|
|
|
|
Adware, malware, spyware and hijacker help, discussions and information
|
|
Malware
Advisor Blog |
Heroes & Zeroes
Jump to: Zeroes Heroes listed first and then we'll get to the zeros I've only had the good pleasure of really knowing Steven the last year or so. What's always impressed me the most is his unwavered determination to getting things, any thing, as close to 100% right as possible. Regardless of how small a detail it is, it drives him crazy until he fixes it. I've had the pleasure of working with Steven on a few of his pieces of software as a 'beta tester' kinda sorta. Anything I reported was tweaked almost immediately. And he's developed some great stand alone tools, for several different areas in computing. Check out some of the software here He recently took over the database of hpHosts. Working off that he's developed several major tools for tracking down information about malware sites. To that end he has put forth hpHosts Online. An automated tool to look up if a site is contained in the hpHosts database. It also pulls Whois info for the sites queried as well as details of NameServers, other sites on the same IP and much more. PG, as we all call him, has gone into the trenches, deep within enemy lines, undercover and undiscovered on more than one occasion. PG is also a MS MVP. If he gets your company or website in his sights, you might as well give up, because he will expose you for what your doing, sooner or later. Currently employed at FaceTime Labs
The developer of this free program, Bill should be held in as high a regard as can be possible. Though, for some reason, Scotty The Windows Watchdog has never gotten the credit he so deserves. This little application can stop a trojan dead as they tries to install. It runs quietly in the background, never a peep until needed. Has some very nice features and couldn't be easier to install. Read about BillP and his decision to tell a vendor to keep his bundled toolbar and display the ethics and integrity that all vendors should show. And don't forget about the PLUS version, it has some nice features. Ben is another hero of the Web users across the Internet. His writings are always clear concise and he has been a consultant in many malware related legal actions against some of the biggest offenders. He has collected and documented several instances of known adware companies practices of installing unwanted programs which cannot be stopped, short of pulling the plug on the pc. He also has documented some of the most absurdly long EULAs ever conceived.
In this PCWorld article he gives some insight into his drive to develop the program and why he feels it important to keep it free. Along with addressing the scam sites which use his products name to fool people into thinking they are getting the original. Eric has become one of the most informed resources regarding any anti-spy application on the Net. He is one of the most prolific writers I have ever read. His own site is a testament to privacy and security available to all. The applications he has developed help countless users of the Internet surf safely every day. His Rogue\Suspect Anti-Spyware List while groundbreaking when it first was created has not been updated since May of 2007. He too now works for Sunbelt Software, makers of Sunbelt CounterSpy and Sunbelt Kerio Firewall This gentleman is another amazing man of dedication. He has taken on the task of exposing one of the most notorious group of people on the Internet today, the Transponder Gang. This group is responsible for two of the nastiest infections currently being downloaded from the Net via a series of hundreds and hundreds of websites across the globe, CoolWebSearch and VX2. He relentlessly tracks and exposes all they do. From one day to the next, again, doing so, as so many of these countermeasure heroes do, for no monetary gains, he helps make the Web a safer place for the likes of the regular Joe\Jane Web user. He too now works for Sunbelt Software, makers of Sunbelt CounterSpy and Sunbelt Kerio Firewall Andrew maintains an excellent site which has all the latest info regarding the lowlife scum who push unreliable and questionable anti-spyware programs. He is a vocal outspoken and well educated in the area of these parasites. Always great information contained here.
This organization was formed when the filth who write the likes of CoolWebSearch, and VX2 among other forms of malware infections, decided to launch a DDoS attack on SpywareInfo back a year or so ago. It was decided that there needed to be more than one place to go to if such a thing happened again, or, if for some other reason, users could not access the site to get help in removing invaders from their computers. All the forums listed with ASAP, can be trusted for good quality advice for removing infections from your machine. Merijn is the developer of many applications used to fight malwares, especially related to CoolWebSearch infections. His 2 tools, CWShredder & HijackThis! have been invaluable in removal of many infections across the board. HijackThis is a staple of all malware removal procedures. It should not ever be used by the untrained user, as it is a powerful application, and can render a machine useless if not used with care. He also has many other tools used for malware removal on his home page. The last two years have seen Merijn sell both CWShredder and HijackThis!, to Trend Micro. While HijackThis! continues to be used by many malware fighters, the good people at Trend Micro will not support it and have made no improvements to it since it's initial purchase. CWShredder has become obsolete and is no longer recommended to be used. Suzi started out in the spyware biz after feeling she got something installed on her computer she didn't want. She complained and didn't get the results she'd have liked. That company ought to be given credit because it started her down a path to expose the scum who litter the Net with bogus products. She hasn't looked back since. She now works for Sunbelt Software, makers of Sunbelt CounterSpy and Sunbelt Kerio Firewall. She is also an MS MVP
This is a group of people who I proud to call my fellow MVPS. This award is given to those who show their expertise and dedication to helping users across the globe on the Net and off in dozens of different categories. Users can always take comfort in that all these members can be trusted to offer information to the best of their ability.
No. 1 Zero: This group is responsible for such a great percentage of cyber criminal activity that it's amazing they have not been shut down. Perhaps it's due to their size and location, in Russia, that they continue to thrive despite being exposed and analyzed at every turn. If they ever do get taken down, the Net would breath a sigh of relief that would be felt globally. One of the most offensive bunch of greedy lowlifes I've come across since being involved with malware. Not that their product in and of itself is malware mind you, but it's all the sneaky underhanded, backdoor way they trick most users into installing their crapware. Shoddy affiliates are their biggest weapon. Unsuspecting users are their best friends. People who don't quite read the entire EULA or just want to get something installed quickly and miss a little detail about 'ad supported adverts' or the like. No matter how you slice it, nothing good comes from this software being installed, except of course to make the owners rich. Very rich. DollarRevenue Another group of sleazy low life scumbags ripping off users across the Net with their bundled adware foisted upon unsuspecting Netizens. After recent write ups by spyware researchers, they launched a DDoS attack against Webhelper. After recovering from the attacks, he promptly setup DollarRevenue Tracking Page to document each and every site they are affiliated with, along with all the advertisers and any other operations they are involved with. This group of individual & businesses is responsible for 2 of the biggest most difficult infections to remove off a computer on the Internet, CoolWebSearch Infections and VX2\Look2Me\Transponder. They have been infecting computers via their huge ownership of sites for years, and the list grows weekly, if not daily. Click on a link, and your machine could be brought to a virtual standstill, dragged down by the vast amount of malware and infections they DL onto your machine. If we could rid the Internet of this bunch, I would have to find a new hobby. See this amazing article which exposed the trappings that appeared online at MSNBC . Also follow this thread in our forum to keep up to date with the latest findings on their activity. Pretty much any program on this list can be considered a Zero. From outdated databases, to databases stolen from other legitimate programs to deceptive trickery in advertising. This grows almost daily, tho oddly enough, the scumbags who develop these apps rarely make any substantive changes, just some minor tweaks to the GUI and a name change. For those in know, easy to spot. COAST This is an organization which started out with humble beginnings. But early on Lavasoft, in what almost appears to be a moment of clairvoyance, one of the original founders of COAST, resigned from the group. Since then, it has been nothing but a slow slide downhill into a self inflicted decision to admit to their ranks the likes of WhenU & 180Solutions. With the recent resignations of Webroot and Pest Patrol the only vendors left are all of questionable ethics and tactics in one form or another. UPDATE***COAST Dissolved: Read here. They were the first to try legal threats, first against Castle Cops, then against Suzi. You can follow along in this thread in our forums to see how well they made out, but suffice it to say, they did nothing except waste their money. They were even challenged by Mike Healan\Spyware Info to come and get him. Guess who has never heard a word since? Direct Revenue Update: Direct Revenue Shut Down! This group is part and parcel of the Transponder Gang. This time the target was Eric Howes. Another fruitless effort to quite the people. Good thing they have all of that money to waste. Recently, Paperghost of Vital Security.org got the bug to make these guys pay for doing what they do, with regards to one of the latest malware threats, the Aurora\Nail infection. I'd be quivering in my boots if I were them. These guys are still yet another company wasting time, money and energy. They are trying to get Bill Pytlovany\WinPatrol to remove their name from being listed in WinPatrol's section of programs running. Read that again.....all WinPatrol does is 'list the programs running'......that's it!! Now, what idiot gave the go ahead for this action to be taken up? I'll keep these updated as needed.
This is the group which was responsible for bundling Aurora into Bitorrent, as was discovered by MS MVPS Security Expert Paperghost. Since he exposed their devious tactics, firstly, they were hacked, then I guess they decided to keep a low profile, because now you get a blank page. Its amazing what one man can do, these guys are the latest to be added to this list. ESTDomains and Inhoster\InterCage Now considered part of the Russian Business Network These two hosting companies may have more websites hosting malware than they do that don't and yet suffer no consequences for it. You can read some about Inhoster\InterCage here at Bluetack Internet Security Solutions If I had an icon which could convey what this guy is, and wasn't offensive, I'd post it. He is an Internet software thief and liar extraordinaire. He has routinely pirated software and passed them off as his creations. Even when presented with irrefutable evidence he still lies thru his teeth. One of the biggest offenses is that he lays claim to being an MS MVP. He is not and there isn't anyone in Microsoft who claims he is. If you read thru some of the Google search results presented above, you'll see just how despicable he is.
|
 |
 |
Andrew
Clover\DoxDesk
