Site & Forum Update

Well nothing to talk about. No word from my hosting company since last nite.
Both site and forum are up, tho I'm not sure how consistent it's going to be. I still cant publish or update the main site tho.

Site & Forums Down

Well it seems my hosting company has been experiencing some glitches in their hardware\software in the last week. Well, actually more like the last 6 weeks give or take, off and on, mostly with the forum access tho.

At first I was unable to publish the main site, but the forums were there, tho sometimes sporadiclly. Now, as a result of trying some things they recommended I try in my C-Panel, both the site and forums are now offline.

Needless to say this is very frustrating and they have told me that they are working with the vendors to try and resolve the issue.

I'll keep posting updates here as things progress.

Sorry for any inconveniences this is causing any of you. With a little luck they will get things fixed quickly.

Tom\TeMerc

VirusBurst: New Infector Files

New variants of VirusBurst have yet again reared an ugly head. The two latest files:

C:\Windows\System32\httge.dll

C:\Windows\System32\ggagksr.dll
Read More Here

SurfSideKick Kissin Kousin: Deluxe Communications

I found the latest from the gang at SurfSideKick while VML trolling. The relationship is noticeable in more than one way. Bleeping Computing have a nice write up here and compares file names and paths.

You can read about what my experience with was here in our forums

Forums down for maintenance

UPDATE 2: Forums will have sporadic access until posted here as of 1030AM MST

UPDATED: Forum is now up as of 9:45AM MST

The forums are down due to some hosting maintenance. In the mean time, why don't you check out whats on the the main site. Seems like a perfect opportunity, doesn't it?

From there you can check out a bunch of my favorite blogs or some of the newsletters I link to.

MS Fixes IE Exploit Hole

MS releases out of cycle patch for most recent VML IE exploit. Read More Here

IE Exploit Beginning To Spread

IE exploit begins to stretch its legs as more reports come in about entire servers being hacked and more users getting infected. MS responds that they may just even patch out of cycle and then there is a third party patch out too. Read More Here

SmithFraud\Zlob Updates

Another variant was found this week to be added into the removal tools for those infected with SmithFraud\Zlob infections. These guys try hard, but the anti-malware gang stays pretty much on top of these, not likely users will get so heavily infected with this one. Read More Here

Two Exploits Found This Week For IE

Two exploits have been discovered out in the wild this week, making MS look pretty incompetent. The potential for 10,000 sites to be using this code is a real threat. Read here and here

Slightly OT:Email Address Collection via Chain Mails

Seems some spammers are finally doing what I thought was a regular thing, collecting email addresses via chain letters or jokes. One of my pet peeves is the ridiculous amount of email sent with 150 email addresses in the header. And it usually seems to be that AOL dipshits are the worst offenders. Read More Here

StopBadware.org & FunWeb Products

The people behind StopBadware.org seem to have a connection to FunWeb Products. I happened across this while reading the latest from BillP, Bits From Bill whom for those not in the know, is the developer behind WinPatrol.

While investigating the description of an application in the WinPatrol PLUS database he found that one of the board members of the company behind FunWeb, IAC Interactive is also behind the Berkeley
Center For Internet & Society at Harvard Law School. And they just happen to be the primary backers of StopBadware.org.

Interesting to say the least. FunWeb's rep is less than stellar, tho not nearly as bad as other adware bundled types of apps.
Read More Here

Zango Dismissal: Requested by Plaintiffs

The other day I mentioned that a lawsuit against Zango had been dismissed. Sad news all around, except for the asshats at Zango. They proclaimed:

"We have maintained from its inception that this case had no merit. The dismissal vindicates that position," said Ken McGraw, Zango's general counsel in the statement. "[This] serves to confirm that Zango's desktop advertising software is not spyware in any shape or form and that our business model is entirely legitimate," he added.

But the truth of the matter was, the lawyers for the plaintiffs requested the suit be dropped!! Yeah thats right. The merits of the case itself were not in question, but rather the case could not stand up to the qualifications to become a class-action lawsuit. The lawyers at The Collins Law Firm are anxious to talk to any other litigants to move forward and begin action again.

Read More Here

PCBUTTS: Internet Software Thief?

This person has for the last year or so has been laying claim to several pieces of software which are used to fight malware. To just name a few:
SmithRem-Used against many of the SmithFraud\Zlob infections.

NailFix- Used against Aurora\Nail infections.

RogueFix- Used against some variants of SmithFraud

There are others as well. Some of these people he has allegedly ripped off are Microsoft MVPs.

When confronted he slanders his accusers, calls them vile names and is overall not someone who you would trust. He changes his Whois info and tries to hide his identity. He even began to offer help to users via email to avoid any detection by the security community.

Some of the originators of these scripts are contemplating legal action. But we all know how well that works on the Net.

The only other recourse is to try and shame him into doing the right thing. But based on comments found via a Google search for pcbutts it's an unlikely thing he will because it appears the right thing just isn't in his genetic make up.

But you can do the right thing, by spreading the word about this person. You can also do your part by complaining to the ISP hosting his site at:

Mr. Scott Knowles
Interland Shared Abuse Department Interland, Inc.
303 Peachtree Center Avenue, Suite 500
Atlanta, GA 30303
voice: 404-260-2477, opt 9 (ext 5260)
abuse@interland.com

Sites to seek assistance with your malware problems can be located in a collection of links located on the ASAP directory.

WinPatrol PLUS Info Free For September

BillP lets all users of WinPatrol access PLUS Info for September.

Read More Here

Gromozon Rootkit Removal Tool

The group over at Prevx have made a stand alone removal tool for this nasty bit of work. You can find it at here at Prevx