republican-creole
Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Beware these "fake" antispyware programs
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Startup security for "always-on" connection. »
« ALS scam  
AuthorAll Replies


Name Game
Premium
join:2002-07-07
North Myrtle Beach, SC

reply to CalamityJane
Re: Beware these "fake" antispyware programs

See also..
Rouge Antispyware Spotting

»www.f-secure.com/weblog/archives···380.html

>>

Video - Rogue Spotting Posted by Sean @ 10:47 GMT |

Better Living thru Search Engines

In July of 2006 we did some searching for potentially unwanted applications; recycled or repackaged applications that were of dubious value. Affiliate marketing is used to promote sales and unfortunately such systems often provide economic incentives to cheat.

Those earlier search results contain some links to known rogue antispyware sites, but in general it's mostly harmless optimization software. (The real value of which is unknown to us.) Interestingly, since 2006 there are now many French, Spanish, Italian, and German localizations in the results. Everything is localized except the Privacy Policy text we searched for.

Now to the present — being less interested in PUAs and more interested in known bad Rogues, we tried a few different searches last week.

Starting with a new Rogue (VirusHeat, circa Feb. 8th) we used this text from the affiliate page:

Being associated with one of the most known innovative software solutions developer
whose mission is to protect the privacy and security of Windows computer users.

The Google search results produced a number of known bad guys. Many of the search links are blocked by StopBadware.org.

Click the image below for an example of the recycling (animated GIF). Attack of the Clones:
»www.f-secure.com/weblog/archives···hots.gif

This Rogue list included applications that we've seen elsewhere. Where?

On a list of applications hosted by the Russian Business Network.

RBN is an infamous underground ISP that provides bulletproof hosting. The site www.antispyzone.com isn't among the results and the URL doesn't currently resolve (server not found). However, using the site's last known IP address from a list of RBN associated IP Addresses, we located the page.

It uses the very same text on its affiliate page. They're all bad Rogues…

You don't want to buy what they're selling.

--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kids »www.missingkids.com/
to forum · permalink · · 2008-02-16 11:52:42 · Reply to this
Forums » Up and Running » Security » SecurityStartup security for "always-on" connection. »
« ALS scam  

Sunday, 06-Dec 01:12:06 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.republican-creole
page compression OFF
Most commented news this week
· [163] Comcast Releasing Promised Usage Meter
· [147] Avast Antivirus Has Gone Mad
· [128] Comcast Makes NBC Universal Acquisition Official
· [122] The Bandwidth Hog Does Not Exist
· [105] Graduate Student Unveils Sprint's GPS Sharing With Feds
· [101] Google Invades ISP, OpenDNS Turf With Google Public DNS
· [85] FCC Ponders Moving From PSTN To IP Voice
· [82] Latest Consumer Reports Survey Not Kind To AT&T
· [80] New Bill Aims To Limit ETFs
· [75] Sprint Defuses GPS Privacy Media Bomb
Most people now reading
· False positive in Avast! or is it real? [Security]
· Wife might have to work in.... Iowa for a few months!!! [General Questions]
· Connecting to Google Voice Via SIP [VOIP Tech Chat]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· How fast is your upstream internet connection? [General Questions]
· [Newsgroups] Newzleech down? [Filesharing Software]
· [How to] Install Asterisk on an Asus WL-520GU router [VOIP Tech Chat]
· Windows 7 boot manager editing questions [Microsoft Help]
· Using AirMax to provide triple play services? [Wireless Service Providers]
· Farewell [Bell Canada]