Zango Edits Correct Info From Wikipedia

Once again, Paperghost has compiled several edits from the Zango Wikipedia page to point to where information seems to be 'disappearing'. Coincidently those edits are coming from the same IP as the Zango home office and actually point directly to edits made by their fearless, yet obviously not-too-bright ring leader, Daniel Todd. For the entire scoop, which is now up to part four read here and laugh at their stupidity.

Sorry For Not Blogging

Well its been a couple of weeks since I installed Vista and last blogged...............about anything. But beginning this week, I'm going to try and post every other day at least.

The last two weeks, Jr. had his spring break and with Vista installed, there was lots of learning new things. So this blog suffered.

Apologies for any who came here looking for anything new. The forums of course are where all the action is.

TeMerc Installs Vista Ultimate

I've finally gotten around to installing Vista Ultimate, and it's pretty neat so far. Not so great that I'd be telling people to buy it, mind you, but it is neat. I have a couple of threads in our Vista Forum. Check 'em out.

WinPatrol 2007 v11.2

BillP has just released a new version of WinPatrol with some nice tweaks to make using Scotty in Windows even better...if that's even possible. Read More Here

We're In PCMag!

TeMerc gets a mention in PCMag article! W()()T!!

Check It Out!!

hpHosts Restructuring

One of the mods at my forum, good friend and developer, Steven Burn who has had a great freeware site, Ur I.T. Mate Group has also been keeping up the hosts file entries for hpHosts for the last several months.

There have been some changes and all users have had to re-register. So if you had not been a member previously now is the time to go and register

SiteAdvisor Maps Malware Domains

McAfee's SiteAdvisor blog maps the malware world of domains. Providing stats on where the worse countries are who host the malware sites on the web. The most volatile countries? Russia and Romania. Worse overall domain? .info, with .com right behind it.
Read More Here

Merijn Sells HijackThis!... Oh Noes!!

Merijn, creator\developer of many specialized tools, notably HijackThis!, has sold said tool to Trend Micro. Read More Here

Purchase Software From TIC

I'm happy to announce users can now buy security software via TeMerc Internet Countermeasures. You can read all about it here

New Version Release: WinPatrol 2007 11.1.2007

BillP Studios released the official version of WinPatrol 2007. [Read More Here]

Git Yer Vista Info Here!

I'll be keeping a fairly close eye on Vista related stuffage now that it is released to the mainstream public. [Read In Our Vista Forum]

MySpace Pushing Malware WinAntiVirus\Drive Cleaner

Users of MySpace face a malicious software via ads in the form of WinAntiVirus\DriveCleaner\ErrorSafe. These are all rogue anti-spyware applications. It's the latest of dangers for the multitude of users. [Read\Discuss]

MS Extends XP\MCE Support to 2014

Microsoft has announce extended support for Windows XP and Windows Media Center Edition. This is good news for most of those users. As it is, the over all consensus has been that most will wait a while before upgrading to Vista. I don't see this as a good sales bolstering move. [Read\Discuss]

MSN Live Messenger Trojan Out

This one is a password stealer so users need to verify before clicking links and always pay attention to re-directs to log in pages. Always click your original saved bookmark to get back to the correct page. Never trust re-direct links which require you to 're-log in'.
[Read\Discuss]

Storm Worm Spreading, Adapting

This latest email nasty has many variants with multiple titles and has changed its over all theme from news to romance. Be sure you don't answer any emails from unknown sources and have your av up to date. [Read\Discuss]

WinPatrol 2007

BillP, creator of WinPatrol has just announced WinPatrol 2007 Beta. And it has a kewl new feature: 'Delayed Start'.
[Read Discuss Here]

TeMerc vs PC ButtWipe: Round 2

Well it seems a mystery has begun. The cached post of Mr.ButtWipe where he called me a troll has reappeared in his blog archive. Interesting isn't? I'm sure he'll attribute that to some sort of blog glitch or something.

Another thing occurred too. Two of the names he mentioned as 'good guy' MS MVPs cannot be found on the public awardees site. There is tho one of them who is actually an MVP. It will be interesting when he is contacted about Mr.ButtWipe dropping his name and declaring him a 'good guy MS MVP'. I'm sure that he will be sure to add that amazing acknowledgement of being considered as a good guy MS MVP. I know I'd run and add it to my profile.

Speaking of my profile, you can see it off over there, to the right. Is there any such link on Mr.ButtWipes blog? Or any of his sites? I don't think so.

Well Brian, I suppose I also ought to give your name a search for in the MVP profiles, and see if it pops up, eh? Does Diane know you're up to no good? I can't imagine she would approve. Unless of course she is your female alter ego. Much along the lines of all the users who post in your defense.
[Read Discuss Here]

PCButts: Coward Behind The Curtain

Well PCButts is making a saddened attempt to discredit me. He says I'm a troll because I am trying to get him to come out from behind the relatively appropriate handle of PCButts1. Of course we all know him more to be PCButtWipe1.

Why? Because in my opinion he is a lying, lowlife scumbag Internet softwaret thief. He even wrote a post about me back in December, but saw better to remove it, but I have a Google cache of the post. [Read Discuss]

Zango Does Teen Porn...AGAIN!!

Well it looks like the scumbags over at Zango are at it again. Teen porn is their new frontier. This is one heck of a way to start off the New Year. [Read Discuss Here]

Beware SpywareBot & antispyware.com!!

Thanks to some info from the Sunbelt blog, this website, which was recently sold for $500,000 has an app associated with it that is less than dependable to say the least, SpywareBot.

Need to purchase to remove 3 mild registry entries, and over look dozens of malware files stored in a regular folder. Can you say 'scam'? Sure ya can, say it with me now.......[Read | Discuss Here]

Scam Sites Storm!!

Scam sites have been on the upswing as of late, so I decided to make a sticky thread just to deal with them. They include sites that try to trick users into downloading some sort of POS anti-spyware (rogues)along with sites that try to goad users into downloading a codec file to view a particular video clip. Nine times out of ten, the user gets infected with Zlob\SmithFraud infections or goodness knows what else is lurking. [Read Discuss Here]

New Rogues & Fake Codec Sites

Three new anti-spyware rogues and two more fake codec sites appear for the week, guess the malware scumbags were busy getting ready for a holiday push. [Read|Discuss Here]

PC Butts: Liar Extraordinaire

PCButts, Internet thief, liar and overall scumbag has now laid claim that he is an MS MVP. On the SiteAdvisor review page he claims he is and has been for 4 years. I think not. [ReadDiscuss Here]

Spam & Phish On The Menu Today

Well today has brought a few very interesting reads about spam\phish. One on how it's not going away, one about a new start up that wants to charge for access to your email account and another about a phishing group which may be responsible for nearly one third of all phish messages sent. Read and Discuss Here

MS Updates Available Now!

MS has readied a few critical updates for the month of December, go and get yours!! See Here

Phishers Ratchet Up Spoof Sites

Phishers use machine gun method to hit-and-run victims with record number of spoofed domains. Read and Discuss Here

MessPlus!: Adware As Usual

Prompted by a comment on her blog by a Patchou troll, Sandi Hardmeier, noted MS MVP gives Mess Plus! another scathing review.
Read and Discuss Here

Zango, PG, MySpace & My First Article

Well it was yet another Paperghost\Zango bust fest. PG finds a profile on MySpace using an exploit which leads to a Zango site pushing Zango content vids. And of course you need to view the vids with the ever present Zango crapware. This stuff is almost as bad as the
codecs I wrote about last week. Read and Discuss Here

This week was my first article to appear in the Dave's Computing Tips newsletter. Check The Forum

And we broke the record for the most ever users online too. Read and Discuss

No, you DON'T Need To Download That Codec!!

Codecs are all the rage these days with malware writers. They trick users into downloading them to watch content on a website. Then you get some nice adware bundles, the most popular seem to be of the Zlob\SmithFraud variant. Rest assured tho, they will also have some other fun stuff included. Read More and Discuss Here

MySpace + Fake Profile = Zlob\SmithFraud

Well Paperghost and the team at SpywareGuide have stumbled upon a scam on MySpace to infect users with a variant of Zlob\SmithFraud. Nice. MySpace users beware of any profiles wanting you to download anything to view something. Read and Discuss Here

Zango 1-2 Punched by 'Zealots'!!

Two great anti-spyware legends, Ben Edelman and Eric Howes team up to show proof that Zango has not lived up to their recent agreement with the FTC. Go figure.

And to think Zango has always been so candid and honest in all their other dealings when caught using less than ethical tactics. NOT!!

Read More & Discuss Here

In Forums

We have a couple of interesting threads in the forum. One about the latest trend by malware authors to get users to malware sites. Look for this to take off.

Another shows a Flickr slide show put together by Sunbelt Software of all the fake security warnings generated by a ton of rogue anti-spyware apps. Read more about both the aforementioned in the Countermeasures News Forum

Over in the Phishing and Spam Forum forum see what could happen when you open an E-Card and it's packed full of nasties.

PCButts, aka Internet Scumbag Thief Strikes Again

Well this time the target of Mr. Buttwipe is yet another security tool, created by an MS MVP. And of course he got caught due to his own stupidity.

Gotta love it when morons try to take credit for something and screw up. Read More Here

Gromozon Authors Acknowledge Prevx By Trickery

It seems the Gromozon authors are a little annoyed at the good folks over at Prevx. They have now coded their Gromozon malware with a false claim that the developers at Prevx, are the authors of the infectious code, instead of the ones who have created a tool to remove it. Read More Here

Zango & SiteAdvisor In The News

Some new items in the Countermeasures forum today:

• Zango poll & news


• SiteAdvisor Plus Released

Read More Here

FTC Nails Zango Scumbags For 3 Ml

The FTC has finally gotten those scumbags at Zango\180Solutions to 'admit' they are lowlife scumbags, and used less than ethical means of delivering their software. Of course paying 3 million dollars and stopping delivery of the software, in their eyes is no admission of guilt, now is it?? ROCK ON FTC!! Read More Here

WinPatrol PLUS 30 Day Trial

BillP, creator of WinPatrol has decided to offer his users, or any users for that matter a trial version of their PLUS version. This is an excellent time to see just how well the program works and for a one time fee, you can't beat it. Read More Here

One Site + Three Minutes = System Destroyed

Well this past weekend I got my test box in a heap 'o trouble! In a very small amount of time, less than five minutes, about maybe three, my system got decimated and a reformat was the only option.

Keep your systems patched, security defense installed and do your best to keep on safe sites kids, it's a nasty place out there on the Net.
Read More Here

IE7 + XP Repair Update

In my previous blog about IE7 I pointed to info indicating that users who had to for whatever reason make a repair to XP would wind up with a broken IE.

It turns out, that this has allegedly been fixed in the IE7 FR version. My source, another MS MVP had been informed of the fix but due to NDA restrictions I can not share any 'official' info about it. But the IE team still recommends users uninstall IE7 before making any repairs.

And that leaves me to think that perhaps it's not quite repaired. At the very least the KB article should be updated.

IE7 + Win XP Repair = Busted IE!!??

Well it would seem that if you were one of the 3 million plus users who installed IE7, you better hope you don't have to repair XP. If you do and don't uninstall IE7 first, boy are you in for a surprise! How the hell did they overlook this? Read More Here

Latest Threats Update

There have been several new variants added to some of the more pervasive infections in recent weeks. And a new international player is in the mix as well. SmithFraud, Vundo, HackerDefender and Chinese infections...OH MY!! Read More Here

IE 7 Final Release Available & Fake IE 7 DL Site

Final release for IE 7 from Microsoft available.
Read More Here

Fake IE DL site being spread. Installs trojan instead.
Read More Here

Forum Accesss Down.......AGAIN!! Grrrr......

Well it seems my hosting company is yet again having problems with forum access.

Apologies to all, guess I'll be looking for a new hosting company come 2007. This is getting ridiculous.

AVG\Ewido Anti-Spyware False\Positives, Except They Are Not!!

It seems there is some new malware out that is corrupting legit files. Users who scan with Ewido may be presented with findings which appear to be false\positives, but they are not. Read More Here

Update Your OS Today, But Be Patient

Microsoft released a record number of patches today, 26 to be exact. But it appears that with so many being released, that Windows Update sites are not delivering everything. So be patient, and go back later in the day or the next. Read More Here

Adware Pusher MVP Award Revoked By MS

Adware pusher MVP Award revoked after MS confirms connection to LOP. Read More Here

VirusBurst: New Infector Files

Two new infection files found by Bleeping computer:

C:\WINDOWS\System32\tazth.dll
C:\WINDOWS\system32\dpfwu.dll
C:\WINDOWS\System32\ficqv.dll
Read More Here

Site Access Problems Persist

Sorry to say my hosting company is still having troubles with my domain. I apologize for these problems and hope they can fix things on their end.

Access is still sporadic to both forum and site.

Adware Vendor Now MS MVP!!!???

Well in all their infinite wonder, Microsoft has elected to award a well known adware pusher to join the ranks of their MS MVP Awardees. Yeah, that's right, a guy who makes a program which installs LOP if the user isn't very careful what he's installing. Read More Here

PestCapture: New SmithFraudRogue

UPDATED w\Screen shot and file info

Latest SmithFraud infection making the rounds. It places a huge alert saying your infected, which cannot be resized or moved and is on top of all open applications.

So far Ewido finds it as SpySheriff, Ad-Aaware SE finds it as SpywareNo & AdwareSheriff. Spybot S&D does not detect it at all. Read More Here

WinPatrol v10.0.5.0 Beta Testing

BillP, developer of WinPatrol has a new build he'd like users to try. It is in beta phase and users should exercise caution if they are not used to the pitfalls of beta software. Read More Here

Site & Forum Update

Well nothing to talk about. No word from my hosting company since last nite.
Both site and forum are up, tho I'm not sure how consistent it's going to be. I still cant publish or update the main site tho.

Site & Forums Down

Well it seems my hosting company has been experiencing some glitches in their hardware\software in the last week. Well, actually more like the last 6 weeks give or take, off and on, mostly with the forum access tho.

At first I was unable to publish the main site, but the forums were there, tho sometimes sporadiclly. Now, as a result of trying some things they recommended I try in my C-Panel, both the site and forums are now offline.

Needless to say this is very frustrating and they have told me that they are working with the vendors to try and resolve the issue.

I'll keep posting updates here as things progress.

Sorry for any inconveniences this is causing any of you. With a little luck they will get things fixed quickly.

Tom\TeMerc

VirusBurst: New Infector Files

New variants of VirusBurst have yet again reared an ugly head. The two latest files:

C:\Windows\System32\httge.dll

C:\Windows\System32\ggagksr.dll
Read More Here

SurfSideKick Kissin Kousin: Deluxe Communications

I found the latest from the gang at SurfSideKick while VML trolling. The relationship is noticeable in more than one way. Bleeping Computing have a nice write up here and compares file names and paths.

You can read about what my experience with was here in our forums

Forums down for maintenance

UPDATE 2: Forums will have sporadic access until posted here as of 1030AM MST

UPDATED: Forum is now up as of 9:45AM MST

The forums are down due to some hosting maintenance. In the mean time, why don't you check out whats on the the main site. Seems like a perfect opportunity, doesn't it?

From there you can check out a bunch of my favorite blogs or some of the newsletters I link to.

MS Fixes IE Exploit Hole

MS releases out of cycle patch for most recent VML IE exploit. Read More Here

IE Exploit Beginning To Spread

IE exploit begins to stretch its legs as more reports come in about entire servers being hacked and more users getting infected. MS responds that they may just even patch out of cycle and then there is a third party patch out too. Read More Here

SmithFraud\Zlob Updates

Another variant was found this week to be added into the removal tools for those infected with SmithFraud\Zlob infections. These guys try hard, but the anti-malware gang stays pretty much on top of these, not likely users will get so heavily infected with this one. Read More Here

Two Exploits Found This Week For IE

Two exploits have been discovered out in the wild this week, making MS look pretty incompetent. The potential for 10,000 sites to be using this code is a real threat. Read here and here

Slightly OT:Email Address Collection via Chain Mails

Seems some spammers are finally doing what I thought was a regular thing, collecting email addresses via chain letters or jokes. One of my pet peeves is the ridiculous amount of email sent with 150 email addresses in the header. And it usually seems to be that AOL dipshits are the worst offenders. Read More Here

StopBadware.org & FunWeb Products

The people behind StopBadware.org seem to have a connection to FunWeb Products. I happened across this while reading the latest from BillP, Bits From Bill whom for those not in the know, is the developer behind WinPatrol.

While investigating the description of an application in the WinPatrol PLUS database he found that one of the board members of the company behind FunWeb, IAC Interactive is also behind the Berkeley
Center For Internet & Society at Harvard Law School. And they just happen to be the primary backers of StopBadware.org.

Interesting to say the least. FunWeb's rep is less than stellar, tho not nearly as bad as other adware bundled types of apps.
Read More Here

Zango Dismissal: Requested by Plaintiffs

The other day I mentioned that a lawsuit against Zango had been dismissed. Sad news all around, except for the asshats at Zango. They proclaimed:

"We have maintained from its inception that this case had no merit. The dismissal vindicates that position," said Ken McGraw, Zango's general counsel in the statement. "[This] serves to confirm that Zango's desktop advertising software is not spyware in any shape or form and that our business model is entirely legitimate," he added.

But the truth of the matter was, the lawyers for the plaintiffs requested the suit be dropped!! Yeah thats right. The merits of the case itself were not in question, but rather the case could not stand up to the qualifications to become a class-action lawsuit. The lawyers at The Collins Law Firm are anxious to talk to any other litigants to move forward and begin action again.

Read More Here

PCBUTTS: Internet Software Thief?

This person has for the last year or so has been laying claim to several pieces of software which are used to fight malware. To just name a few:
SmithRem-Used against many of the SmithFraud\Zlob infections.

NailFix- Used against Aurora\Nail infections.

RogueFix- Used against some variants of SmithFraud

There are others as well. Some of these people he has allegedly ripped off are Microsoft MVPs.

When confronted he slanders his accusers, calls them vile names and is overall not someone who you would trust. He changes his Whois info and tries to hide his identity. He even began to offer help to users via email to avoid any detection by the security community.

Some of the originators of these scripts are contemplating legal action. But we all know how well that works on the Net.

The only other recourse is to try and shame him into doing the right thing. But based on comments found via a Google search for pcbutts it's an unlikely thing he will because it appears the right thing just isn't in his genetic make up.

But you can do the right thing, by spreading the word about this person. You can also do your part by complaining to the ISP hosting his site at:

Mr. Scott Knowles
Interland Shared Abuse Department Interland, Inc.
303 Peachtree Center Avenue, Suite 500
Atlanta, GA 30303
voice: 404-260-2477, opt 9 (ext 5260)
abuse@interland.com

Sites to seek assistance with your malware problems can be located in a collection of links located on the ASAP directory.

WinPatrol PLUS Info Free For September

BillP lets all users of WinPatrol access PLUS Info for September.

Read More Here

Gromozon Rootkit Removal Tool

The group over at Prevx have made a stand alone removal tool for this nasty bit of work. You can find it at here at Prevx

SmithFraud Rogue: VirusBurst

The latest rogue makes no obvious effort to appear to be much different than many of the other rogues. We need to be thankful these guys have a limited resource in their imaginations. Read More Here

SiteAdvisor Glitches

It would seem that McAfee SiteAdvisor has developed a bit of a hiccup with it's ratings system, or, perhaps their crawler has a bug in it.

Many of the well known anti-malware forums have been red-flagged in the last few days. Sites like Tom Coyote, CEXX and Ad-Aware Support forum.

These are obvious mistakes in the system somewhere. The SiteAdvisor group has been made aware of these mistakes and are taking action to correct them. It just won't be as fast as we would like.

I am rated as an 'Experienced Reviewer' and as such, my comments carry a little bit of weight in the ratings of sites. If you're aware of a site which needs some corrective commentary, be they good sites flagged as bad or visa versa, let me know and I'll work my mojo magic on them.

UPDATE: SiteAdvisor is attempting to whitelist these types of security forums and correct the problem.

Gromozon Rootkit: Mutha Of Rootkits

Malware writers have out done themselves with this one. Variable DLs, dependant on browser. Hourly changes of said files from DL sites.

Rootkit detection tools don't detect in many cases. Fried test machines when researchers attempt analysis.

Oh and did I say there isn't really any fix for it yet? Well there is one, but it's not for the faint of heart or the technically challenged either.
Read More Here

Dircect Revenue Scumbags Get Off Light

The scumbags at Direct Revenue get off lightly as a suit brought by the state of California gives very little if any real punishment.
That's truly a major disappointment. These lowlifes needed to be crushed. Read More Here

New SmithFraud\Zlob Variant: VirusRescue

Yet another SmithFraud\Zlob variant has hit the streets.

They call this one VirusRescue. But rest assured the only thing that will be needing rescuing will be your sanity as you come to find, after being duped into purchasing this POS that your system is running ragged and you have al sorts of pop ups.

And the scumbags who created this thing then tried to post into a fellow security advisor's forum and defend the app.

Mistake. BIG mistake. HUGE even.

Then people like PG and Moore from Bluetack get their engines revved up and carnage ensues. Not to mention the kick ass reply from Security Cadets. But it's the good kind of carnage, the kind where the bad guys get their asses whooped.

Read More Here

QuickLinks Updates

Well it's been a few weeks and I have neglected this blog, sorry about that, here are some quick links to get you caught up.

New Zlob\SmithFraud Variant: VirusRescue

August Patch Causing IE Crashes

Webroot State Of Spyware Report

Another Zango-Porn Connection?

CDT Report On Affiliate Adware Game

Zango Busted Advising MySpace Affiliates

Rogue\Suspect Anti-Spyware Updates

The Skinny On Warner Bros, Zango & Porn

Well it seems an article posted on digg incorrectly stated some facts in the relationship with Zango and porn. As it turns out (if you followed this, you're aware), Zango was not distributing porn but their association with YapBrowser certainly didn't help matters. Paperghost gives the lowdown on the facts.

Read More Here

Warner Bros. Drop Zango Over Porn

Well hot on the heels of Zango being exposed for advising affiliates on how to insert their software onto MySpace, comes great news!!

Warner Bros. is dumping Zango as an adware vendor!!

Read More Here

Zango:Busted Advising Affiliates On MySpace

Another chapter, this the latest in a series of amazing articles chronicling just how Zango pushes their software on MySpace.

But this time we have a confirmed, (by Zango)legit email to one of thier affiliates on how to proceed and suggestions on how much to pay and how to link to other Zango sites. Things like moving gifs because according to the email, 'people love that sh*t". And also mentioning adding in a karate guy doing flips, because it turns out that it's 'wayyyy more profitable'

Here is a snippet from the email:
"Zango is fairly new with MySpace sites and it took me some time to see what works and what doesn't." "Put one of our videos on to your MySpace profiles and all of your friends will see it" ...more profitably, *go to a bunch of your friends* who have popular profiles and pay them (it's up to you so much. One of my partners said 5$..maybe offer to split the money with them?) to put a Zango video into their profile through your site. This will give you hundreds of extra installs a day (this probably works even better than having them on your actual site).

So for all the posturing Zango has been doing you can only imagine how much this is going to twist the Zango PR guys shorts. And I bet he thought he was going to have the weekend off too.

Guess again scum, because if there is one thing we all know is that Paperghost never takes time off. And is always honing his killer moves against adware bad guys.

Full read w\links @ VitalSecurity

QuickLink Updates

Got a few things happening last day or so:
Bots Invade MySpace
F-Secure Finds Exploits At Social Engineering Sites

Recent Testbox Infestation & Clean Up

Zango Bait & Switch

Zango once again gets capped in another drive-by 'zealot' attack. At least they would lead you to believe it's some sort of vendetta.

Anyone with half a brain could see right through all their excuses and double speak. Read More Here

New Version WinPatrol v10.0.3 [July 21]

BillP continues to improve upon Scotty's abilities to ensure users are safe, offering another version with some bug fixes and a requested feature. Read More Here

Zango + Teen Site = Pr0n

Well it seems that once again, Zango, our favorite provider of adware found in some amazingly perverse content, has been exposed by Paperghost.

They really should just add him to the payroll, he does more to regulate their affiliates that the guy who is supposed to be doing it for them. Read More Here

New Rogue? ProtectionBar

Looks like this app is one in the same as the others in the SmithFraud family. Panda claims to have found it. Read More Here

Another Adware Vendor Using MySpace

Still yet another case of an adware company using MySpace to spread its bundles of 'joy'. This is the second company in two weeks caught doing this. Lets hope MySpace gets on the ball and tries to do something about it. Until then, MySpace users beware.

Read More Here

More Zango & MySpace Shenanigans

Well after getting some negative press back in May, the newly formed but still-doing-business-as-usual 180Solutions-cum Zango is once again duping users on MySpace.

See, you really can't change the spots on a leopard. Or is that the stripes on a zebra? Regardless, read more here

New Rogue: SpyHeal

This rogue is very new and so far no users have claimed to be infected by it, but give it time, they will begin to popup by weekends end I'm sure. I even took the time to add a comment as a reviewer of the app for SiteAdvisor. Read More Here

Infection Removal Tools Updated

Several specialty tools were updated today with new
variants and better scanning and fixing:

• SmithFraud


• Vundo


• Haxdoor (This fix is too complicated for posting, advise to post in HijackThis! forum )
  Read More Here

CEXX Forums Return To The Fight

I am returning to a forum where I originally began my interest in helping others remove malware. They had been over run with spammers and all but abandoned. CEXX forums is now undergoing a revival. Read More Here

Malware Posing As MS WGA File

Malware writers craft fake files imitating MS WGA to trick users and load a bundle of junk wares. MS MVPs are franticly gathering info to spread the word and submitting files to malware vendors to be added to databases. Read More Here

New Version WinPatrol v10 Free

WinPatrol keeps on improving and delivering one of the best system monitoring applications on the Net. PLUS users get even greater control over any system changes and can find out when files were created, monitor hidden files and more!! Read More Here

Webhelper Back With A Vengance

Well, it didn't take Patrick long, but he's up with a
new Net address:
http://www.webhelper4u.net/

And he now has a page devoted to all of DollarRevenue's Net activities to expose them even more for the lowlife scumbags they are.
DollarRevenue Activity Page

New Rogue: Adwarefinder (or Adware Finder)

Latest rogue shows not much in way of creativity, just claims that it destroys spyware but with it's affiliation with known bundlers of malware, it's highly unlike to do much of anything useful.
Read More Here

New Vundo Variant, Tool Updated

The latest variant sometimes carries a rootkit in it, but the tool seems to catch the ones that do not. This new variant also hides when using HijackThis, so users need to rename the tool to trick the malware. Read More Here

Related Link

MS, WGA & You

Lots of talk about the latest from MS, their Windows Genuine Advantage and its notification tool. Most of the talk is about how to disable the notification tool.

We have a couple of threads in the forum, one here that talks about the many ways to do just that. And another one here which has links relating to the implementation of the tool over all. Don't forget to take the poll in the second link.

Related links:
How Windows Product Activation Works

Special Fix Thread In Forum

I have a new thread in the forums dedicated to specific infections and fixes for those infections. Users should use caution when applying these fixes and take note that machines may still have other infections after the specific fix is used. Read More Here

Webhelper Under Attack

Webhelper's site has been under attack since the 16 of June by DollarRevenue. It seems that after being blogged about here and here they got a little pissed off and decided to attack him!! Read More Here

New SmithFraud Variants Found

Three new variants of SpywareQuake were found the last 24-36 hours. And both SmithFraudFix and SmithRem have been updated and deal with all three, including BHOs and CLSIDs. Way to go guys!!

New files:

oybgrql.dll
yvvdj.dll
xuefh.dll
SmithFraud Updates in forum.

SmithFraud Updates

Two SmithFraud variants found recently, fix tools updated and working so well that this infection has come down to running two steps to remove it.

Kudos to the experts who craft these tools to fight off the scumbags who create them. New variants have been found almost on a weekly basis and the tools are updated within 24 hours in most cases. Read more about SmithFraud Infection Family Here

Latest Rogue: Titan Shield

A new rogue has been uncovered in the last 24 hours or so: Titan Shield. It is part of the SmithFraud rogue family and many of it's files have already been added for removal by the SmithFraudFix tool by Siri

Read More Here

New Version WinPatrolPLUS v10

New version sneak peek of WinPatrol for PLUS users only, some neat new features, a must have for all. Read More Here

SmithFraud Removal Tool Updated

Noahadfear, noted MS MVP has returned to the malware fight and updated his SmithRem tool. Read More Here

Update To Forum Problems

Well it appears as tho the hosting company has temporarily fixed the problem, which turned out to be a router failure. Keep an eye here for any other updates.

Site & Forums Down

Well it seems my hosting company is having some troubles with our IP blocks 'not being announced to our upstream providers'. Read More Here

Sorry for any inconveniences, hopefully we will be back
up soon.