignorant technophobes, some before we’ve met them on the phone & some immediately after the first & last job. Life is too short. tell it like it is & only refund when you’ve actually made a mistake & not when someone without a clue assumes you have.
HMMM lets see addressing both the host here and incredimail or as I think of it, incredulousmail!)
I installed it as I had done some browsing and had not been satisfied with the offerings of stationary I had found available for use with MS Outlook or rather the lack of it. That and I haven’t seemed to find the right combination for making my own stationary templates as some sites have suggested is available.
So in short I downloaded Incredimail “hoping” yet doubting it would be of much value.
I received no spyware warnings or the like from Mcafee or Malwarebytes so proceeded. In the following days I have continuously had to change my home page back to what I had it set to despite settings that prevent it from being changed. My first clue it must be some sort of spyware. My computer has frozen and had various other issues since using this program. I am also amazed at all of the places i have found its entries of one kind or another in my registry.
Thus I will be removing it asap!
For anyone considering downloading and using this junk you may want to know ahead of time that you will be asked and required to give your password and user name to any email accounts you opt to use with incredimail.
I absolutely feel my security has been compromised at best, I fear worse. After uninstalling and a full online virus/spyware scan and a run of CC-Cleaner, I will be changing my passwords to the accounts used since I installed the program a few days ago.
In short if you value your computer and privacy don’t do it. no amount of stationary is worth the possible risks posed by a program that changes your home page despite settings to prevent such, causes IE crashes and errors and who knows what else.
NO thanks incredimail you may be ranked by those groups however I wonder if the program hasn’t changed since you received those ratings? Or if the ratings mean as much as companies tout? Anyone?
Incredulously,
Christine
I have done a lot to deal with my new WordPress program, but I still could not until I meet this post, I really know more about how to deal with it!
Anyone working in IT supporting home users has my sympathy these days.
I did it for 8 years and threw the towel in April 2008
Went to work in a non IT related job.
I’m rebelling these days having moved all my PC’s and Server to running Linux.
For what it’s worth, a client is using Incredimail and I have analyzed the source of their correspondence and found no cookies, or external references with unique identifiers, and no scripting. It does have embedded image attachments, which though annoying, are benign. What it does on the side of the user using it I cannot say, though responding to posts I may have seen elsewhere questioning why it requires your email address and password and mentioning that their servers process your mail: How else is it to connect to your mail server and obtain your email for you, and how else is it going to send your email – just like ANY other email client software?
My conclusions? The jury is still out, more data needed, but definitely no conviction yet.
Incredimail is NOT Malware. Proffesional software such as BullGuard IS even has a Spamprotection for it, AND it’s a Microsoft Partner. Yea, sure, Microsoft gives out partnership to hackers. We are NOT talking about SmileyCentral here.
Incredimail – certified 100% spyware free? Hmm.. I just drove 2 hours to remove this software from my parents’ computer. They have no idea how it got on their PC and took over. They called the number on incredimail.com and were told it could be removed if they paid $69. They said (as any normal person would), “WHAT? We do not want to pay to have this removed.” The foreign person on the other end of the phone line, with a sound clarity as though the connection were to the other side of the world, replied, “Good bye.” and hung up on my father. I think this sounds 100% like malware.