Blog

Archive for the ‘News’ Category

CLSID List surpasses 60,000 entries

Sunday, April 5th, 2009 | News | No Comments

This weekend, the CLSID List (now hosted over at SystemLookup) surpassed 60,000 entries.

The CLSID List was originally started by Tony Klein as the BHO List, to catalog good and bad Internet Explorer Browser Helper Objects (BHOs). Over the years and across many different homes, it has expanded in scope to cover Toolbars, URLSearchHooks, and Explorer Bars, and has cemented its place as a truly invaluable resource to the online anti-malware community.

(Have you ever asked for malware-removal help at one of the many different HijackThis Log analysis forums? Your helper(s) likely used the list to help you out.)

A huge congratulations goes out to Tony Klein, miekiemoes, and all of the other contributors (and everyone who has submitted unknown items for investigation) for passing 60k! 🙂

Tags: ,

Google glitch – “This site may harm your computer.”

Saturday, January 31st, 2009 | News, Security | 2 Comments

Click for full size

Click for full size

Earlier today, Google experienced a rather significant glitch: All search results showed the “This site may harm your computer.” warning.

Normally this warning does a decent job of highlighting common, major sources of malware (and other unwanted things). Google reasonably disables potentially harmful links, and redirects to an intermediary page that (a) provides more information, and (b) requires you to copy + paste the address if you want to continue. It’s not perfect, but it’s another decent layer. So normally: if you see this warning you should pay attention.

For quite some time this morning, though, Google search was basically broken. The warning mistakenly showed up for all sites – which disabled clicking through to search results, cached copies of the pages, and essentially all of the usefulness of the search.

Google has since fixed the problem, but a screenshot is provided above for posterity.

UPDATE: It seems there is a lot of confusion about this on the Internet. To clarify:

The glitch was not caused by an infection on your computer. The problem was on Google’s end, and affected (seemingly) everyone.

If you are still seeing search results pages with all of the links marked as potentially harmful, try clearing your browser’s cache and refreshing the page.

Tags: ,

A fond farewell to our friends at CastleCops

Sunday, January 4th, 2009 | News | 2 Comments

As you may have heard, CastleCops.com closed down on December 23.

Attempts to visit any page on the site are redirect to a brief message:

You have arrived at the CastleCops website, which is currently offline. It has been our pleasure to investigate online crime and volunteer with our virtual family to assist with your computer needs and make the Internet a safer place. Unfortunately, all things come to an end. Keep up the good fight folks, for the spirit of this community lies within each of us. We are empowered to improve the safety and security of the Internet in our own way. Let us feel blessed for the impact we made and the relationships created.

Some people may not know how tirelessly Paul, Robin (his wife), and numerous volunteers worked on the site, for the benefit of the Internet community. They provided invaluable resources, help, and (in recent years) tools to take up the fight against phishers and the other scum of the Internet. And for everything it was, it was a success.

So while it’s a sad to see such a great resource go down, I’m grateful for everything they were able to accomplish. The Internet is a better place today because of CastleCops, and those who helped make it what it was.

I am happy, however, to note that not all of the resources that CastleCops provided have been lost to the ether.

A few months ago, we offered assistance to Tony Klein and all of the other “malware list” creators, editors and maintainers should it be needed. The fruits of that labor are SystemLookup.com, the new home for the malware lists formerly hosted on CastleCops. Everything is there – the CLSID list, Startups, and the O9, O10, O16, O18, O20, O21, O22, O23 lists. We’ve even added some new lists (ShellExecuteHooks), with more likely to arrive soon. All of the lists are maintained around the clock by a top-notch team of some of the best in the Internet community.

In addition, many others who worked tirelessly to contribute to CastleCops have continued their missions on other sites and forums. A fitting tribute, perhaps, that even if CastleCops has not lasted to fight the scum of the Internet, those who it helped inspire may.

Tags: , ,