Overland software unwhittingly install,was it sending data!
Goto page 1, 2, 3  Next
 CastleCops -> Privacy
Author: forwardupLocation: Melbourne PostPosted: Tue Jul 05, 2005 1:18 pm    Post subject: Overland software unwhittingly install,was it sending data!
Hi team,

I have just removed from my computer a program file called 'Overland', that I found in C/Program files.

Thinking back it has been there for 5 months or so, and for five months I have been seeing an icon in the task bar appear for one second then dissappear. Immediately after the icon disappears, ZA Pro icon flashes green, as if info was being sent out.

No matter how I tried, I couldn't open the icon that appeared in the task bar by clicking on it. The icon was a white rectangle with a blue line on the top.

I had a HiJackThis log done a few months ago, and the forum here said it was clear. I run TD3, Norton AV 2005, AdAware, Spybot S+D 1.4, MSAS, A2 Free, Trojan Hunter, and do online scans for AV with Trend Housecall.

Nothing indicated that there was a problem on my computer.

However, it appears that since this evening the strange icon is no longer appearing.

The concerning thing is that when I do a Google for Overland, I find they do backup software and hardware backup and off site backup stuff, here is their link:

http://www.overlandstorage.com/about_overland_landing.html

I am really concerned that the overland program has been sending out my data for months...what do you think?

I believe that the Overland came through a HP Software AutoUpdate, as I clearly remember the occurence. I have worked with HP online virtual techs tonight, and they say it [overland] is nothing to do with them. They helped me remove it by directing me to go into safe mode and Search for overland, and delete all there.

What action should I take?

Has anyone else heard of this program....and clues or practical advice on the possible breech in my secuirty would be most welcome

Thanks for reading this post - I really value your time!

Rgds

Forward Up
Author: Prince_Serendip PostPosted: Tue Jul 05, 2005 5:27 pm    Post subject:
Hi forwardup,

You wrote:
They helped me remove it by directing me to go into safe mode and Search for overland, and delete all there.

What action should I take?


If it has been removed, then no problem. You might get Crap Cleaner (freeware) so you can delete any remnants from the registry?

Was it not in your Add/Remove Programs?

If you dislike this program then remove it.

If you need a backup program that does not phone home you can try the Karenware Replicator (freeware). I use it and it works fine.
Author: forwardupLocation: Melbourne PostPosted: Tue Jul 05, 2005 8:13 pm    Post subject: Overland underhand?
Thanks for your quick reply!

I could not see Overland in +/- Programs.

When I looked at the 'Programs' tab in Zone Alarm Pro it was not listed there either.

Do you recommend I change all my passwords - I would like advice as to just how much/type of information it 'could' have sent out. The program size of Overland was 7.78MB [quite large don't you think?]. Sorry, I know this question is a bit like how long is a 'piece of string'.

I certainly didn't install Overland with it in mind as a backup software program, only that it was a 'recommended HP Update'. But they[HP] say it was not from them at all. But I am absolutely sure about the window that opened for the HP Update, and I have checked back through my comprehensive paper trail log, [yes, I keep an A4 pad next to me at all times to jot time and events down ].

I have emailed the company Overland, and have requested more information on them with regard to the specific software and what it might have been doing. I will post here with any response.

When I looked in Task Manager I could never see Overland in 'Applications', and when I ran the program 'StartUpList', I couldn't see Overland in that log either.

I am obviously feeling a tad paranoid, and wish to 'tease out' and debrief on this issue.

Thanks again for your time and energy in replying!

Forward Up
Author: Prince_Serendip PostPosted: Wed Jul 06, 2005 3:49 pm    Post subject:
Is your PC second-hand or is anyone else using it besides you? That could explain where this program came from? Overland is not malware so it didn't install itself. Did you install any freeware program bundles?

It seems to be gone now. The size of the Overland application is not an issue here. 7.78 Mb is smaller than many Microsoft updates. Wink

Crap Cleaner shows you what it finds before you decide to delete it. You can fiddle around and analyze as often as you like before deleting stuff. You can specify scanning particular folders in the Options menus. It can also cleanup your Registry easily and safely. It will ask you to make a backup of the registry before you make any changes. Do so.

Crap Cleaner will not automatically remove any system files/folders. I've tested it.

By clicking the Tools button you will get an alternative to the Add/Remove Program list that is far easier to navigate and use. You can delete entries that have been uninstalled but are still listed there or run the uninstallers for any you wish to remove. It will also show your startup list (2nd Tab) so you can see what is loading when you start your computer.

Screenshot
image
Author: DreamingFox PostPosted: Thu Jul 07, 2005 4:41 pm    Post subject:
Hello forwardup,

In addition to Prince_Serendip's advice, I would suggest that you start monitoring what programs run automatically when you boot your computer (the Startup tab under the msconfig command doesn't always tell you everything).

WinPatrol has a free verson (available at www.winpatrol.com) that is easy to use and provides many other features in addition to a startup manager. Also try StartupList (available at http://www.lurkhere.com/~nicefiles), which is a utility that will tell you everything, but performs no actions.
Author: Prince_Serendip PostPosted: Fri Jul 08, 2005 3:51 pm    Post subject:
Thanks Fox,

That helps too. The more the merrier. Thumbs Up
Author: forwardupLocation: Melbourne PostPosted: Sat Jul 09, 2005 12:21 am    Post subject: CCleaner
Hi Prince_Serendip

Prince_Serendip wrote:
Is your PC second-hand or is anyone else using it besides you? That could explain where this program came from? Overland is not malware so it didn't install itself. Did you install any freeware program bundles?


Thanks for the great advice and useful insight into CC. I will check it out!

I have sole use of this computer, and I definately remember Overland arriving by the HP Update ( HP use the Backweblite program for this - incidently I have now removed all Backweblit traces using Spybot S+D 1.4]

Over this weekend I will be going back over all the paperwork files that I have made with regard to alerts and downloads to try and identify exactly the time and details of the Overland download.

I'll post back here with the results.

Thanks for your time on this issue.

Forward Up
Author: forwardupLocation: Melbourne PostPosted: Sat Jul 09, 2005 12:29 am    Post subject: start up program monitoring
DreamingFox wrote:
Hello forwardup,

In addition to Prince_Serendip's advice, I would suggest that you start monitoring what programs run automatically when you boot your computer (the Startup tab under the msconfig command doesn't always tell you everything).

Also try StartupList (available at http://www.lurkhere.com/~nicefiles), which is a utility that will tell you everything, but performs no actions.


Hi DreamingFox....thankyou for dropping by and adding your useful advice and recommendations for programs to monitor startup programs. I have actually been using StartUpList since about the same time as Overland arrived on my computer...and looking back at the logs that I saved I cannot infact see Overland in any of those logs.

Makes me really curious about what exactly was going on...and after tidying up a few more emails I am going to look through my paper trail and see if I can uncover some more info on Overland.

I'll post back here over the weekend.

I really value your time - thankyou!!

Forward Up
Author: barbula76Location: USA PostPosted: Thu Jul 21, 2005 1:22 pm    Post subject:
Hi - new to the forum.

Arrived here via Google search for Overland malware/spyware.

I, too, discovered Overland residing in my C: /Programs.
Had no idea of its intent, could not remember downloading.

I often(once a minute?) see, for a split second, a program on my task bar.

I have a HP notebook, and used the HP Update. I think that is where Overland came from, too. When I use my Windows Explorer, and hold the curser over some of the files in Overland the popup bubble says the Author is HP.

I intend to delete Overland immediately, but like forwardup, it's not listed in +/- Programs, nor in a commercial uninstaller I use(Advanced Uninstaller).

Should I just use Windows Explorer and delete the entire folder, then run a regcleanup program? What is the safe mode deletion?

Thanks
Author: Prince_Serendip PostPosted: Thu Jul 21, 2005 4:01 pm    Post subject:
This needs investigating. I previously assumed that Overland was on the up and up and now I see that could have been too hasty a judgement.

I too have an HP that had Backweblite factory installed. I removed it manually because when Spybot tried to do it, it always crashed. I then used Crap Cleaner to remove the remnants from the registry.

Crap Cleaner is the 5th one down on this download list: CastleCops Link/downloads-cat-29.html
It's freeware. See above post for screenshot.
Author: barbula76Location: USA PostPosted: Thu Jul 21, 2005 7:00 pm    Post subject:
Thanks - will dl Crap Cleaner tonight and get to work.

Great forums btw - a real eye-opener.

I assumed I had my malware/spyware/trojan bases covered by using SpyBot S&D, Ad Aware, and SpywareBlaster.

Not so sure anymore - thinking of going commercial grade with TDS-3.

Maybe overkill, but sorta freaked atm.
Author: forwardupLocation: Melbourne PostPosted: Fri Jul 22, 2005 9:49 am    Post subject: I removed Overland - HP deny any connection with prog.
Hi

Here is the update....


I spoke with HP support and they have no records of any Overland software used on any HP machine. However, looking back through my notes Overland arrived through the BackWebLite HP Update software preinstalled on this HP Pavilion I use.

I was directed by HP to go to Safe Mode, and delete Overland completely, which was avery simple and straightforward job.....[when computer is up and running, click >Restart> and then as soon as the Desktop clears away repeatedly press the F8 key until the computer begins to boot into the black and white screen, then choose the options using the 'up and 'down' keys to go completly into Safe Mode].

Once in Safe Mode go to the location of 'Overland' and delete the whole file in one go. That's all - done. Reboot the computer.

I was asked to check the Registery for Overland entries left behind, but there wasn't anything.

I then ran CCleaner and thats it.

I have no problems with the 'weird program icon' appearing for a split second in the task bar.

barbula76 hope you get your Overland issue fixed, I'll watch this thread to see if anyone posts back.

Cheers

Forward Up
Author: Prince_Serendip PostPosted: Fri Jul 22, 2005 4:51 pm    Post subject:
Sounds like a good fix, and it works. It may be that Backweblite downloaded it for you, after you went online? Either that or it came bundled with some other application?

Nice work in any case. Btw, Crap Cleaner is just a utility. It does not clean malwares, just junk files. Wink
Author: TheophilusLocation: northern carolinas, USA PostPosted: Mon Aug 15, 2005 12:45 am    Post subject: deleted Overland folder but task bar icon still appears
I had the exact same problem as described in the initial post. I deleted the Overland folder from Program Files, but the task bar icon still runs every few minutes. It shuts off my screen saver, but doesn't seem to communicate with the outside world according to ZoneAlarm. Any ideas why the icon still pops up? I'm running Win2KSP4 and have had this problem since doing an HP update. Thanks.
Author: Prince_Serendip PostPosted: Tue Aug 16, 2005 4:31 pm    Post subject:
Hi and welcome to CastleCops Very Happy

Theophilus wrote:
Any ideas why the icon still pops up?


Have you done any further HP updates? If the icon is still there, then so is Overland. Have you tried searching for it on your HD? It may be in another location?

How to Show Hidden Files & Folders for all versions of Windows.
CastleCops -> Privacy

All times are GMT

Goto page 1, 2, 3  Next
Page 1 of 3


Powered by phpBB © 2001 phpBB Group