Miscellaneous: April 2006 Archives

While Googling for downloading Hijackthis, i spotted a link from Google's Adsense program. Check out the following screenshot:

Click Image to enlarge

(Note the Red X is part of the SiteAdvisor program which can help users spot sites that use deceptive practices and is only displayed if you using the program.)

In above screenshot clicking the link ?HijackThis Free download? opens a site http://hijack-thisnet/. Naturally curiosity compelled me to dig deeper into this site and also I wanted to know what Merijn, the original creator of HJT had to about this site? It appears it struck his radar a long time ago and was not pleased the name of his product was being used to push other commercial products.

He states from http://www.merijn.org/

" April 22, 2005:
Just a short note on the domain HIJACK-THIS.NET: this is not mine! It has been registered by an affiliate of XoftSpy (who are also on the Rogue Antispyware List on SpywareWarrior.com) and they are luring people into downloading their software believing it is HijackThis. Also, they have registered a few AdWords at Google leading to the same result. We'll see where this goes. In the meantime, if you want to download any of my programs, the official domain is and always will be www.merijn.org."

UPDATE: April 29, 2005:
I just received word from Paretologic (the ownsers XoftSpy) that the affiliate responsible for the page has been terminated and the site will be taken down. That's one down, one to go. :) "

Let's dig into this mystery...


I am pleased to announce that two members of the FSL research team received Microsoft Security MVP Awards this year. Namely Wayne Porter, Sr. Director of Greynets Research and Chris Boyd, Director of Malware Research. This is my first time to receive this honor but this is the second year running for the indefatigable Chris Boyd, a.k.a. PaperGhost.

The Microsoft Most Valuable Professional (MVP) Award is an annual award that is given to outstanding members of Microsoft's peer-to-peer communities, and is based on the past year's contributions those members make in those communities online and offline.

You can learn more about the awards at the Microsoft MVP FAQ or check out the official MSFT MVP site.

A little history and color about the awards from Wikipedia:

The Microsoft Most Valuable Professional (MVP) Program is an award and recognition program run by Microsoft. Microsoft MVPs are volunteers who have been awarded for providing technical expertise towards communities supporting Microsoft products or technologies. An MVP is awarded for contributions over the past year.

The MVP program grew out of the developer community: rumor has it the initials stood for "Most Valuable Professional", as the initial MVPs were drawn from the online peer support communities such as Usenet and CompuServe. It has since grown to include other types of products, and other avenues of contribution.

A posting from Tamar Granor on the Universal Thread web site gives this account of the origin of the MVP program.

"Way back in the dark ages, Microsoft provided a great deal of technical support on CompuServe. The CompuServe FoxPro forum was extremely busy and Calvin Hsia, then an independent developer, now Developer Lead on the Fox team, created what we called "Calvin's List." It was a listing of the number of postings by person, including info on both messages sent and received. Being in the top 10 on Calvin's List any month was an accomplishment, though we discussed whether it was a good thing or a bad thing. "

As the story goes, some of the Microsoft people jumped on Calvin's List as a way to identify high contributors, and thus was born the MVP program.

Level: Advanced

While conducting log analysis around a new web application we have been developing the ever vigilant Obijan
noticed what appears to be an individual using automated tools to probe the application
in several nefarious ways. We can also assume that they are running the same styles of attack
on all forms sitewide.

Ever wonder what the inside of part of an anti-spyware lab might look like? What actual researchers do? This short segment aired on WSAZ, an MSNBC affiliate profiling our Huntington, West Virginia research team.

Click The Photo for Footage

But there's more coming up! Check out the teaser piece on the scoop with this two-part Podcast Chris Boyd and I delivered to Jeff Molander profiling what we see in the trenches of the Internet and information on our team's latest bust. I think it will truly "shock and awe" some listeners. Check out Spyware Warriors and the Digital Underground Teaser [mp3 format]


About this Archive

This page is a archive of entries in the Miscellaneous category from April 2006.

Miscellaneous: March 2006 is the previous archive.

Miscellaneous: May 2006 is the next archive.

Find recent content on the main index or look in the archives to find all content.