wildersecurity.net??

[wyrmrider]

just a couple of paronid questions

what is wildersecurity.net? my ie blocks it
in ie
why does google point me there as a first choice if I mistype wildersecurity?
(it does say "did you mean wilderssecurity"
if I use "I'm feeling lucky" I get blocked as restricted web site

in firefox default search
I get taken to:
apps5.oingo.com (I get connection refused message in center of screen)
I was getting
misspelling "wildersecurity" (missing s) gave this (repeatable)
hxxp://apps5.oingo.com/apps/domainpark/domainpark.cgi?s=www.wildersecurity.net&client=DEVEPDOC
then a phoney search page

or dp.information.com

hear's another example which to me has security and privacy concerns besides the obvious trademark and unfair competition aspects
I have heard from team spybot and I hope they track this down
but I need to get to someone up at google any ideas?

xposted previously


HI
I was in MOZILLA FIREFOX and was going to run house call
http://housecall.trendmicro.com/housecall/install.html
but I forgot that I run housecall under ie and trend wanted to iiinstall the Netscape version
SO I cleared the address bar
and
typed in wwwi.spywareinfoforum.com <cr>
very light message appeared in center of screen

"spybot search and destroy bla bla bla
3-4 lines of txt

I tried to capture by highlighting and ctrl c ctrl v to notepad
gave
http://housecall.trendmicro.com/housecall/install.html

above the very light message was a "TO CONTINUE CLICK HERE"
then it transferred to (without clicking)
to
http://www.spykiller.com/index.asp?Ref=2853

telleng me I had spyware detected on my computer

yes and we know who it is (or do we)

I think this is not related to spybot S&D or to spywareinfo but is
related to

DESPERATE - Please Help, I've tried - can't get rid of it by catwilliams
search by wyrmrider (because I posted to this thread) gave me
http://www.spywareinfoforum.com/inde...22&hl=wyrmride

there are also many different threads on the ad-aware forums including mine
(they are responding as if this is a problem with their help site, which is a symptom not the cause))

I HAVE NOT SEEN AN ANSWER TO THIS and have been looking all of JULY

thanks
wyrmrider

somebody sharper than I needs to pull all this together


end of xpost

any insights

wyrmrider

there are some interesting scripts at
http://boards.cexx.org/viewtopic.php?p=40672#40672
which were responded to by metallica
but I do not think this thread shows the current behaviour

Is it possible that someone has hacked google?
or left a backdoor into adsense (oingo)
or got a pirate copy of hte old oingo search engine?
just using oingo's name to throw us off the track?

anything that can run scrpt or aplets scares the heck out of me

and thanks for listening

wyrmrider

[LowWaterMark]

The bad guys out there have been registering common misspellings of popular URLs for years in hopes that they can get traffic from people's typing mistakes. There isn't anything that the owners of the real sites can do unless they choose to register every possible misspelling themselves as a form of protection. (Some companies do exactly that, and register every name they can that is even close to their main URL.)

In this case, you type "wildersecurity" in Google so it scans the list of possible matches, and since it has some wildersecurity.net references it provides that as a search result. It makes no judgement as to whether a site is good or bad, and it can not know that you intended one versus the other. However, as you pointed out it also gives you the "did you mean?" option just above the first search result.

If you mistype some really popular and large website names, you might be in for quite an eye full based on where you end up.

[wyrmrider]

I'm comfortable with that part
it's the switch to dp.information.com or
apps5.oingo.com
and others that gets me
the placing of tracking cookies
the running os scripts and aplets

it looks to me that on some of these misspellings that a search engins starts up
it trys to match your query with it's database
then it servs up a site tailored to your query
which appear to be pay per hit sites

the switch to SPYKILLER is an example

of course oingo is OWNED now by google and is adsense in the real world
but these are not adsense responses or normal "i'm feeling lucky" responses

the ad-aware forum is burried under "OINGO" as the, let's call it a response,
poped up when their help site was down giving a search error
I think this thing is triggered by a search error and not just by domaine names


wyrmrider

ps
should I post up that hotmail tracking privacy tracking thing and if so where
(or has it been covered elsewhere??)

thanks
wyrmrider