sleazydream
 

new spyware stealing traffic

i just noticed that my host file had altered

127.0.0.1 localhost
209.8.166.99 sleazy.ath.cx
209.8.166.99 hornylist.ath.cx
209.8.166.99 www.pichunter.com
209.8.166.99 www.cowlist.com
209.8.166.99 www.searchv.com
209.8.166.99 www.sleazydream.com
209.8.166.99 mmm100.com


645238813 auto.search.msn.com


when i type one of the above domains im going to
http://www.porno-dream.com/

i have all updates of w2k and it's the first time i have host file altered.


http://www.porno-dream.com/ :321GFY

same format as sexocean - interesting.........

Slezydream.com does the same thing for me.. How do I get rid of it?

That was quick. Three minutes.

delete them in the host file

check the whois on both sites, first thing I did. the nameservers are the same. Plus the site looks like his format

Im running win2k, how do i get to the host file?

windows/system32/drivers/etc/hosts

edit
thats works for me on xp not sure for win2k

ut oh

https://www.domaindirect.com/whois_l...n=sexocean.com

https://www.domaindirect.com/whois_l...orno-dream.com

and same trading script

tt - the only cookieless traffic trading script, ttcj at longmechies.com, v.2.09.30 AKA 'polle mud'

anyone want to own sexocean - false whois info there.


someone here must know how to fuck that cheating BASTARD ROYALLY royally for FALSE whois info......

look at the ips of the site too

63.317.31.21 ocean

63.317.31.14 porno-dream

ive had a few sites shut down for wrong whois info.. just go to icann.org and send them an email.. sometimes it takes time.. but they will get around to locking the domain

I'm talking to my lawyer tomorrow and I think I'm going to start suing people.

I'll try and get to sexocean asshole but if not I'll have his host shut down, and sue any sponser that ever pays him a dime.

soul rebel, can you icq me please.

105713197

i have an idea - I have trademark on my url - since they have already done this I'm going to make a plea to ican and other relevant bodies to have their URLs transfered over to me.

Just contact his registar, most of them will take the domain away.

Good find SoulRebel.

I don't trade with sexocean, but i'm sure most of the bigger sites that do, would love to see this thread. Well, i guess this finally proves sexocean is indeed a cheater. Then again, it depends on the level of proof that's need.

If he's doing this, i can only wonder what else he's currently doing or done in the past to cheat out traffic from webmasters.

Damn. That's nuts.

lets say this guy has people download sofware and on terms and conditions he mentions he will change the host file can you sue him then?

thanks Mike, i just clicked by accident Sleazydreams link on his profile and i was redirected there. I know you can achive this by changing the host file of windows. This is done by many spywares.

Sleazydream, i mailed you further info, when i messaged you on icq you were offline.

Mna, I feel bad for your loss of traffic to that jerk off. But it sounds like something he would do. Some of the shit he pulls off on his surfers. It is one site you have to surf with 3 popup stoppers and your toe sitting on the powerbar. It makes me laugh when I think about his submission guidlines. Basicaly don't do anythign he WOULD do. Fuckign hilarious. He even puts dialers in there on purpose and blames webmasters for it. I won't get into too much detail about it. This fuck trades with and owns some pretty fucking sick sites too. Not to mention his traffic is SHIT. 100k hits, no sales on a gallery of mine he stole from pichunter.com but what would I expect with a site that gets it's traffic by immoral and really fucking entrapping means.

GO GET 'EM SLEAZY!!!!!

according to my lawyer -yes, i can. He does not have the legal right to ask permission to redirect my trademarked term.


trademark is a wonderful thing - much stronger than copywrite. and icann regurally revoked urls due to trademark issues.

This sucks, I get the same thing... I deleted my host file and that solved that problem... But now I get some small yellow popup search box on EVERY PORN site I visit.....

I've used all the updated spyware software and nothing gets rid of it. I dont know what surfers must be thinking these days.

time to sue some of these guys............. trademark is a wonderful thing.

Sleazy, as long as you keep using sextracker 1000's of people will get popups when going to your site cuz there's spyware that gets triggered by sextracker.

I already have it for months on IE, cant get rid of it. And believe me, im not the only one.

I posted about this a while back but you didnt read it i guess.

i'm speaking to them about sueing these popup guys as well. they have staff lawyers that can do this........

This is what I get when visited sleazydream.. And alot of other sites..


http://www.pipecrew.com/ads007.jpg

just think the amount of bookmarkers/new surfers being lost in shit like this.. usually people who crack their softwares are getting their host file changed among other shit like spywares

sleazy,your mail bounced back.....
here's more info:

henever someone was typeing sleazydream,mm100,cowlist,searchv etc it was getting redirected to the following IP:

209.8.166.99

now if you check http://209.8.166.99

you'll see it down


here's the source code of the page hosted at that IP that was redirecting me to porno-dream.com each time



Here's the counter stats
http://216.127.32.69/stats/general.p...SITE_ID=123654

I can't say that the owner of this IP owns the pornodream or not. Who ever owns this IP probably read this thread and took it off because the traffic going there stopped.

fucking bastards!



:ak47:

pipecrew - what's the url of that popup - I'll go after them as well

I trademarked the term "sleazy guido"

The popup is constantly changing, and they disable RIGHT CLICK, so i am not sure how to see the source of the page it is hosted on.... The latest one, just directed me to this dialer hell

Atleast, it has an account number in here... I dont advise you to click on it, inless you are fast with the mouse, but it does give you an indication of what your surfers are going through.... UGH.


http://install.xxxtoolbar.com/downlo...ount_id=131715

The search box that I get on 90% of sites, goes right to this site

http://www.clearsearch.net/cgi-bin/search/go.cgi

so obviously they are involved somehow and cant claim it was "an affiliate"

These guys are the one install spyware that pops when one visits sites with a sextracker counter.

http://traffic-money.com/

So I guess the best thing right now is to remove SexTracker counters?

I honestly wouldnt put it on my site, the amount of people that infected must be quit big.

Get another counter, why waste traffic for a counter.

<img src=http://traffic.alexa.com/graph?w=640&h=480&r=6m&u=porno-dream.com/&u=>

I'am glad you mentioned what was causing it, I had no idea.. I removed all my counters and sure enough, no more annoying popups for me or my surfers. So i am happy.

Good!

just spoke to sextracker, if someone can show us the software or url that instaled this spyware legal action will follow.

Ah shit, i really dont know how i got infected. Too bad, i want those fuckers to go down!

Scary thing is, if us Internet and Porn SAVY webmasters can get infected and not even know How or what caused it, then I cant imagine how many surfers are thinking we are infecting them with viruses and stuff.

I'm glad to see you Sleazydream when you do something like that. I had this popup too when the spyware was in my computer. Sometimes we can have like 3 popup when we go on your site. I removed the spyware with the new version of Adaware. Keep your good work Sleazy. :thumbsup

i checked my cache and all the adult sites of my history over the last few days and i didnt find anything :/

Another traffic stealer, only 1 of his many sites!

http://www.hostones.com/temp/hisearch.png


Registrant:
Host llc
39 Brighton 15 Street
Brooklyn, NY 11235
US

Registrar: DOTSTER
Domain Name: HI-SEARCH.COM
Created on: 12-AUG-03
Expires on: 12-AUG-04
Last Updated on: 12-AUG-03

Administrative, Technical Contact:
McConnell, Nick [email protected]
Host llc
39 Brighton 15 Street
Brooklyn, NY 11235
US
+1-702-104-64-36


Domain servers in listed order:
SERVER2.ZIHOST.COM
NS2.HOST-SYSTEM.COM



FALSE Whois Information of course !

I noticed that there is a lot of cheater gallery from this adress:
39 Brighton 15 Street
Brooklyn, NY 11235
US

But I don't remember the domains. I will try to find it

Just read this thread of me, everything is already in there: http://www.gofuckyourself.com/showth...hreadid=166965

Oh and these are some others about this topic:
http://www.gofuckyourself.com/showth...hreadid=166989

http://www.gofuckyourself.com/showth...hreadid=162166

http://gofuckyourself.com/showthread...hreadid=161928

It's very likely that his real name and address are:

Administrative Contact:
Frid, Konstantin [email protected]
KLODER
12-74 Neisvestnaya
Muhosransk, RU 127365
Russian Federation
+17025546466

z69.com I am pretty positive these are the people that were doing the sextracker exploit. I remember having problems were almost all adult sites were having pop-ups.

z69 is a Digital Rooster company http://finance.yahoo.com/q?s=DGRLF.OB&d=t

http://www.tps108.org is the software they were using at the time.

When I asked how to remove it they told me it was bundled with software that I had installed. Which is Bull shit.

this shit is fucked up, I get emails complaining about pop ups and redirects, this has been getting worse for about 9 months, or more,

i'm going to start filing with icann against urls and numbered ips that have any hint of my trademarked term in them. by the time I'm done I'll own a lot of urls